Server error, please try again later

Divinum Fiat

Divinum Fiat

Well-known member
Hi all,

For some unexplainable reason I got logged out of my forum and when I try logging back in I get the message "server error, please try again later."

The page is frozen at that error page and no matter what tabs I click, I can't move away from the error page.

Does anyone have an idea of what this could be related to (my other domains, that share the same server, are up and running fine)?
 
Sort by date Sort by votes
Blueprint4Love said:
Clickfinity, I pay just around $50 per month and all my other domains are hosted on this server too but this is the only forum I have.

Chris, yes, this is what usually happens with service providers. No one wants to take responsibility and everyone is pointing the finger at the others.
Click to expand...
Looking on the hostgator website, and the fact you said you are paying $50 a month, and have cpanel installed, they should be fully managing the VPS for you:
What does Fully Managed mean?
For our clients that decide to add a control panel (cPanel) to their Virtual Private Servers we offer fully managed support. Fully managed support means that we will handle just about any issue or configuration request you may have with your server outside of custom software/script installations (ex: ffmpeg+mplayer+mencoder). Some examples of things covered by our fully managed support may include but are not limited to:
  • Security audits.
  • Load problems or sluggishness.
  • Network related issues.
  • Failure of server to boot.
  • Hardware failures
  • Package installations via package manager (yum,rpm).
  • DNS Configuration
  • Troubleshooting script configurations and/or website errors.
  • Task automation.
  • Firewall setup & troubleshooting.
  • E-mail configuration.
  • Software upgrades & migrations. (php, mysql).
  • Custom apache configurations (mod_python, mod_ruby, mod_wsgi)*
  • Perl/PECL module/extension installations.
  • Backup configurations.
  • Google Apps setups.
  • And much more.
If you have a specific question or require clarification on something which is not listed here please contact us via telephone or live chat.
Click to expand...
 
Upvote 0 Downvote
Thank you for the props and heart talk. Needed that. No, I'm gonna give up.

Matt, will send you a PM. I'll keep everyone up to date, Hostgator must still be working on things.

Thank you all!
 
Upvote 0 Downvote
Blueprint4Love said:
Sorry guys for the bad news, but someone definitely has hacked into XF as an admin. I just changed my personal profile password and then tried changing the admin password but it wouldn't let me. While I was able to log in as the admin, when I went to the profile to change the password it told me that the password didn't match. Someone definitely has access to the admin password and now I can't change it
Click to expand...


I've only just spotted this

They can brute force the admin account from the front end, I mentioned this a while ago

Check your server access logs and find out if this is the case,
If it is the case, I added a plugin to fix this issue (user locks, these should be every where not just the admin cp):
http://xenforo.com/community/resources/loginuserlocks-security.1195/

and you can go one step further, even if they know your admin password (by what ever method they have used) you can protect your account so that it can only be logged in from your ip address:
http://xenforo.com/community/resources/xenloginsecurity-security.1194/

Do check your access logs 1st and find out what they are doing, to check your access logs, see here:
http://xenforo.com/community/threads/my-forums-getting-lots-of-spam.35195/page-20#post-442155

If you still cant access your super admin account, presumably you still have access to the DB (via cpanel?), if so you can change your password directly with SQL (if it is still the case that you need to change your super admins password, let me know)
 
Upvote 0 Downvote
This is so good to know and yes, I will get that! Matt is checking right now, will let you know what comes of it. I do travel quite a bit and would log in from different IP addresses from time to time. As long as I can set that, this will work.

So glad members are coming up with great add-ons to protect us!
 
Upvote 0 Downvote
People don't think about security often until the damage has been done.. hopeful they haven't done much

With the IP address protection plugin does, if you try to login from another location it sends you an email (so you can login there and add your IP address to your allowed list)

I believe the user locks plugin is fairly essential (particularly if you use QA / or even worse, no captcha)... hopefully this one will be fixed in core
 
Upvote 0 Downvote
Jake Bunce said:
FYI for others. Ragtek's new user notification system addon makes "welcome profile posts" on her forum. Those posts are made under her account. For some reason it's logging foreign IPs for those profile posts. That's where the IPs are coming from. This is obviously erroneous. I don't know why that addon is logging these IPs. But we know the IPs aren't from hackers now.
Click to expand...

https://github.com/ragtek/NUNS/commit/a9265b8a20625124bbbf89508d61a00748f128f5
http://adminextra.com/threads/some-of-my-old-addons.6158/
 
Upvote 0 Downvote
OK, so just to clarify a few things with the server. All server software is upto date, now running php 5.3.19 and mysql 5.5.27-cll. Apache is running in suphp mode, so each domain is segregated from each other. There are no successful authentications via SSH, although it's constantly being brute forced.

Code: 
root@blu [/var/log]# less secure | grep "authentication failure" | wc -l
6668

The only FTP access I can see is Jake the other night.

iptables is running, but it's only set up for godaddy. I'd personally like to install config server firewall, which integrates nicely with cpanel, but I don't know how this would react with the existing iptable rules??

I've ran both rkhunter and chkrootkit, and neither of those have found anything.

WHM is on the latest version.

One thing I have seen, is that ALL users on the server have full shell access. I'm also not seeing SSH logging accepted attempts, eg on one of my VPS

Dec 14 06:57:40 nagios sshd[18633]: Accepted password for matt from XXX.XXX.XXX.XXX port 29183 ssh2
Dec 14 06:57:40 nagios sshd[18633]: pam_unix(sshd:session): session opened for user matt by (uid=0)
 
Upvote 0 Downvote
With my verrrrry limited technical understand what I hear you say is that the server was NOT compromised? If that is so, then is it possible that the Hostgator guy was right in that there are sql scripts that can be run through the XF software, which then infect every post? If that's the case, then XF has a huge security flaw loophole.

Am I getting this right?
 
Upvote 0 Downvote
Correct, I can't see any access to the server itself. However, you have wordpress sites hosted on the same VPS, which have had known security issues recently. Have they been kept up to date also?
 
Upvote 0 Downvote
MattW, can you look through the access logs and search for the offending IP addresses (Blueprint4Love should be able to give you a list of the ip addresses).
From the server access logs, you should be able to determine where the entry point was.. this will give you huge clues of how / what they have done.

If it is a brute force of the admin account from the forum login, then it is what I saw and mentioned a long time ago... It will be fixed, but apparently not outside of a 1.2 release


Blueprint4Love said:
is it possible that the Hostgator guy was right in that there are sql scripts that can be run through the XF software
Click to expand...
I take it that's your host that said that, or a forum users post?
 
Upvote 0 Downvote
yes, it was the hostgator guy who suspected that because according to him everything looks fine with my server. But they're trying to 'restart' the server and apparently it's failing. Not sure what this means.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

JoyFreak
Not a bug An unexpected error occurred. Please try again later.
Replies
3
Views
182
JoyFreak
JoyFreak
sneakyy
  • Question Question
XF 2.2 An unexpected database error occurred. Please try again later.
Replies
7
Views
234
sneakyy
sneakyy
sam2019
  • Question Question
XF 2.2 An unexpected database error occurred. Please try again later.
Replies
2
Views
502
Paul B
Paul B
Ferdinand
  • Question Question
XF 2.2 An error occurred while connecting with Linkedin. Please try again later.
Replies
7
Views
610
tom3
tom3
vinnymickey
  • Question Question
XF 2.2 An unexpected database error occurred. Please try again later.
2
Replies
22
Views
2K
Suzanne O
Suzanne O
Top Bottom