Server error, please try again later

Divinum Fiat

Divinum Fiat

Well-known member
Hi all,

For some unexplainable reason I got logged out of my forum and when I try logging back in I get the message "server error, please try again later."

The page is frozen at that error page and no matter what tabs I click, I can't move away from the error page.

Does anyone have an idea of what this could be related to (my other domains, that share the same server, are up and running fine)?
 
Sort by date Sort by votes
Digital Doctor said:
What was deleted was the MySQL database tables that Hostgator hosts for you.
Xenforo accesses those tables (reads, writes) but the tables aren't really a part of Xenforo software.


That's why I think someone hacked your server and deleted them.

Now is the time to fess up that you were playing around with cpanel :)
or playing around with something !

(We've all screwed things up before).
Click to expand...
It wasn't even a table that was deleted though, it was 4 columns from 1 table in the database. If it was a hack, I doubt it would be deleting columns from tables, they'd drop the whole DB.
 
Upvote 0 Downvote
The only time I ever log into the c panel is if I need a new email address. And I barely know how to do that. I did call Hostgator customer service about 3 days ago to get help with another domain that has wordpress installed and I wasn't able to directly upload a file because it was too large. I asked if they could increase the size but it wasn't possible. As I said, it was on a completely different domain too. I have really no clue where I would even go for these tables or whatever was missing. All I can think of is that an add on may cause conflict. I have quite a few add ons, but haven't messed with them either, so I don't know why this would happen out of the blue. Will call hostgator tomorrow to find out if someone hacked in. But even someone did, why in the world would they just remove tables? On another note, I have noticed an excessive number of new registrations that are from forum spammers. Over 2 days I had over 500 new sign ups. I had to place the requests on manual approval. Maybe that has something to do with it?
 
Upvote 0 Downvote
Digital Doctor said:
What was deleted was the MySQL database tables that Hostgator hosts for you.
Xenforo accesses those tables (reads, writes) but the tables aren't really a part of Xenforo software.
Click to expand...

Really? The table in question here is very much a part of xenforo and it is added by xenforo when the installer is run.

And again, according to what was posted above, there was no table that was deleted by several fields, huge difference.

@Blueprint4Love, dropping of db fields like that is not normal. You have had a simiiar issue as well before if I remember correctly:

http://xenforo.com/community/threads/undefined-index-last_post_username.36348/

Ask your host to check their access logs for around the time where the issue happened to see the cause of it. Also imho it would be best to always make your own db backups and not just rely on the host.
 
Upvote 0 Downvote
Digital Doctor said:
It would be interesting to determine what is causing the severe damage.
If it is the exact same problem then that would favor a Xenforo issue.
Click to expand...
Not if there's some rogue moron at Hostgator or some other person has somehow gotten access to the cPanel account. There's still many other possibilities besides it being a XenForo bug (though admittedly it isn't impossible).

Interestingly, a certain website we don't talk about was hacked recently. Well deserved, I feel, but it does make you wonder if there are some exploits in the software that people are beginning to abuse.

BluePrint4Love: What version of XenForo are you running (1.1.2? 1.1.3?) and do you use the Custom BB Code Manager?
 
Upvote 0 Downvote
I also think after looking at the cpanel account information, this is on a shared hosting environment, that was running the last release of the 5.2 branch of PHP, which has quite a few issues looking at some of the vulnerability sites.

http://www.cvedetails.com/vulnerabi..._id-128/version_id-106044/PHP-PHP-5.2.17.html

There was nothing uploaded via the FTP logs which I checked, only the files for various mods which she is running.
 
Upvote 0 Downvote
Chris Deeming said:
BluePrint4Love: What version of XenForo are you running (1.1.2? 1.1.3?) and do you use the Custom BB Code Manager?
Click to expand...

I believe I'm still running 1.1.2. How can I check? Last update someone made for me, thank you Andrej, was in the summer.

Okay, so here is the update. I did have Hostgator check into any unauthorized access and they sent me a cpanel login data and they checked for 'hacked' access. They found nothing. This is a VPS server on which I have a few other domains but only this one has XF on it. I also just got a notice from Google saying "increase in server errors" and that they can't crawl the site.

Now that the site is back up, so are all of the spammers who are lurking on the site submitting for membership. I had to set the board to manual approval, which really sucks. And I have no idea where they found my board. All IPs are from Russia, Lithuania and other Eastern European countries. I wish there was a button as you 'decline membership' that at the same time would ban the IP. Then again, I tried manually banning the IPs but they just sign up under another IP. :-(

Verdict, I have no idea how the columns are missing but Borbole is right. This happened in the Spring and Borbole was the one who helped me along with another time when XF tech support rebuilt one of the columns. Again, I have no idea how these columns just go on vacation like this!
 
Upvote 0 Downvote
I have no clue - not sure what the technical things are like when they are the same issue. What I do remember is seeing the same error messages, people not able to log in. When I submitted it to XF tech support they said pretty much the same as all of you have said here (columns don't just disappear, etc.). They manually rebuilt whatever was missing and all worked fine then. I haven't added any new addons since then. Strange indeed.
 
Upvote 0 Downvote
Did you patch XF 1.1.2 with the important security fix? There was a major bug in SWFUpload which you definitely need to make sure is fixed either by upgrading to 1.1.3 or by applying the provided single file patch to fix it.

Although with these things you can never be sure of the cause without evidence, this could have been the way in. I've seen sites get exploited by this before though usually they gain admin cp access. On this occasion someone has gotten even more access than that and run database queries.

Something else to be weary of. Don't take offence this is general advice for everyone. Never use add ons unless they are downloaded or bought from a reputable source. Especially pirated add ons which you should have to pay for but you might find for free at other websites.

There's no telling what people have done to those files. It's so possible for them to add in code that can cause damage such as this.
 
Upvote 0 Downvote
You can check your forum version in the right upper corner in your forum 's acp panel. Personally I do not think this was a hack because the damage would have been much worse if that was the case. But if you want to put your mind at ease, do a thorough checkup of your server space and db and look for anything out of ordinary there.

About the spam issue, have you tried this mod made by Chris? It is an excellent one that would help a lot in keeping spammers at bay.

http://xenforo.com/community/resources/registration-form-timer.1248/
 
Upvote 0 Downvote
borbole said:
You can check your forum version in the right upper corner in your forum 's acp panel. Personally I do not think this was a hack because the damage would have been much worse if that was the case.
Click to expand...
I once helped out someone here (I forget who) who had their forum hacked and it was believed that it was via the swfupload exploit. They gained Admin CP access somehow demoted the actual admins and altered a lot of templates with some silly messages. And that's all they did. I'd say the deletion of a load of crucial database fields is much, much worse. Admittedly, they could have done more, but if there hadn't been any backups at all then it would be a pretty much fresh start.

My only concern is if they've left a backdoor, somehow, so yeah borbole's advice is spot on. Check for absolutely anything out of the ordinary. Change all your passwords.

It's also easy to forget more localised risks as well in cases like this. Do you have up to date antivirus on your computer? Do you regularly log in to your site on a shared computer? You need to also make sure that any computer you use is secure. If there's any sort of key logging software on the computers you use, then they have the key to the front door.

Especially if this has happened before. If this is now the second time it has happened, unless something radically different is done this time, it will probably happen again for a third time.
 
Upvote 0 Downvote
Yes, I do use 1.1.2. I did download 1.1.3 of XF but have not found the post yet on how to activate it. I've uploaded the zip file to the public_html folder via Filezilla, but that's as technical as I get. Not sure what to do next. Was doing a search on here to find out how exactly to upgrade to 1.1.3.

This is a new laptop (since June) and I have SuperAntiSpyWare on here, nothing else. When this happened before it was on another laptop and there I also had SuperAntiSpyWare and AVG.

I would never get get an add-on from an unknown source, and get them directly from here. Haven't gotten or activated an add-on for a while now. I'm really not sure what could have caused this but I don't think it was a hacker.
 
Upvote 0 Downvote
If you uploaded all of the files from 1.1.3 then you should be ok. That will certainly contain the patched swfupload.swf file that had an exploit in it (third party code, nothing caused by XenForo).

The process for installing an upgrade is identical to installing the product to start with.

You go to this page on your site: http://www.corefreedom.com/install/index.php?upgrade/ and login.

That will walk you through the process of upgrading.
 
Upvote 0 Downvote
When I go to that link, Chris, a message tells me that I'm already running 1.1.2. All I've done with 1.1.3 is upload the zip folder via ftp to the public_html folder. That's as far as my tech skills go (yewwhaww). :eek: From there something else needs to happen but I never know what exactly I need to do from there.
 
Upvote 0 Downvote
1) Download the 1.1.3 zip file.
2) Extract the contents of the zip file to your computer.
3) Upload the contents of the upload folder to your public_html folder using FTP
4) Go to the install page I mentioned above.
 
Upvote 0 Downvote
maday maday, guess what!? My site is down AGAIN! Now the site won't even come up, the main url gives me a white page saying "An unexpected database error occurred. Please try again later."

WTF!???
1x1.gif
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

JoyFreak
Not a bug An unexpected error occurred. Please try again later.
Replies
3
Views
169
JoyFreak
JoyFreak
sneakyy
  • Question Question
XF 2.2 An unexpected database error occurred. Please try again later.
Replies
7
Views
204
sneakyy
sneakyy
Mr Lucky
  • Question Question
XF 2.2 One thread is getting oops error - Preflight response is not successful - XMLHttpRequest cannot load ...due to access control checks
Replies
5
Views
253
Mr Lucky
Mr Lucky
MichaelCS
  • Question Question
XF 2.2 DISREGARD - Please delete.
Replies
2
Views
218
MichaelCS
MichaelCS
Mr Lucky
  • Question Question
XF 2.2 Security error occurred. Please press back, refresh the page, and try again.
2
Replies
28
Views
2K
Suzanne O
Suzanne O
Top Bottom