Post by TAKCS » Tue Dec 03, 2019 7:14 am

Hello all.

TIA for any insight as to the cause of this. The last few days I have been having issues of the system hanging when updating order history and or customers trying to checkout. So much so they hit the confirm order button twice and I have to refund additional chanrges. The orders do come through and the updates in order history post. However, I have to wait until the system (admin panel) times out and give me the following error before I can refresh and see the change.

Not Allowed
Not Allowed
<html>
<head><title>405 Not Allowed</title></head>
<body>
<center><h1>405 Not Allowed</h1></center>
<hr><center>nginx/1.16.1</center>
</body>
</html>

Running OC 2.0.1.0 default theme with some modules installed (not changing core files). This is a nightmare and has happened since I got the login hacked a couple weeks ago. I thought I had caught everything but maybe not.

The following has been repeating in my error log since November 18, 2019:
2019-11-24 8:59:38 - PHP Notice: Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''product/category''' at line 1<br />Error No: 1064<br />SELECT * FROM oc_url_alias WHERE `query` = 'product/category'' in public_html/mydomain.com/system/library/db/mysqli.php on line 40
2019-11-24 8:59:38 - PHP Notice: Trying to get property of non-object in /public_html/mydomain.com/catalog/controller/common/seo_url.php on line 111

I have compared thos to the backups I have and they seem identical to me. See below:

mysqli.php Line 40: trigger_error('Error: ' . $this->link->error . '<br />Error No: ' . $this->link->errno . '<br />' . $sql);
seo_url.php Line 111: if ($query->num_rows && $query->row['keyword']) {


Any help would be greatly appreciated. I have flushed all the caches and rebuilt them.

Namaste,

Allen

New member

Posts

Joined
Mon Dec 01, 2014 9:22 am

Post by Johnathan » Tue Dec 03, 2019 10:44 pm

This is likely due to server security restrictions, not anything specific to OpenCart. If you were hacked and your web host was notified, they probably increase the mod_security levels on your server, which sometimes affects ajax requests on the site. The order history updating uses an ajax request, so it would be affected by that.

To fix it, contact your web host and ask them to whitelist your IP for mod_security, or see if they can loosen the security rules a bit so this doesn't happen. It will need to be something they do for you, as far as I know there's nothing you can do on the OpenCart side of things to fix this.

Image
Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by TAKCS » Wed Dec 04, 2019 3:03 am

Thank you Johnathan. I will get intouch with them and see what they say. I will also send along your post for confirmation of said issue. Thank you again for your insight.

Have a blessed and prosperous day!

Allen

New member

Posts

Joined
Mon Dec 01, 2014 9:22 am

Post by TAKCS » Wed Dec 04, 2019 4:57 am

I went through a live chat with the host. I did a test run on the checkout process and the said it was a quick checkout module that was taking a long time to run the script. Somehow I feel there is still cleanup to do. Search and destory time. Amy ideas where to start?
I have uninstalled the said module without change to client side issues. No change on the admin order update isse either.

New member

Posts

Joined
Mon Dec 01, 2014 9:22 am

Post by Johnathan » Wed Dec 04, 2019 11:07 pm

I'm still pretty sure it's a mod_security issue (or something similar). A 405 response from the server is something your server is saying, not anything OpenCart would throw itself. Obviously I'm not a hosting expert, but in my experience a server-level plugin is the only thing I've seen cause errors like that.

The seo_url.php error would be an OpenCart error, though I'm not sure why that would be occurring. The path in it doesn't have "modification" in it, so it's probably not an ocMod extension causing it. It may be an OpenCart bug I'm not aware, so you may need to hire someone to diagnose and fix that one specifically. If you need to find a developer, you can post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.

Image
Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by TAKCS » Thu Dec 05, 2019 5:55 am

Thank you Johnathan.

The host said that the quick_checkout module (which I have unistalled) script was taking a long time to run and that is why the error or hang was occurring. I am sure there is something firing off after the csutomer click confirm order that is timing out on the server side. I do not know why the order status update is taking forever. Something weird is happening. The redirect after the update function launches is not getting time because of the long running of some function.
Other than going through each line of code in each file, is there a malware or virus scanner that works well with OC you could recommend. I have ran the free online ones I have found and came up empty.

Thank you for your advise. I am very grateful.

New member

Posts

Joined
Mon Dec 01, 2014 9:22 am

Post by Johnathan » Thu Dec 05, 2019 10:51 pm

The problem you're having is extremely unlikely to be a virus or malware, it's probably just a bug in the software. Contact the quick checkout developer for support.

If you think it's actually something left on your site from the previous hack, I'd contact a security expert to do a scan on your site. I don't have one to recommend, unfortunately. If that doesn't find anything, then it's probably not a hacked file, and just a software bug.

If completely removing the quick checkout doesn't solve the issue, then it's probably not actually the issue. You may want to consider hiring someone to delve into your site if your web host isn't being helpful. You can find a developer in the two places I mentioned earlier (Commercial Support and Partners section).

Image
Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am

Who is online

Users browsing this forum: julianashcroft and 32 guests