[pmwiki-users] GoDaddy Issues with pmWiki and password protected pages.

Petko Yotov 5ko at 5ko.fr
Thu Aug 15 01:45:36 CDT 2013


Jim Medlen writes:
> Recently when trying to edit a password protected page I see the password
> dialog after clicking Edit but when I enter the password and click OK the
> page never loads and I get an error message from the browser that says
>
>    The connection to the server was reset while the page was loading.
...
> I went through all of the PHP pages on my site and removed a line of code
> that appeared to be a hack or malware that used base 64 encode from several  
> of the pages,

If your site is/was hacked with PHP code inserted in your scripts, if I were  
you, I'd back up the directories local, cookbook, pub and wiki.d; wipe the  
whole site; install a clean PmWiki with the latest version; then add back  
the directories while examining every *.php file from these directories I  
put back on the server (if you have a skin or a recipe from the Cookbook, it  
is better to get the latest version of them from pmwiki.org and use them  
instead of the ones that were on your hacked server.)

The directories contain:
  local: your custom configuration, there should only be files like
    farmconfig.php, config.php, Main.php, Group.php and/or Group.Page.php
    These files should only have been modified by you so if you don't
    understand something, remove it.
  cookbook: recipes/modules adding features: re-get them from the Cookbook
    or examine them
  pub/css: custom styles, only *.css files only added by you
  pub/skins: different skins, from the Cookbook or your own, there may or
    may not be *.php files needing examination.

Otherwise, I'd also tripple check the files named .htaccess where they  
exist: you should know exactly what they contain and what that does to the  
server. The directives auto_prepend_file or auto_append_file for example are  
not needed by PmWiki, and if a site is hacked it may rely on those.

> but I still can't edit any of my password protected pages unless I use a
> text editor to remove the password information outside of the wiki site.

If this is happening with an old PmWiki version, I suggest installing the  
latest. New PHP versions tend to have changes that break the existing  
software and we need to fix it as soon as we find the problem.

Can you edit a page with no passwords? (like an open wiki)

If yes, it may be a "sessions" related problem, see this message:

  http://article.gmane.org/gmane.comp.web.wiki.pmwiki.user/57935/

> I have changed from PHP 5.3 to 5.3 and back and dont know what to try next.

You probably changed to/from a different version than two 5.3 versions :-)

Indeed, once we had similar symptoms on online.net (posting a form doesn't  
go to the PHP interpreter) due to a misconfiguration of one version.  
Switching to another available PHP version fixed the wiki.

> PmWiki has worked fine for the past 4 or 5 years until just this past month  
> when
> I started receiving forms submitted from the website with junk in the form.

This may be spambots, you may wish to add some password (or other)  
protection like the recipes Captcha or SpamFilters.

...
>> I just installed pmwiki through GoDaddy. When I try to save an edit, or
>> enter a password to get into the administration site, instead of taking me
>> to the appropriate webpage, I get a message that says that the server sent
>> no data. It also says, "Error code: ERR_EMPTY_RESPONSE"

When I searched www.google.com for this error code, I saw a huge number of  
pages about it, with different software (eg. Wordpress) mostly on GoDaddy.

So I have the feeling that this doesn't come from PmWiki. If it is possible,  
try changing the PHP verison, and/or the fix for the "sessions" problem, see  
the link above.

Petko




More information about the pmwiki-users mailing list