Hello all.
TIA for any insight as to the cause of this. The last few days I have been having issues of the system hanging when updating order history and or customers trying to checkout. So much so they hit the confirm order button twice and I have to refund additional chanrges. The orders do come through and the updates in order history post. However, I have to wait until the system (admin panel) times out and give me the following error before I can refresh and see the change.
Not Allowed
Not Allowed
<html>
<head><title>405 Not Allowed</title></head>
<body>
<center><h1>405 Not Allowed</h1></center>
<hr><center>nginx/1.16.1</center>
</body>
</html>
Running OC 2.0.1.0 default theme with some modules installed (not changing core files). This is a nightmare and has happened since I got the login hacked a couple weeks ago. I thought I had caught everything but maybe not.
The following has been repeating in my error log since November 18, 2019:
2019-11-24 8:59:38 - PHP Notice: Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''product/category''' at line 1<br />Error No: 1064<br />SELECT * FROM oc_url_alias WHERE `query` = 'product/category'' in public_html/mydomain.com/system/library/db/mysqli.php on line 40
2019-11-24 8:59:38 - PHP Notice: Trying to get property of non-object in /public_html/mydomain.com/catalog/controller/common/seo_url.php on line 111
I have compared thos to the backups I have and they seem identical to me. See below:
mysqli.php Line 40: trigger_error('Error: ' . $this->link->error . '<br />Error No: ' . $this->link->errno . '<br />' . $sql);
seo_url.php Line 111: if ($query->num_rows && $query->row['keyword']) {
Any help would be greatly appreciated. I have flushed all the caches and rebuilt them.
Namaste,
Allen
This is likely due to server security restrictions, not anything specific to OpenCart. If you were hacked and your web host was notified, they probably increase the mod_security levels on your server, which sometimes affects ajax requests on the site. The order history updating uses an ajax request, so it would be affected by that.
To fix it, contact your web host and ask them to whitelist your IP for mod_security, or see if they can loosen the security rules a bit so this doesn't happen. It will need to be something they do for you, as far as I know there's nothing you can do on the OpenCart side of things to fix this.
To fix it, contact your web host and ask them to whitelist your IP for mod_security, or see if they can loosen the security rules a bit so this doesn't happen. It will need to be something they do for you, as far as I know there's nothing you can do on the OpenCart side of things to fix this.
I went through a live chat with the host. I did a test run on the checkout process and the said it was a quick checkout module that was taking a long time to run the script. Somehow I feel there is still cleanup to do. Search and destory time. Amy ideas where to start?
I have uninstalled the said module without change to client side issues. No change on the admin order update isse either.
I have uninstalled the said module without change to client side issues. No change on the admin order update isse either.
I'm still pretty sure it's a mod_security issue (or something similar). A 405 response from the server is something your server is saying, not anything OpenCart would throw itself. Obviously I'm not a hosting expert, but in my experience a server-level plugin is the only thing I've seen cause errors like that.
The seo_url.php error would be an OpenCart error, though I'm not sure why that would be occurring. The path in it doesn't have "modification" in it, so it's probably not an ocMod extension causing it. It may be an OpenCart bug I'm not aware, so you may need to hire someone to diagnose and fix that one specifically. If you need to find a developer, you can post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.
The seo_url.php error would be an OpenCart error, though I'm not sure why that would be occurring. The path in it doesn't have "modification" in it, so it's probably not an ocMod extension causing it. It may be an OpenCart bug I'm not aware, so you may need to hire someone to diagnose and fix that one specifically. If you need to find a developer, you can post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.
Thank you Johnathan.
The host said that the quick_checkout module (which I have unistalled) script was taking a long time to run and that is why the error or hang was occurring. I am sure there is something firing off after the csutomer click confirm order that is timing out on the server side. I do not know why the order status update is taking forever. Something weird is happening. The redirect after the update function launches is not getting time because of the long running of some function.
Other than going through each line of code in each file, is there a malware or virus scanner that works well with OC you could recommend. I have ran the free online ones I have found and came up empty.
Thank you for your advise. I am very grateful.
The host said that the quick_checkout module (which I have unistalled) script was taking a long time to run and that is why the error or hang was occurring. I am sure there is something firing off after the csutomer click confirm order that is timing out on the server side. I do not know why the order status update is taking forever. Something weird is happening. The redirect after the update function launches is not getting time because of the long running of some function.
Other than going through each line of code in each file, is there a malware or virus scanner that works well with OC you could recommend. I have ran the free online ones I have found and came up empty.
Thank you for your advise. I am very grateful.
The problem you're having is extremely unlikely to be a virus or malware, it's probably just a bug in the software. Contact the quick checkout developer for support.
If you think it's actually something left on your site from the previous hack, I'd contact a security expert to do a scan on your site. I don't have one to recommend, unfortunately. If that doesn't find anything, then it's probably not a hacked file, and just a software bug.
If completely removing the quick checkout doesn't solve the issue, then it's probably not actually the issue. You may want to consider hiring someone to delve into your site if your web host isn't being helpful. You can find a developer in the two places I mentioned earlier (Commercial Support and Partners section).
If you think it's actually something left on your site from the previous hack, I'd contact a security expert to do a scan on your site. I don't have one to recommend, unfortunately. If that doesn't find anything, then it's probably not a hacked file, and just a software bug.
If completely removing the quick checkout doesn't solve the issue, then it's probably not actually the issue. You may want to consider hiring someone to delve into your site if your web host isn't being helpful. You can find a developer in the two places I mentioned earlier (Commercial Support and Partners section).
Well, through enough digging and Google Developer Tools, I was able to track down the offending script. It is jquery-2.1.1.min.js:4. Doing an API call on the sales order update process. << No other way for me to explain as I am not the OC programmer type. So I have all this data now pointing to this one jquery taking 2.0 mins to process and time out to the 405 error. But what do I do with it. I also have recorded the issue hanging on making a sale. f.send(a.hasContent && a.data || null) is listed as the offending script on that instance. Just posting what I found. I will try and locate it and figure it out.
Thank you. You may close the thread.
Thank you. You may close the thread.
Still having this issue. It also seems to be manifesting in the order confirm process. See images below. First one is order update network capture, the second is order confirmation network capture. Both processes work in the backend but will not redirect due to TTFB timeout.
Attachments
order_update_TTFB.png (147.07 KiB) Viewed 3752 times
FD_GGe4_TTFB.png (105.99 KiB) Viewed 3752 times
Unfortunately I don't really have any other advice for you. If the error is consistently in the order process, I'd suspect a mod you have installed, since this is not a normal OpenCart bug. Try uninstalling the mods you have one-by-one, and see if any of that fixes it. You could also try setting up a duplicate store (with a fresh installation) on the same server, and see if the error occurs there. If it doesn't, you can start installing the same mods until you find the one triggering it.
You might also consider hiring someone to try and fix this for you. It would probably be faster than attempting to figure it out yourself. If you need to find a developer, you can post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.
Hope you can get it sorted
You might also consider hiring someone to try and fix this for you. It would probably be faster than attempting to figure it out yourself. If you need to find a developer, you can post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.
Hope you can get it sorted
Who is online
Users browsing this forum: No registered users and 284 guests
