Project

General

Profile

Bug #16143

Is Commons site down?

Added by scott voth about 1 month ago. Updated about 1 month ago.

Status:
Resolved
Priority name:
Normal
Assignee:
-
Category name:
-
Target version:
Start date:
2022-05-21
Due date:
% Done:

0%

Estimated time:

Description

I notice that both the Commons and CBOX are down. Went down at 3:06 PM.


Related issues

Related to CUNY Academic Commons - Support #16278: Commons DownResolved2022-06-22

Related to CUNY Academic Commons - Bug #16294: CAC is downNew2022-06-24

History

#1 Updated by Raymond Hoh about 1 month ago

  • Status changed from New to Reporter Feedback

It's up for me. Is it working for you now, Scott? If so, downtime might have been temporary.

#2 Updated by scott voth about 1 month ago

Still down for me on all browsers. And on my phone.

#3 Updated by Raymond Hoh about 1 month ago

Can you pass your IP address, Scott? You can find your IP address on https://whatismyipaddress.com/.

Recently, Lihua added some IP blocking for users that hit more than 30 403/404 pages in less than an hour. The IP block would be in effect for a day. I'm guessing your IP might be on there.

Scott, have you tried surfing the Commons with your phone's cellular network instead of wi-Fi as that should provide a different IP address?

#4 Updated by scott voth about 1 month ago

68.129.167.158

#5 Updated by scott voth about 1 month ago

When I turned off WI Fi on phone I can reach the Commons.

#6 Updated by scott voth about 1 month ago

  • Priority name changed from High to Normal

Demoted this to Normal. Maybe we should watch for this in the future. It could be that the Commons went down briefly, and then I tried a bunch of times on different browsers, and then got the IP Block.

#7 Updated by Raymond Hoh about 1 month ago

Scott, I can confirm that your IP was on the banned IP list.

We might want to tweak Lihua's algorithm so it is a little bit more lenient.

#8 Updated by Matt Gold about 1 month ago

want me to reach out to him?

#9 Updated by Boone Gorges about 1 month ago

I'm working on an email to Lihua right now. For reference, Scott's issue comes somehow from the flat-bootstrap theme:

$ grep "68\.129\.167\.158" ssl_access.log-20220522 | grep " 40[34] " 
68.129.167.158 - - [21/May/2022:14:57:41 -0400] "GET /wp-content/themes/flat-bootstrap/wp-content/themes/flat-bootstrap/bootstrap/css/bootstrap.min.css HTTP/1.1" 404 295 "https://help.commons.gc.cuny.edu/wp-content/themes/flat-bootstrap/css/editor-style.css?wp-mce-49110-20201110" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:100.0) Gecko/20100101 Firefox/100.0" 105212 help.commons.gc.cuny.edu
68.129.167.158 - - [21/May/2022:14:57:41 -0400] "GET /wp-content/themes/flat-bootstrap/wp-content/themes/flat-bootstrap/font-awesome/css/font-awesome.min.css HTTP/1.1" 404 301 "https://help.commons.gc.cuny.edu/wp-content/themes/flat-bootstrap/css/editor-style.css?wp-mce-49110-20201110" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:100.0) Gecko/20100101 Firefox/100.0" 101251 help.commons.gc.cuny.edu
68.129.167.158 - - [21/May/2022:14:57:41 -0400] "GET /wp-content/themes/flat-bootstrap/wp-content/themes/flat-bootstrap/style.css HTTP/1.1" 404 273 "https://help.commons.gc.cuny.edu/wp-content/themes/flat-bootstrap/css/editor-style.css?wp-mce-49110-20201110" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:100.0) Gecko/20100101 Firefox/100.0" 105212 help.commons.gc.cuny.edu

There are a few dozen more entries just like this. When I visit this URL it works https://help.commons.gc.cuny.edu/wp-content/themes/flat-bootstrap/css/editor-style.css?wp-mce-49110-20201110, and the file has been present in the filesystem since May 2021. So I'm not sure why the 404s are happening.

#10 Updated by Boone Gorges about 1 month ago

Sorry, I just realized that I've misread the log entries. The problematic requests are to URLs like this:

/wp-content/themes/flat-bootstrap/wp-content/themes/flat-bootstrap/bootstrap/css/bootstrap.min.css

which originates from this file https://github.com/cuny-academic-commons/cac/blob/1.19.x/wp-content/themes/flat-bootstrap/css/editor-style.css#L12= The latter file uses incorrect relative paths.

I'll work on an immediate fix for this theme bug (and report to the theme author if possible) but I'll leave the ticket open for the moment while we have a team discussion about the new fail2ban rules.

#11 Updated by Boone Gorges about 1 month ago

  • Target version set to 1.19.10

In https://github.com/cuny-academic-commons/cac/commit/6a654e8d78b8002017829a092b040fd81312f294 I've changed the relative import paths so that they resolve properly. This has been deployed to the site as a hotfix.

A similar issue was reported some time ago to the theme author but there's been no response: https://wordpress.org/support/topic/editor-css-error-since-wordpress-4-8/ There's also been no updates to the theme in about a year, so I assume that none are coming in the near future.

#12 Updated by Raymond Hoh about 1 month ago

but I'll leave the ticket open for the moment while we have a team discussion about the new fail2ban rules.

For the fail2ban rules, Lihua is using this to ignore certain requests:

ignoreregex =.*(robots.txt|favicon.ico|jpg|png)

Perhaps we can also add in CSS and JS filetypes to this rule. If that were in place, Scott wouldn't have been IP-banned.

#13 Updated by Boone Gorges about 1 month ago

  • Status changed from Reporter Feedback to Staged for Production Release

You're right, Ray. Let's wait to see if Lihua's threshold change (from 40/hr to 120/hr) makes a difference. A file-extension change like you've suggested should be our next request.

#14 Updated by Boone Gorges about 1 month ago

  • Status changed from Staged for Production Release to Resolved

#15 Updated by Raymond Hoh 12 days ago

#16 Updated by Raymond Hoh 10 days ago

Also available in: Atom PDF