Open szcf-weiya opened 3 years ago
script '/var/www/disqus/wp-login.php' not found or unable to stat
currently, if there are any updates on the error.log
, an email will be sent to me, and I observed several single error log,
[Mon May 10 16:58:45.840431 2021] [php7:error] [pid 21773] [client 127.0.0.1:54898] script '/var/www/disqus/wp-login.php' not found or unable to stat
then I found this https://stackoverflow.com/questions/53930240/php-not-found-or-unable-to-stat, which explains that
These files are related to potential vulnerabilities that attackers try to exploit.
but there is a difference, the client here is 127.0.0.1
instead of other public ips. Or someone hid their real IP by 127.0.0.1
(is it possible) to attach?
/var/www/disqus-php-api
docker run --name apache2php7 -p 10080:80 -v /media/weiya/PSSD/disqus20210518/:/var/www/disqus/ alexcheng/apache2-php7
$ docker exec -it apache2php7 bash
, and the edit /etc/apache2/apache2.conf
, change the DocumentRoot /var/www/html
to DocumentRoot /var/www/disqus
, and then run service apache2 restart
http://127.0.0.1:10080/disqus-php-api/api/login.php
./ngrok http 10080
seems cannot write emails.
then change the setting
#ErrorLog /proc/self/fd/2
ErrorLog ${APACHE_LOG_DIR}/error.log
then I can check the error written in the log file.
/var/www/disqus/disqus-php-api/api# ll
drwxrwxr-x 2 1000 1000 4096 May 18 06:18 cache/
/var/www/disqus/disqus-php-api/api/cache# ll
total 16
drwxrwxrwx 2 1000 1000 4096 May 18 06:18 ./
drwxrwxr-x 5 1000 1000 4096 May 18 07:58 ../
-rwxrwxrwx 1 1000 1000 2032 May 18 06:18 disqus_esl-hohoweiya-xyz.php*
-rwxrwxrwx 1 1000 1000 999 May 18 06:18 phpmailer_error.log*
after chmod -R 777 cache
and write a new email, then a new email record can be found in disqus...php
/var/www/disqus/disqus-php-api/api/cache# ll
total 16
drwxrwxrwx 2 1000 1000 4096 May 18 06:18 ./
drwxrwxr-x 5 1000 1000 4096 May 18 07:58 ../
-rwxrwxrwx 1 1000 1000 2089 May 18 08:08 disqus_esl-hohoweiya-xyz.php*
-rwxrwxrwx 1 1000 1000 999 May 18 06:18 phpmailer_error.log*
but the email still failed to reply.
Also note that the user and group are 1000
/var/www# ll
total 20
drwxr-xr-x 1 root root 4096 May 18 06:36 ./
drwxr-xr-x 1 root root 4096 Jan 17 21:14 ../
drwxrwxr-x 3 1000 1000 4096 May 18 06:18 disqus/
drwxr-xr-x 2 www-data www-data 4096 Jan 17 21:14 html/
after changing the ownership,
/var/www# chown -R www-data:www-data /var/www/disqus/
and still not work.
the environment is more like the common used in the STAPC, and there is error log suc as
https://127.0.0.1:10080/disqus-php-api/api/login.php
[Tue May 18 11:43:24.243091 2021] [:error] [pid 150] [client 172.17.0.1:46312] script '/var/www/disqus/disqus-php-api/wp-login.php' not found or unable to stat
but the email still failed and without log info.
add the following two lines in sendemail.php
,
file_put_contents('php://stderr', print_r($_POST, TRUE));
file_put_contents('php://stderr', print_r($authors, TRUE));
since sendemail.php
would be called in postcomment.php
, the first output is before processing the comment, and is just the original comment _POST
, which is
Array
(
[thread] => 7889889821
[parent] =>
[message] => Test1
[name] => weiya
[email] => weiya@woodboird.xyz
[url] =>
[unique] => 16ljf1bpqsdpj
)
note that
_POST
a PHP super global variable which is used to collect form data after submitting an HTML form with method="post". https://www.w3schools.com/php/php_superglobals_post.asp
this post operation is performed in the javascript, https://github.com/fooleap/disqus-php-api/blob/69a4c399938863a39f23bf2e14716c7ab57e8071/src/iDisqus.js#L1678
and the next _POST
is
Array
(
[post] => {"avatar":"//gravatar.zeruns.tech/avatar/96a820f2de610266d071842d194b2eab?d=retro&s=92","isMod":false,"isDeleted":false,"hasMore":null,"username":null,"createdAt":"2021-05-18T13:46:42+00:00","id":5387900205,"message":"<p>Test1</p>","raw_message":"Test1","name":"weiya","url":"","thread":7889889821,"parent":null,"isPost":true}
[thread] => {"author":224882832,"dislikes":0,"id":7889889821,"slug":"_esl_cn_85","identifiers":["/Preface/2016-07-20-Preface-to-the-Second-Edition/index.html?from=singlemessage&isappinstalled=0","/Preface/2016-07-20-Preface-to-the-Second-Edition/index.html"],"likes":3,"link":"https://esl.hohoweiya.xyz/Preface/2016-07-20-Preface-to-the-Second-Edition/index.html","posts":50,"title":"第二版序言 - ESL CN","createdAt":"2020-02-27T02:24:35+00:00"}
[code] => 1621345602
)
this corresponds to https://github.com/fooleap/disqus-php-api/blob/69a4c399938863a39f23bf2e14716c7ab57e8071/src/iDisqus.js#L1689-L1694
note that the author is found via $author->$code
, but the above code does not correspond to any author.
On the other hand, if I use another name,
Array
(
[thread] => 7889889821
[parent] => 5387881223
[message] => Test
[name] => Test
[email] => weiya@woodboird.xyz
[url] =>
[unique] => 16ljf1bpqsdpj
)
the _POST
is
confusing!! the following md5 email corresponds to
~$ echo -n weiyaw****@woodbird.xyz | md5sum
8ed49a81cf27a9f75765dd88b6238fa3 -
whose return is
weiyaw****@woodbird.xyzweiyaw****@woodbird.xyz
so it can be seen that .
is to cat strings.
Array
(
[post] => {"avatar":"//gravatar.zeruns.tech/avatar/96a820f2de610266d071842d194b2eab?d=retro&s=92","isMod":false,"isDeleted":false,"hasMore":null,"username":null,"createdAt":"2021-05-18T13:43:40+00:00","id":5387896788,"message":"<p>Test</p>","raw_message":"Test","name":"Test","url":"","thread":7889889821,"parent":5387881223,"isPost":true}
[thread] => {"author":224882832,"dislikes":0,"id":7889889821,"slug":"_esl_cn_85","identifiers":["/Preface/2016-07-20-Preface-to-the-Second-Edition/index.html?from=singlemessage&isappinstalled=0","/Preface/2016-07-20-Preface-to-the-Second-Edition/index.html"],"likes":3,"link":"https://esl.hohoweiya.xyz/Preface/2016-07-20-Preface-to-the-Second-Edition/index.html","posts":49,"title":"第二版序言 - ESL CN","createdAt":"2020-02-27T02:24:35+00:00"}
[parent] => {"avatar":"//gravatar.zeruns.tech/avatar/1de3635e2183d21a7299614b788a8f7a?d=retro&s=92","isMod":false,"isDeleted":false,"hasMore":false,"username":null,"createdAt":"2021-05-18T13:29:20+00:00","id":5387881223,"message":"<p>test again</p>","raw_message":"test again","name":"weiya","url":"","thread":7889889821,"parent":null}
[code] => 8ed49a81cf27a9f75765dd88b6238fa3
)
where the [code]
corresponds to the user,
[8ed49a81cf27a9f75765dd88b6238fa3] => weiya@woodbird.xyz
in postcomment.php
,
since all comments are anonymous, now if it is not the parent comment, it would return time,
~$ date +%s
1621348700
which is close to the above
[code] => 1621345602
also, this behavior has been checked with some further tests.
On the other hand, if we reply to another comment, then code
is returned as the md5 sum.
just realized that the previous failed email notifications are because that I replied in the moderation panel
instead of the Disqus panel on each page,
where
reply
is replied in the moderation panel, and no email notification, while reply2
is replied on the page with successful email notification.
//
is 05-18 related to the migration of disqus? https://tech.hohoweiya.xyz/website/disqus/#20210518-wsl-docker
but what happen on 05-25
and
and also just observed that another
//
created when I visit 2.9 by clicking link in google analytics. This might be a bug for analytics, https://webapps.stackexchange.com/questions/35341/google-analytics-adds-additional-slash-after-domain-when-opening-a-page
disqus for cn broken down
check the
/var/log/apache2/error.log
, and surprisingly, the error dates back to 2020-12-22but it seems that it works on 2021-01-07 since there is a successful comment and replied email record. So possibly the starting date is 2021-01-15,
after restarting apache2
then vising http://127.0.0.1/disqus-php-api/api/config.php will normally redirect to disqus!