Opened 2 years ago

Closed 2 years ago

#2821 closed task (fixed)

Logging into www.osgeo.org is broken

Reported by: robe Owned by: sac@…
Priority: normal Milestone: Sysadmin Contract 2022-II
Component: SysAdmin Keywords:
Cc:

Description

Seems www.osgeo.org login is broken. Might be a result of reboot or some other update. I think it was working at least 2 days ago.

Change History (1)

comment:1 by robe, 2 years ago

Resolution: fixed
Status: newclosed

I think I have this issue fixed. I assume it might have been auto-update of the WP All in one Security that went hay-wire.

Along the way I did change the proxy setting, changed

I revised the www.osgeo.org-common.conf added these lines, could I couldn't find them before

RemoteIPHeader X-Real-IP
RemoteIPInternalProxy nginx.lxd

ErrorLog ${APACHE_LOG_DIR}/www.osgeo.org-error.log
CustomLog ${APACHE_LOG_DIR}/www.osgeo.org-access.log combined

Cause I couldn't find the proxy setting anywhere else, though it looked like wordpress was picking up ips of prior.

and changed logging format in /etc/apache2/apache.conf

#LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%a %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

All those changes I thought had fixed, but then I couldn't log in again on another pc I tried , so might have been a coincidence that the lockout period was over.

So while I was in on one pc, I disabled all the lockout of the WP-All Security plugin and was then able to log into another pc.

I think I've reenabled most of them, but before doing that, I did a patch updates of wordpress to 6.0.2 and updates of all the plugins. Before it was 6.0.1

So sad conclusion, it seems fixed but not absolutely sure why. Possible reasons I can think

1) Proxy wasn't properly set and perhaps auto update of security caught this and went into panick 2) Something about auto update of security, was incompatible with the 6.0.1 we were running, causing it to go into panic mode

3) It really isn't fixed and I actually did not renable it as I thought 4) It isn't fixed and I renabled it so we should get a lock out again soon.

I'm gong to close and assume it is fixed and someone can reopen if they have issues. I'll monitor the security logs to see if it picks up anything. I do see logs of people logging in and active sessions.

Note: See TracTickets for help on using tickets.