Posted on

15-Aug-2012

More investigations
I have done a bit more investigation on the PHP issue.
First, I created a procedure in which I can set the PHP environment as /JOB logicals so I can do the tests without interferendce with the access over the Internet.
Next, I checked the WordPress versions I haev installed. Apart from 2.6.3, I have installed 2.6.5, 2.8.2 and 3.4.1. I tested each of them after setting the PHP version to use (either 5.2.6 of 5.3.14), directly on the root directory of that WP version – so VERY basic.
Even using 5.2.6 I had problems – where this wasn’t the case a few days ago: On each of the blogs, PHP complained a file could not be located:

$ set def WP:[000000] ! the root directory of that WP version
$ php index.php

X-Powered-By: PHP/5.2.6
Content-type: text/html

<br />
<b>Warning</b>: require(/WEB_DISK2/private/wp263/wp-includes/class.wp-dependencies.php) [<a
href='function.require'>function.require</a>]: failed to open stream: no such file or directory in
<b>/WEB_DISK2/private/wp263/WP-INCLUDES/script-loader.php</b> on line <b>3</b><br />
<br />
<b>Fatal error</b>: require() [<a href='function.require'>function.require</a>]: Failed
opening required '/WEB_DISK2/private/wp263/wp-includes/class.wp-dependencies.php' (include_path='.:/php_root/000000') in
<b>/WEB_DISK2/private/wp263/WP-INCLUDES/script-loader.php</b> on line <b>3</b><br />
The problem here is that this filename contains a dot: the file does exists:

$ dir [.wp-includes]class.wp-dependencies.php

Directory WEB_DISK2:[private.wp263.WP-INCLUDES]

class^
⁁.wp-dependencies.php;1

Total of 1 file.
(except in WP34, but that is to be expected: I didn’t change the file there)

The only reason I can think of is that the tests a few days ago – or work done yesterday – has removed something….

The same runs using PHP 5.3.14 didn’t run into this issue, even with the older WP versions; apart from the ‘depricated’ messages, any version runs into error:
PHP Parse error: syntax error, unexpected $end in
/sysblog/000000/wp-includes/class.wp-styles.php on line 72
It means the file – including the dotted name – is actually found.
WP 2.8.2 didn’t show the ‘depricated’ messages, so that one seemed to be Ok for PHP 5.3. But there was this same error in the end…
The WP3.4 gave a slightly different message:
PHP Parse error: syntax error, unexpected '>' in /web_disk2/private/wp34/wp-blog-header.php on line 19
So not ‘unexpected $end’; it could mean theer si something else wrong – but since it’s off-the-sheld, ist simply should work…

Bu the web has no trouble with it – so I tried – with PHP 5.2.6 – and removed the private PHP logicals, and used the /SYSTEM/EXEC defined once: Same problems….But for the web access, nothing changed: it simply runs like it has done for months….

Next, I redefined thet SYSMGR blog to run from WP 2.8.2 – being the latest version before WP 3.0; And by access from the web, I remembered why it wasn’t released before: It uses some form of Redirect which causes a loop when the mapping in WASD isn’t altered: accoring the WATCH output, it is obvious that is does: time after time, it runs into the bolded line:

redirect /sysblog /sysblog/index.php
redirect /sysblog/ /sysblog/index.php?
redirect /sysblog/**/ /sysblog/*/index.php?
exec /sysblog/**.php (phpwasd:)/sysblog/*.php \
ods=5 script=syntax=unix script=query=none map=once
pass /sysblog/* /sysblog/* ods=5 search=none dir=noaccess

Quite likely that WP 3.4 runs into the same problem

So I set things up to use 2.6.5, and now the blogs run on that version; there is yet another issue to be tested: Does WP 3.4 require another mapping…

PMAS license
The new license has arrived and is now installed. Just in time 🙂

Posted on

14-Aug-2012

Work at hand
Apart from the PHP issues, there are a few other things under construction: A new homepage, and a suite to process network-related logfiles.
For the new homepage I plan to use Mark Daniel’s VmsWasdContentManagementSystem – a native VMS executable that can handle this type of posts – even blogging is an option (perhaps, any blog on this site may be redesigned using this package). I had the beta installed, so I removed it to prevent problems that coud arise; downloaded the latest version, (both the sources and the AXP objects), built and installed it. It does require some configuration, and mapping in WASD, and to get famliar with it (and because of the recommendation) I set up the example as in the documentation. But either I don’t understand or mis-interpret the docs, or these are inconclusive (incomplete of plein wrong – I cannot tell), I ended up with a message:
ERROR 403 -  reported by VWcms
Site directory not configured!
To be investigated….
Network logging
It’s an idea for quite some time: Scan all incoming network access, find out who’s attempting to hack, or abuse the systems, and shut the door for these people.
I started today with a program to scan the SYSLOGD logfiles on Diana: the firewall on the dge of the domain logs all access in this file, and when it is over 25.000 blocks in size, it’s cycled, and all cyccled files are stored in a zip file during the monthly maintenance process. Other files to process are the PMAS and FTP logfiles, and the access logs of the webserver.
So I need a program to convert these files into data that can be stored and analyzed, and that is also capable of updating the firewall with the top-100 addresses; the Vigor is capable of storing 192 single addresses, address ranges or networks that can be denied access – at the gate.
I started with a DCL-procedure that splits the SYSLOGD output – either active or archived – into incoming and outgoing traffic; each of which is next split into protocol-specific files; so at that moment, I have all lines of logging for every protocol, either incoming or outgoing – in exactly the same, fixed format. Therfore, it’s very easy to extract the required data from these files: date and time of access, the source and destination address and port – and the protocol.
Since there is quite a number of archives to process, I also created a procedure to scan a directory for these files – put there by hand of by unzipping an archive – and have each file processed that way. I’ve taken a decision to mark each final output file by the date it is created, and once created (if not existing) it will be extended with each SYSLOGD file that is processed.
This works fine now – next is the extraction of the same data from the PMAS logfiles, but IIRC, that has been done already, I just have to look fro them; otherwise, it is not a lot of work to do the same for these files. The same applies to the web-server access logfiles: Create a procedure that can handle one, and I’m done (just add a wrapper that passes the filename of the file to be processed.).
And, of course, a program to store this data into a database, a program to analyze the data, and one to update the firewall accoringly.
License!!!
A few days ago, I found out – by accident – that the PMAS license expires tomorrow. I sent a request for a new license to the address I know exsists for that type of message – but it bounced. Next, I sent it to the address of Hunter Goatley – who’s in charge of the hobbyist licenses – and that bounced as well. So I sent it to the support desk of Process Software, but since I have a free license, they couldn’t help me; in stead they passed another address – which bounced also, so I was advised to contact Hunter directly – which didn’t bounce for the next hour. So it is likely to arrive; hopefully Hunter is not on holiday, and the license arrives is time – or I’ll be buried under all the messages that PMAS is now blocking ro rejecting…Fingers crossed….