Last post 2 hours 50 min ago

Posts last week 128

Average response time last week 28 min

All time posts 70381

All time tickets 10863

All time avg. posts per day 20

Helpdesk is open from Monday through Friday CET

Please create an (free) account to post any question in the support area.

Please check the development versions area. Look at the changelog, maybe your specific problem has been resolved already!

All tickets are private and they cannot be viewed by anyone. We have made public only a few tickets that we found helpful, after removing private information from them.

#8455 – Triggered Security Issue?

Posted in ‘4SEO’

This is a public ticket. Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Thursday, 20 January 2022 19:33 UTC

dalendesign

Hi,

We just installed the 4SEO plugin on my client's site - [redacted].biz

Today their security scanning service through GoDaddy triggered a warning that our site might be hacked and not sure if related, or if the extension file triggered something in the scan etc.

Has this happened before, or is there a setting we need to change to fix this (unless maybe the site is actually compromised)

Here is the message:

Security Warning

http://[redacted].biz

Details:

*Site error detected.:https://www.[redacted].biz/404testpage4525d2fdc

Internal Server Error

Details: http://labs.sucuri.net/db/malware/warning.500_internal_error?1

Our automated scan was unable to run on some page of your website. If you believe your website has been hacked,contact us for a complete scan and guaranteed malware removal.

Thanks,
Jessica

Thursday, 20 January 2022 19:39 UTC

wb_weeblr

Per the message, the scanner is only signalling that it got an error when trying to load (on purpose, for testing) a 404 page (https://www.[redacted].biz/404testpage4525d2fdc).

So there's nothing security-related here, however it does mean your 404 error page is not working, which you can see for yourself by loading any non-existing page:

I would suggest you go to Joomla configuration and:

- set Debug system to Yes

- set Gzip to No (note the current value before chaning it, so that you can set it back to what it was)

- set Erorr reporting to Yes

Then load again any non-existing page: you will still get an error but hopefully with a much more detailed error message. Copy/paste absolutely all the message, this will tell us which extension is causing the problem.

Best regards

Yannick Gaultier

weeblr.com / @weeblr

Friday, 21 January 2022 09:05 UTC

wb_weeblr

Hi Jessica,

I am copying your email reply here, please strictly only use this support helpdesk for any communication with us, we do not respond to email requests and you will delay response by using email.

Here is the full error:

Fatal error: Uncaught Error: Class 'JSNPagebuilderHelpersElements' not found in /home/biceranopolymer/public_html/plugins/system/pagebuilder/pagebuilder.php:239Stack trace: #0 /home/biceranopolymer/public_html/libraries/joomla/event/event.php(70): plgSystemPagebuilder->onAfterRender() #1 /home/biceranopolymer/public_html/libraries/joomla/event/dispatcher.php(160): JEvent->update(Array) #2 /home/biceranopolymer/public_html/libraries/src/Application/BaseApplication.php(108): JEventDispatcher->trigger('onafterrender', Array) #3 /home/biceranopolymer/public_html/plugins/system/forseo/platform/helpers/errorpages/j3renderer.php(142): Joomla\CMS\Application\BaseApplication->triggerEvent('onAfterRender') #4 /home/biceranopolymer/public_html/plugins/system/forseo/platform/helpers/errorpages/renderer.php(102): Weeblr\Forseo\Platform\Helpers\Errorpages\J3renderer->renderDocument(Object(Weeblr\Forseo\Data\Rule), Object(Weeblr\Wblib\V_FORSEO_1438\Customerror\Fatal), Array) #5 /home/biceranopolymer/public_html/plugins/system/forseo/ve in /home/biceranopolymer/public_html/plugins/system/pagebuilder/pagebuilder.php on line 239

And we took this site quite a few years after it was built by another company and looks like site is using some Joomlashine extensions or builder and need to figure out fix for those since that company is no longer in existance / supporting their extensions.

Is that what you can see from this error as well? that there is an issue with pagebuilder and maybe this is partly behind the security issue?

Friday, 21 January 2022 09:10 UTC

wb_weeblr

So yes, the error is happening in your JSN page builder:

Fatal error: Uncaught Error: Class 'JSNPagebuilderHelpersElements' not found in /home/biceranopolymer/public_html/plugins/system/pagebuilder/pagebuilder.php:239

I can't say much about that of course, and I know that Joomlashine being gone, it's likely a bit hard to have these fixed.

As the error is likely happening because the Page builder is doing something it should not in the context of 4SEO custom 404 error pages, I'd suggest to disable the 4SEO error pages until you can have this fixed by somebody or you move to another system.

You can disable the error pages by going to Errors | Error pages and disable the 2 rules that should be there:

Just disable them with the Disable button. Do not delete them, you may want them back later on.

Then test by loading and non-existing page from your site in your browser. You should have your regular 404 error page.

Once done, you may also explore whether the pagebuilder or your template has an "404" error page custom handling and maybe it's possible to disable it? if so, enable back 4SEO Error pages rules after disabling the JSN ones and see if the problem goes away.

Best regards

Yannick Gaultier

weeblr.com / @weeblr

Monday, 21 February 2022 05:34 UTC

system

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

This ticket is closed, therefore read-only. You can no longer reply to it. If you need to provide more information, please open a new ticket and mention this ticket's number.