Support Forum

Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
plugins-topic
Old PHP version
Avatar
Trevor Tymchuk
Rookie
Free Members
sp_UserOfflineSmall Offline
Dec 22, 2020 - 3:39 pm

Hi there!

I just started using the Forum plugin, and really love it. However, on a few occasions I have been blocked by ModSecurity while making changes with it. According to my web host, the plugin is using a very old version of PHP that is no longer supported. Are there any plans to update it?

Thank you!

Avatar
SP Community Support
SP Moderator
sp_UserOfflineSmall Offline
Dec 22, 2020 - 7:11 pm

Hello:

The plugin does not control the PHP version used on your site - your WordPress host does.  The plugin requires version 7.0 of PHP and is compatible with PHP up to version 7.4.

Thanks.

Avatar
Trevor Tymchuk
Rookie
Free Members
sp_UserOfflineSmall Offline
Dec 22, 2020 - 9:58 pm

Apparently, there is a line of code in the plugin that attempts to use an old version of PHP. The following is quoted from my web host:

 

"Looking at the cause of the block, you have a plugin that is attempting to use a version of PHP that is well over 2 years deprecated and past end of life. Resolving this issue itself would prevent further blocks while allowing mod_security to remain enabled and protecting your site."

They also included this error message which cites simplepress:

[Tue Dec 22 14:53:42.211300 2020] [:error] [pid 13926:tid 47236583118592] [client 173.238.13.189:55751] [client 173.238.13.189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "-C" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "19"] [id "220030"] [rev "9"] [msg "COMODO WAF: Vulnerability in PHP before 5.3.12 and 5.4.x before 5.4.2 (CVE-2012-1823)||hsjccforums.ca|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "hsjccforums.ca"] [uri "/wp-content/plugins/simplepress/admin/resources/css/fonts/sp-admin.woff"] [unique_id "X@JOxje0sSrLuCF8KIj3rwABEwY"], referer: https://hsjccforums.ca/wp-content/plugins/simplepress/admin/resources/css/spa-menu.css?ver=6.6.1

Avatar
SP Community Support
SP Moderator
sp_UserOfflineSmall Offline
Dec 22, 2020 - 10:49 pm

Maybe I'm missing something but what in that error message they provided has to do with php or a specific version of php? 

Avatar
Trevor Tymchuk
Rookie
Free Members
sp_UserOfflineSmall Offline
Dec 22, 2020 - 11:02 pm

My apologies. I'm certainly not an expert. I'm just conveying what I was told. I am looking though at the error message that cites simplepress and says that it's trying to use an old version of PHP. "Vulnerability in PHP before 5.3.12 and 5.4.x before 5.4.2"

It does appear to point to a specific section of simplepress that is causing this - wp-content/plugins/simplepress/admin/resources/css/fonts/sp-admin.woff

I'm really just an end user, and I'm loving your product, except for this problem. 

Avatar
SP Community Support
SP Moderator
sp_UserOfflineSmall Offline
Dec 22, 2020 - 11:56 pm

Hi:

The only way that the "Vulnerability in PHP before 5.3.12 and 5.4.x before 5.4.2" message makes sense is if your site was actually running on those PHP versions.  If it is, that's not a simple:press issue but a hosting issue.  More importantly, our minimum php version is 7.0 and there will certainly be other issues besides this one if you're running on any PHP version prior to that.

The sp-admin.woff file is a font file, not a php file.

Hence, why I don't understand the error message.  Frankly it sounds like either a false error or a mis-configuration in the PHP version on the WordPress site.

Thanks.

Avatar
Trevor Tymchuk
Rookie
Free Members
sp_UserOfflineSmall Offline
Dec 22, 2020 - 11:57 pm

I appreciate the explanation. Thank you!

Forum Timezone: Europe/Stockholm
Most Users Ever Online: 1170
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Mr Papa: 19448
Ike: 2086
Brandon: 864
kvr28: 804
jim: 643
FidoSysop: 577
Conrad_Farlow: 531
fiddlerman: 358
Stefano Prete: 325
Member Stats:
Guest Posters: 616
Members: 17343
Moderators: 0
Admins: 4
Forum Stats:
Groups: 7
Forums: 17
Topics: 10117
Posts: 79590