A A A
Forum Scope


Match



Forum Options



Min search length: 3 characters / Max search length: 84 characters
Forum Login
Lost password?
plugins-topic
Old PHP version
Avatar
Trevor Tymchuk

4 Posts
(Offline)
1
Dec 22, 2020 - 3:39 pm
Print

Hi there!

I just started using the Forum plugin, and really love it. However, on a few occasions I have been blocked by ModSecurity while making changes with it. According to my web host, the plugin is using a very old version of PHP that is no longer supported. Are there any plans to update it?

Thank you!

Avatar
SP Community Support

280 Posts
(Offline)
2
Dec 22, 2020 - 7:11 pm
Print

Hello:

The plugin does not control the PHP version used on your site – your WordPress host does.  The plugin requires version 7.0 of PHP and is compatible with PHP up to version 7.4.

Thanks.

Building out your membership site can be a lot of work. Easy Membership Sites has pre-configured all the Simple:Press plugins and tools you need to build a complete membership site in a fraction of the usual time. Check them out: Easy Membership Sites

Avatar
Trevor Tymchuk

4 Posts
(Offline)
3
Dec 22, 2020 - 9:58 pm
Print

Apparently, there is a line of code in the plugin that attempts to use an old version of PHP. The following is quoted from my web host:

 

“Looking at the cause of the block, you have a plugin that is attempting to use a version of PHP that is well over 2 years deprecated and past end of life. Resolving this issue itself would prevent further blocks while allowing mod_security to remain enabled and protecting your site.”

They also included this error message which cites simplepress:

[Tue Dec 22 14:53:42.211300 2020] [:error] [pid 13926:tid 47236583118592] [client 173.238.13.189:55751] [client 173.238.13.189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase “-C” at MATCHED_VAR. [file “/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf”] [line “19”] [id “220030”] [rev “9”] [msg “COMODO WAF: Vulnerability in PHP before 5.3.12 and 5.4.x before 5.4.2 (CVE-2012-1823)||hsjccforums.ca|F|2”] [severity “CRITICAL”] [tag “CWAF”] [tag “PHPGen”] [hostname “hsjccforums.ca”] [uri “/wp-content/plugins/simplepress/admin/resources/css/fonts/sp-admin.woff”] [unique_id “[email protected]”], referer: https://hsjccforums.ca/wp-content/plugins/simplepress/admin/resources/css/spa-menu.css?ver=6.6.1

Avatar
SP Community Support

280 Posts
(Offline)
4
Dec 22, 2020 - 10:49 pm
Print

Maybe I’m missing something but what in that error message they provided has to do with php or a specific version of php? 

Building out your membership site can be a lot of work. Easy Membership Sites has pre-configured all the Simple:Press plugins and tools you need to build a complete membership site in a fraction of the usual time. Check them out: Easy Membership Sites

Avatar
Trevor Tymchuk

4 Posts
(Offline)
5
Dec 22, 2020 - 11:02 pm
Print

My apologies. I’m certainly not an expert. I’m just conveying what I was told. I am looking though at the error message that cites simplepress and says that it’s trying to use an old version of PHP. “Vulnerability in PHP before 5.3.12 and 5.4.x before 5.4.2”

It does appear to point to a specific section of simplepress that is causing this – wp-content/plugins/simplepress/admin/resources/css/fonts/sp-admin.woff

I’m really just an end user, and I’m loving your product, except for this problem. 

Avatar
SP Community Support

280 Posts
(Offline)
6
Dec 22, 2020 - 11:56 pm
Print

Hi:

The only way that the “Vulnerability in PHP before 5.3.12 and 5.4.x before 5.4.2” message makes sense is if your site was actually running on those PHP versions.  If it is, that’s not a simple:press issue but a hosting issue.  More importantly, our minimum php version is 7.0 and there will certainly be other issues besides this one if you’re running on any PHP version prior to that.

The sp-admin.woff file is a font file, not a php file.

Hence, why I don’t understand the error message.  Frankly it sounds like either a false error or a mis-configuration in the PHP version on the WordPress site.

Thanks.

sp_Check
This post answers the topic

Building out your membership site can be a lot of work. Easy Membership Sites has pre-configured all the Simple:Press plugins and tools you need to build a complete membership site in a fraction of the usual time. Check them out: Easy Membership Sites

Avatar
Trevor Tymchuk

4 Posts
(Offline)
7
Dec 22, 2020 - 11:57 pm
Print

I appreciate the explanation. Thank you!

Forum Timezone: America/New_York
All RSSShow Stats
Administrators: Blues Dancer, Simple Press, SP Community Support
Top Posters:
Mr Papa: 19448
Ike: 2086
Brandon: 864
kvr28: 804
jim: 630
FidoSysop: 577
Conrad_Farlow: 531
fiddlerman: 358
Stefano Prete: 325
Newest Members:
James Smith
Martin Brothers
Arti Singh
Abdulaziz alghthbar
Tim Castillo
Kaspalita Thompson
Martin Kolář
Forum Stats:
Groups: 7
Forums: 17
Topics: 10059
Posts: 79348

 

Member Stats:
Guest Posters: 607
Members: 16900
Moderators: 0
Admins: 3

Most Users Ever Online
499
Currently Online
Guest(s)
21
Currently Browsing this Page

1 Guest(s)