[SAC] [OSGeo] #2821: Logging into www.osgeo.org is broken
OSGeo
trac_osgeo at osgeo.org
Tue Oct 4 13:13:13 PDT 2022
#2821: Logging into www.osgeo.org is broken
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution: fixed
Keywords: |
---------------------------+----------------------------------------
Changes (by robe):
* status: new => closed
* resolution: => fixed
Comment:
I think I have this issue fixed. I assume it might have been auto-update
of the WP All in one Security that went hay-wire.
Along the way I did change the proxy setting, changed
I revised the www.osgeo.org-common.conf
added these lines, could I couldn't find them before
{{{
RemoteIPHeader X-Real-IP
RemoteIPInternalProxy nginx.lxd
ErrorLog ${APACHE_LOG_DIR}/www.osgeo.org-error.log
CustomLog ${APACHE_LOG_DIR}/www.osgeo.org-access.log combined
}}}
Cause I couldn't find the proxy setting anywhere else, though it looked
like wordpress was picking up ips of prior.
and changed logging format in /etc/apache2/apache.conf
{{{
#LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%a %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-
Agent}i\"" combined
}}}
All those changes I thought had fixed, but then I couldn't log in again on
another pc I tried , so might have been a coincidence that the lockout
period was over.
So while I was in on one pc, I disabled all the lockout of the WP-All
Security plugin and was then able to log into another pc.
I think I've reenabled most of them, but before doing that, I did a patch
updates of wordpress to 6.0.2 and updates of all the plugins. Before it
was 6.0.1
So sad conclusion, it seems fixed but not absolutely sure why. Possible
reasons I can think
1) Proxy wasn't properly set and perhaps auto update of security caught
this and went into panick
2) Something about auto update of security, was incompatible with the
6.0.1 we were running, causing it to go into panic mode
3) It really isn't fixed and I actually did not renable it as I thought
4) It isn't fixed and I renabled it so we should get a lock out again
soon.
I'm gong to close and assume it is fixed and someone can reopen if they
have issues.
I'll monitor the security logs to see if it picks up anything. I do see
logs of people logging in and active sessions.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2821#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
More information about the Sac
mailing list