I have an InterWorx server running for a few small web/e-mail customers.
Amid a simple DNS issue with our ISP not resolving any domains, we changed the nameserver’s in /etc/resolv.conf (CentOS 6).
Great, our websites and e-mails resume normally.
Following shortly after, checking on the hosted websites using WordPress on our InterWorx server, none will update or list plugin’s from wordpress.org.
Diagnosis:
-Checked and switched DNS/nameservers for hosting server. (Not nameservers for the websites, just for the hosting server)
-Able to resolve wordpress.org (66.155.40.250) but ping test times out.
-When connecting via telnet to wordpress.org from another IP, connected fine, when telnet from specified questionable IP to wordpress.org, connection times out.
-IP address is not blacklisted using MXToolbox search.
-Restarted services, tested with firewall disabled, no change.
-Add a few of wordpress.org?s IP?s to whitelist on firewall.
Further searching lead to the WordPress requirements of:
PHP 7 or greater
MySQL 5.6 or greater OR MariaDB 10.0 or greater
The mod_rewrite Apache module
HTTPS support
Currently my InterWorx version 5.1.52-1311 shows installed:
phpMyAdmin -> 4.0.10.17 (Current latest 4.7.3)
PHP -> 5.6.17 (Current latest 7.1.7)
MySQL -> 5.5.47 (Current latest 5.7.19)
:eek:
I checked the "Software Update" section of "Server" in InterWorx with no updates available. Is there a particular reason why it looks to be so outdated or if I should be updating it outside of InterWorx?
Thanks.
If your license is current (I.e allows you to update), then you could set your IW update to release candidate, which will give you the latest version, including multiPHP
If your license has expired for updates, you could buy a 6 month subscription from IW, and then update to latest versions
Lastly, as far as I know, word press should still install on earlier versions, certainly on PHP 5.6, as both PHP 5.6 and 7 are currently supported.
A warning over PHP 7.17, I do not think the ioncube loaders are available yet
Also, just in case your checking PHP from IW CP, webserver, phpinfo. This shows the IW php version and not the php used by Apache. To see Apache version of php, upload a phpinfo file into one of your siteworx accounts.
Finally, suPHP is outdated, not supported by suPHP, so the versions have changed to PHP-FPM, and the latest version of IW sets all new installs to PHP-FPM and not suPHP
I hope that helps a little but appreciate an update once you have resolved word press/IW issue
The licenses for IW are current. The WordPress sites are indeed still installed and updated through the version since 4.5 and have had no issues until recently.
I recall from another topic, pulling the PHP info from IW’s CP is just that, for IW’s CP. But good call, and the versions were pulled from a phpinfo.php file.
I don’t absolutely require the newest of the newest version of php/mysql, and understand IW has been great to keep things secure by using the most stable versions they believe work, but though WordPress is certainly a very common CMS to be installed and the minimum requirements would be easily met.
Another side note as WordPress.org tries to check for a possible block of one of my IP’s, wget has been updated to version 1.19 and cURL to 7.54.1 using city-fan.repo.
If I had a site that was exploited and caused wordpress.org to block my one IP, I could understand that, but I can’t find anything, nor do I believe there is really any issues with IW.
I’m pulling at straws here… hopefully WordPress will get back. Otherwise I will need to try and figure out how to change IP’s for IW’s mySQL software.
Thanks.
The MySQL should be either localhost or 127.0.0.1, unless you have set additional MySQL as the main MySQL, which you can do
I’m sorry, I am not fully understanding your issue, so will have a read and think a little, but are you saying you cannot install Wordpress even after updating to IW 6.0.5
In the past, when I would set a new siteworx account, I would manually upload the latest version of wordpress, configure the wp-config.php file to the specified MySQL server/account details as listed in their siteworx account.
During that time, I would enter in the exact server IP for the MySQL server (Same IW server) rather than 127.0.0.1 or localhost. *(Not sure why, but I did.) I have switched over a test account to localhost and of course the site still works as normal.
The ultimate issue is that I cannot ping any of wordpress.org’s IP addresses. (66.150.40.249, .250, .201, etc) This is done as a quick test as none of the wordpress sites I host can update. *(Wordpress and plugins can still be updated if done by ftp)
Error messages include:
“WordPress could not establish a secure connection to WordPress.org”
“RSS Error: WP HTTP Error: cURL error 28: Connection timed out after 10000 milliseconds”
“RSS Error: WP HTTP Error: cURL error 7: Failed to connect to planet.wordpress.org port 443: Connection timed out”
I have tested it for a very short time with iptables turned off, and it still cannot ping.
My guess is either:
Hi TechAlta
Many thanks, and sorry, I have tested the packet outbound filter on/off and it appears to make no difference to my curl/ping tests. Tested on 2 different IW servers - see below
I think I need to understand a little more, so if you ping wordpress.org, does it resolve to an IP (thinking it maybe a DNS issue here)
Many thanks
John
curl -I https://api.wordpress.org
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 27 Jul 2017 08:07:41 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Location: https://developer.wordpress.org/rest-api/
X-Frame-Options: SAMEORIGIN
ping wordpress.org
PING wordpress.org (66.155.40.250) 56(84) bytes of data.
64 bytes from 66.155.40.250: icmp_seq=1 ttl=50 time=181 ms
64 bytes from 66.155.40.250: icmp_seq=2 ttl=50 time=181 ms
64 bytes from 66.155.40.250: icmp_seq=3 ttl=50 time=181 ms
curl -I https://wordpress.org
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Jul 2017 08:08:50 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=360
X-Olaf:
X-Frame-Options: SAMEORIGIN
X-nc: HIT lax 249
SSL test
php -i | grep “SSL Version”
SSL Version => OpenSSL/1.0.1e
curl -sslv3 https://api.wordpress.org
Results:
curl -I https://api.wordpress.org
curl: (7) Failed to connect to api.wordpress.org port 443: Connection timed out
curl -I https://wordpress.org
curl: (7) Failed to connect to wordpress.org port 443: Connection timed out
php -i | grep “SSL Version”
SSL Version => OpenSSL/1.0.1e
PHP Warning: Unknown: It is not safe to rely on the system’s timezone settings. You are required to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone ‘UTC’ for now, but please set date.timezone to select your timezone. in Unknown on line 0
curl -sslv3 https://api.wordpress.org
I will correct that asap.
As for firewall, this IW server is running APF with iptables on Centos 6.9. (Pretty much a stock IW setup) Network connection is straight to the modem and no proxy. I did contact my ISP and was told there are absolutely no ports being blocked by them and that it is likely with our IW server.
I did read somewhere that having an SSL cert may cause this issue? (There is an SSL cert for the IW server, and one for a website it hosts with a separate IP) Would passing along the SSL Cipher Suite help? Both the IW site and the other site work fine with their SSL when I tested them with any of the online checks. Reverse DNS was also setup with our ISP for the two IW servers.
I understand what your saying, but passing ssl with curl most likely would not help, as it should already be set correctly (as long as it’s not using sslv3)
It could be an issue with curl perhaps, but I do not think so
The issue is a timeout waiting for a response from Wordpress.org
One thought, in your router/modem, as a test, could you try dmz the Iw server, which should bypass all firewall/routing on the modem/router and simply pass all incoming to the iw server.
Another test might be to test curl by trying to access another api site.
Checking on the sites again, everything has become resolved. All the WordPress sites can now update normally through their admin dashboards and the server can ping to wordpress.org. HTTPS is also working for gathering updates. No changes were made to the server. I can only assume that WordPress checked on their end for the IP address and unblocked it. Not a fun time and I still don’t know if there was a reason, or which site may have been at fault.
Thanks again John for all your help and keeping me in check with the various items that could have caused the problem from the start.
Check the PHP version you are using also test the server response, However, I was having the same issue with InterWorx but when I went through the guide and check it was an issue from WordPress SSL which I installed days ago.
