error_reporting() has been disabled for security reasons - codeigniter

I made a project in the codeigniter framework and uploaded it to a host, the hoster said the site was filling the logfiles of the server pretty fast.
So I checked the error log and for every request i get:
error_reporting() has been disabled for security reasons /index.php on line 36
set_error_handler() has been disabled for security reasons /system/core/CodeIgniter.php on line 72
I asked the host if he could turn on these options because codeigniter needs them for its error handling, but they replied with that i will have to edit my code to disable these functions on their server.
I don't want to edit core files of codeigniter, and i don't really get why it is disabled. Do any of you know an easy solution to fix this error, or some arguments to tell the hoster to change this setting for me?

The reason that the error_reporting feature may be disabled by a web host is to prevent faulty PHP programs from outputting crash messages to the end user that could be used by a hacker to work out how to gain access to the server. PHP crash messages contain a number of details that may be useful to hackers, including directory paths and information about the framework software being used.
It is generally considered good practice to disable error reporting for a production site, so that these messages to not get shown to end users. Switch it on for development, and off for production.
This explains why your host has disabled it.
As for how to prevent the "error reporting disabled" messages going into the log: Well, unfortunately, you can't, unless you edit the code to remove the references to error_reporting.
The CodeIgniter manual contains this page: http://ellislab.com/codeigniter/user-guide/general/errors.html
On this page, it states that the error_reporting code is in index.php, and they encourage you to edit it to stop it reporting errors once your code is in production.
In other words, CodeIgniter says: "please do change this". So don't worry about not wanting to change the core files (index.php isn't really a core file anyway).

Related

Is there a way to customize the Heroku internal server error page?

So, Heroku has some very limited documentation on how to customize error pages but I haven’t found documentation on how to modify the internal server error page. I would like to show a custom page so users at least get some guidance on why their query did not work properly. The internal server error is extremely ambiguous.
Here is an example of what the internal server error page currently looks like on my Heroku app…
The pages displayed to your users when the application encounters a system error or is placed in the maintenance state can be customized. Customizing these pages allows you to present a more consistent UI to your users.
Create and store the custom pages
Create your custom pages as static HTML. You may wish to use the default HTML served by Heroku as a template:
https://www.herokucdn.com/error-pages/application-error.html
https://www.herokucdn.com/error-pages/no-such-app.html
https://www.herokucdn.com/error-pages/maintenance-mode.html
https://www.herokucdn.com/error-pages/ssl-cert-error.html
You can reference images or CSS from the HTML as long as you use relative paths (for example, ) and you upload the other assets into the same place as the HTML.
You can host the pages anywhere that can serve web pages. It recommends uploading to Amazon S3. If you use S3, don’t forget to set the HTML and all assets to be publicly readable.
Configure your application
Set the ERROR_PAGE_URL and MAINTENANCE_PAGE_URL config vars to the publicly accessible URLs of your custom pages:
heroku config:set \
ERROR_PAGE_URL=//s3.amazonaws.com/<your_bucket>/your_error_page.html \
MAINTENANCE_PAGE_URL=//s3.amazonaws.com/<your_bucket>/your_maintenance_page.html
Refer this page : https://devcenter.heroku.com/articles/error-pages
Instead of trying to make a custom page for my first issue, I used programming logic to give user errors to preempt problems related to Heroku's Internal Server Error page when my application did not run appropriately. I highly suggest you think deeply before employing this method, as it could confuse users. The Heroku Internal Server Error page is an either-or reason code. While you know (as the programmer) only one reason code applies, since you've preempted the problem with logic, the user won't assume that. For me, it was better than the alternative - which was to leave it completely ambiguous. At least, I can give users some feedback.

Joomla Contact Form not receiving emails

I have a contact form and it worked well last November. But days after I did an extension update of "JCH optimized" and "sourcerersLab", the contact form isn't working: there is inconsistency, sometimes it sends but sometimes it does not.
I test the extension update first in my test environment site, and no problem occurred. But when I execute the update on the production site, the contact form doesn't send email. It is so difficult to duplicate the error in the test environment, and it didn't get the same error.
I already checked the Global Configuration >> Mail Settings are set correctly, and have tried PHP mail, sendmail and SMTP, and they are all working fine.
After I read this article, that stated, "sometimes JCH Optimize extension' stuff breaks without noticing right away, and the possible issues can be the Contact Forms are not working."
Reference Link : https://joomlaseo.com/seo-extensions/jch-optimize
I tried to disable the minify JS and CSS area in the extension of JCH Optimized, but still it didn't work. Also tried to disable the whole plugin and delete the cache, also didn't help.
Other things I noticed that when I turn it to offline:
the contact form working well. I received the emails on the messages
sent during site offline.
there is success and error message displayed.
But when it is returned online:
- the contact form doesn't work again.
- And there is no error message when I send message in contact form, even success message.
I am not sure if there is error that has not been caught or what?
My Joomla version: 3.6.4
Can anybody help me?
It seems that one of the updates has caused some JavaScript conflicts (maybe updated some libraries, included some additional libraries, etc...).
Do the following: Check the console log in Chrome after visiting the contact us page, and address all the errors there (press Submit on the contact us as this may generate additional errors).

Magento module admin 404 after move to a new server

I've been devolving several Magento modules on a Mac's local Apache server. Lately, I've moved the modules to a new Magento install on a new server. My problem is that all but one is 404-ing when I'm trying to load their admin pages. I can't find any reason why this one module works and the others don't even try to load pages. Most if the code is very similar from one to the next. Also, the 404 pages are not helpful and there are no exception or log entries to help me. These all work on the old server, and although some of the code has bad/old links that need to be fixed, and those generate errors I see no reason they aren't trying to load pages and generating errors.
I think the configs work, because I get the admin menu. Since the layouts have nothing concerning the front part of URL's, I see no reason for the problem to be them, either. I could post code, but I have no idea what to post that could be causing this.
I would greatly appreciate any insight that could be causing this.
When i devolve modules on windows and send to Linux, sometimes forget and make some thing on capital letter and others on lowcase, windows isn't case sensitive on this case, but linux is. maybe is the same on Macs / Linux

Blank page on Azure

I have an application running in Azure (trial account). So far so good, everything has been nice, except for a long deploy times (10-15 minutes).
I've done a deploy recently and got a lot of weird bugs I cannot trace. For example, if I log in and thus a cookie is created (I use FormsAuthentication) all I get from the application is a blank page, as in, absolutely nothing is sent to the browser. The application works fine in the ASP.NET Web Dev Server, IIS Express, even the Azure Emulator!
What could be the issue? Searching the web hasn't been much help, with only a couple of unrelated issues.
I tried logging into the site (if I correctly understood from one if the comments, the url is versulo.com) and I didn't get any blank page with 404 status code.
However, there is another problem I spotted. Your site seems to be implementing caching inappropriately. The main page, the one from which you trigger the login and which is dynamic in nature contains an Expires header set at 5 minutes after the pages first load. That means that each call or redirect to that page within 5 minutes since it was first loaded, will be served from the browser's cache.
Because of that, after I login into your application I am redirected back to the home page which looks like I am not logged in. If I force a F5 refresh on the browser, then the page will indeed show me as logged in.
If instead of a refresh I try to login again (which is what I did in my first trials, since it looked like the login didn't work in the first time), I am getting an error page with the following message:
Sorry, there has been an error on the server.
500
The page looks like an application error page and even if it displays the 500 number, it is actually served with an HTTP 200.
So, while I am not 100% sure if this is also the cause of the problem described by you, you should remove the Expires headers from the dynamic pages your application is serving.
This can be because you're combining Forms Authentication with multiple instances. Are you using multiple instances? If that's the case, could you:
Try to change it to 1 instance. Does this fix the issue?
Try to make the following change to the web.config (configure machineKey): http://msdn.microsoft.com/en-us/library/ff649308.aspx
some partial views are not rendered at all;
Do you mean some pages are working fine, but others are not? It would be better if you can point out a pattern on what’s working and what’s not? For now, please make sure all referenced assemblies (except for default .NET assemblies and Windows Azure runtime) have Copy Local set to true. For example, MVC assemblies are considered as extensions to .NET, so please set Copy Local to true. In addition, you can also try to use Fiddler to monitor the requests to see what’s returned from the server.
Best Regards,
Ming Xu.
Could you provide a link to the application, or perhaps some source code?
When you say 'blank page', what is actually returned, a 404 / 500?
Have you inspected the IIS logs, or added some trace information to your code?
Have you tried accessing the service using it's ip address rather than domain name?

Joomla Mailto Component unable to send mails occassionally

Greetings,
I will certainly hope someone will be able to provide some enlightenment to my problem.
Currently, I have 2 joomla sites, layout and menus are a replicate of the other.
I noticed that on both Joomla, I will occasionally encounter "Unable to send mail" after a form submission.
Is this the fault of my server, or the fault of Joomla's PHP Mailer ? I will certainly love to approach my hosting company for a solution but I do not want to place a false accusation on them.
By default, Joomla will use PHP's mail() function, although you can set it to use other methods (sendmail, SMTP) in the Global Configuration on the Server tab.
The best way to test this would be to set up a small PHP script that sends a message through mail(). Next time you see the message, try running the small script and see if that one fails as well.
I personally preffer using an SMTP server for mailing purpose. I guess your hosting company has provided something like smtp.yourdomain.com
You may use it.
Else, you can use the gmail server smtp.gmail.com
It wont disappoint you for sure.

Resources