You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think there is a regression regarding #17589. When I run the system check, matomo requests the global.ini.php despite enable_required_directories_diagnostic is disabled. If I remember correctly, it worked when the option was first released in 4.6.0.
Expected Behavior
If I disable enable_required_directories_diagnostic, matomo should not use HTTP requests to check whether /config/global.ini.php is (not) accessible.
Current Behavior
I see two HTTP requests in the log leading to errors because /config/global.ini.php is not accessible (what's the goal), but this leads to the webhosting provider blocking my IP address after a few tries.
2022-03-18 11:17:51 Error 403 GET /config/global.ini.php HTTP/1.0
2022-03-18 11:17:51 Error 403 GET /config/global.ini.php HTTP/1.0
2022-03-18 11:17:51 Error AH01630: client denied by server configuration: /var/www/vhosts/example.com/subdomain.example.com/config/global.ini.php
2022-03-18 11:17:51 Error AH01630: client denied by server configuration: /var/www/vhosts/example.com/subdomain.example.com/config/global.ini.php
Possible Solution
Prevent these requests if enable_required_directories_diagnostic is disabled just like it was before.
Steps to Reproduce (for Bugs)
Disable enable_required_directories_diagnostic in config.ini.php
Run the system check
Look into the access log (of Apache) and find accesses to /config/global.ini.php
Context
Some webhosting providers IP ban hosts if they request files/directories that are forbidden using .htaccess (e.g. matmo's config files).
Your Environment
Matomo Version: 4.8.0
PHP Version: 7.4.28
Additionally installed plugins: -
The text was updated successfully, but these errors were encountered:
Hi @HCl-not-HCi, thanks for reporting this. It looks like the additional access rule checks for PHP-FPM added by #18398 are causing access requests to global.ini.php and not respecting the enable_required_directories_diagnostic config setting. I've created a PR to fix this.
bx80
added
Regression
Indicates a feature used to work in a certain way but it no longer does even though it should.
and removed
Potential Bug
Something that might be a bug, but needs validation and confirmation it can be reproduced.
labels
Mar 31, 2022
justinvelluppillai
changed the title
System check tries to request private directories again although disabled
System check - don't request private directories when disabled
May 9, 2022
I think there is a regression regarding #17589. When I run the system check, matomo requests the
global.ini.php
despiteenable_required_directories_diagnostic
is disabled. If I remember correctly, it worked when the option was first released in 4.6.0.Expected Behavior
If I disable
enable_required_directories_diagnostic
, matomo should not use HTTP requests to check whether/config/global.ini.php
is (not) accessible.Current Behavior
I see two HTTP requests in the log leading to errors because
/config/global.ini.php
is not accessible (what's the goal), but this leads to the webhosting provider blocking my IP address after a few tries.Possible Solution
Prevent these requests if
enable_required_directories_diagnostic
is disabled just like it was before.Steps to Reproduce (for Bugs)
enable_required_directories_diagnostic
inconfig.ini.php
/config/global.ini.php
Context
Some webhosting providers IP ban hosts if they request files/directories that are forbidden using .htaccess (e.g. matmo's config files).
Your Environment
The text was updated successfully, but these errors were encountered: