Please report bugs and any annoyances here. Kindly include all possible details: steps to reproduce, expected result, actual result, screenshots, ... etc.
-
pasbonte
- Veteran Member
- Posts: 139
- Joined: 2013-02-06 09:49
Post
by pasbonte » 2023-03-23 07:17
Good morning
I installed the 23.10, and I try the upload but despite everything in green it does not work... any idea?
That said, very interesting function!
- upload1.png (24.15 KiB) Viewed 1386 times
- upload2.png (21.47 KiB) Viewed 1384 times
- upload3.png (41.3 KiB) Viewed 1384 times
-
pasbonte
- Veteran Member
- Posts: 139
- Joined: 2013-02-06 09:49
Post
by pasbonte » 2023-03-24 13:15
My certificat SSL is good
- Capture d’écran 2023-03-24 141422.png (100.17 KiB) Viewed 1324 times
- Capture d’écran 2023-03-24 141549.png (14.85 KiB) Viewed 1324 times
-
pasbonte
- Veteran Member
- Posts: 139
- Joined: 2013-02-06 09:49
Post
by pasbonte » 2023-03-27 13:44
Hello
Installing version 23.11 and still not possible
- appgini 23.11.png (48.69 KiB) Viewed 1248 times
-
peebee
- AppGini Super Hero
- Posts: 348
- Joined: 2013-03-21 04:37
Post
by peebee » 2023-03-27 23:11
I haven't upgraded yet so I haven't even seen or tried the new App Uploader function but the error message you are receiving appears very evident.
So, possibly an obvious question and no offence intended but.....have you checked that the key in 'file-uploader.php' that is currently on the server matches the key that is showing in the app? The key was possibly changed in the app but the key in the file on the server remains the same unless replaced (and now they don't match)?
"Please manually upload the generated 'file-uploader.php' and retry" - I am presuming you have done that?
-
D Oliveira
- AppGini Super Hero
- Posts: 337
- Joined: 2018-03-04 09:30
- Location: Orlando, FL
Post
by D Oliveira » 2023-03-27 23:51
Even though this feature looks cool I would suggest to keep version control with git in place and automate the server to sync w/ master. Production environments should not get files replaced without a viable backup/rollback option in place. With that being said, I have not yet updated to the latest appgini version and maybe this was addressed in the script but keep in mind you have different options to create similar functionality.
-
jfischer
- Posts: 19
- Joined: 2022-11-19 16:07
- Location: Austria
-
Contact:
Post
by jfischer » 2023-03-28 10:55
Hello pasbonte
Turn off your antivirus and it should work. For me, Kaspersky closed, stopped protection and it works.
Greetings Joseph
-
Marcelo Vitoria
- Veteran Member
- Posts: 51
- Joined: 2016-10-11 12:08
Post
by Marcelo Vitoria » 2023-03-28 22:56
Ask the site admin to disable the Firewall in rule 933110 (Modsecurity) otherwise the panel will block your IP and the FileUploader will not work.
install AppGini 23.11
Generate the project files again after placing the domain that will be saved in AppGini
With regular FTP, first upload the file-uploader.php to your server.
Once this is done, FileUploader should work correctly, however, in my opinion much slower than sending via conventional FTP
Good luck
-
peebee
- AppGini Super Hero
- Posts: 348
- Joined: 2013-03-21 04:37
Post
by peebee » 2023-03-29 03:17
With respect Marcelo, if you want to use the new Appgini file uploader function and If ModSecurity is the problem, disabling Rule 933110 is possibly not the best solution unless you really have no other alternative:
OWASP Core Security Rule Severity = Critical
"PHP Injection Attack: PHP Script File Upload Found"
https://github.com/SpiderLabs/owasp-mod ... P.conf#L68
If you scroll down on this page below, you'll find Ahmed has included a safe fix to override ModSecurity for the one file-uploader.php file (assuming you have access):
https://bigprof.com/appgini/help/application-uploader
-
pasbonte
- Veteran Member
- Posts: 139
- Joined: 2013-02-06 09:49
Post
by pasbonte » 2023-03-29 07:44
Good morning
I went through the supplier's WEB-FTP by downloading the fil-load.php file and there, miraculously, it works, so it's more my FILEZILLA software that is causing problems, why? I don't know, I did the same manipulation on two different sites.
Before I had tried to remove the antivirus, but it was not that.
-
Marcelo Vitoria
- Veteran Member
- Posts: 51
- Joined: 2016-10-11 12:08
Post
by Marcelo Vitoria » 2023-03-29 13:44
peebee wrote: ↑2023-03-29 03:17
With respect Marcelo, if you want to use the new Appgini file uploader function and If ModSecurity is the problem, disabling Rule 933110 is possibly not the best solution unless you really have no other alternative:
OWASP Core Security Rule Severity = Critical
"PHP Injection Attack: PHP Script File Upload Found"
https://github.com/SpiderLabs/owasp-mod ... P.conf#L68
If you scroll down on this page below, you'll find Ahmed has included a safe fix to override ModSecurity for the one file-uploader.php file (assuming you have access):
https://bigprof.com/appgini/help/application-uploader
Hi Peebee
This option works temporarily, my server blocked my ip when it was at 50% Uploader operation completed.
In terms of security, you're right, I'd rather go back to using FTP to send files manually than leave Modsecurity rules disabled and leave the site vulnerable to attacks.
Thanks for the tip
Best Regards
