-
until earlier this week the Pay Per view Function worked without any flaws. Today i uploaded a new video ( Fv player Prowith vimeo hosting) and adding just the new video works as it does create a new entry into FV Player Videos but when i try to add a pay per view to that video with a preview i get Error please try again later and it wont allow me to add a pay per view.
It worked fine for last two years, licenses are active, so im really clueless what is causing this error. Downloaded all the updates as well, so all plugins do have latest versions.
-
-
Hello turbokingspoker,
Thanks for reaching out to us!
Does the error appear right in the FV Player editor when you try to insert preview video into the post? Does your old PPV protected videos work fine?
Thanks,
Juraj
yes the error appears right in the FV PLayer editor, and all existing PPV seem to work fine.
here is a screenshot of it:
it allows me to input a preview video and when i close out, the preview video address stays in, but the moment i add a rental price and buy price, and click on update the error message appears and the PPV is not added to easy digitial downloads. https://gyazo.com/04a7d967cd16fae64fc42d8864741545
Hello turbokingspoker,
please let us know what Easy Digital Downloads version you are using. I didn’t run into the issue when using 2.9.23 which is the latest version on https://wordpress.org/plugins/easy-digital-downloads/
Please also try to open your browser developer console (here’s how https://foliovision.com/player/troubleshooting/javascript-browser-console), then try to add a new player with the PayPerView information filled in and see if any error appears on the console.
Please also try to install this plugin: https://wordpress.org/plugins/error-log-monitor/ Then repeat that PayPerView creation process and see if any error appears in it.
You can also check PHP error logs directly on the server. If you are not sure about it, the server technical support should be able to give you a hand.
Thanks,
Martin
Hey Martin,
the EDD version is the newest one: 2.9.23
here is a screenshot of the console when trying to add PPV.
https://gyazo.com/3f6d484219d87111889db878a2e97ffd
Hello turbokingspoker,
please check these PHP error logs too.
You can also open the Network tab of the browser developer tools, clear the log, then try to save a new FV Player with the Pay Per View tab details filled in like on your screenshot here: https://gyazo.com/04a7d967cd16fae64fc42d8864741545
Then there should be a new admin-ajax.php call added to the Network tab which you need to check – see attached image. There might be multiple admin-ajax.php requests, but one of them will have “action” set to “ppv_create”.
But it’s likely that it will just show with that HTTP 403 error and you will have to check the PHP error logs to find the cause.
Thanks,
Martin
Hey Martin,
so when trying to add the PPV these 4 lines are added to the error logs:
2020-08-06 06:40:59.055657 [NOTICE] [118180] [45.77.143.47:47738-3#APVH_turbokingspoker.com:443] mod_security rule [id "2500182"] at [/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf:1926] triggered! [Thu Aug 6 06:40:59 2020] [error] [client 92.206.220.247] ModSecurity: Access denied with code 403, [Rule: 'ARGS:'/post[[:space:]_.[]id/'' '@rx [^0-9]'] [id "2500182"] [msg "SLR: WordPress Plugin SRS Simple Hits Counter <= 1.0.4 Unauthenticated Blind SQLi CVE-2020-5766"] [severity "CRITICAL"] [tag "CVE-2020-5766"] [tag "platform-multi"] [tag "attack-sqli"] [tag "language-php"] [tag "application-WordPress"] [tag "https://wpvulndb.com/vulnerabilities/10316"] 2020-08-06 06:40:59.055691 [NOTICE] [118180] [45.77.143.47:47738-3#APVH_turbokingspoker.com:443] Content len: 125, Request line: 'POST /wp-admin/admin-ajax.php?_fs_blog_admin=true HTTP/1.1' 2020-08-06 06:40:59.055694 [INFO] [118180] [45.77.143.47:47738-3#APVH_turbokingspoker.com:443] Cookie len: 595, wordpress_sec_dca4d6ca06f7173b678cb500abd44563=Spades%7C1597071751%7CMoIRCNJLth6YXw2CgnkNyCElmD6GCVLAp2qdV2aUoDs%7Cdf1bca9797b45641eedc965f0090eb06d89c9ba0600ed83979a68b9aab5ac18c; tk_ai=jetpack%3AuUh1nicSBX93%2B53W0xnMLUcl; wp-settings-1=libraryContent%3Dbrowse%26editor%3Dtinymce; wp-settings-time-1=1595530592; wordpress_logged_in_dca4d6ca06f7173b678cb500abd44563=Spades%7C1597071751%7CMoIRCNJLth6YXw2CgnkNyCElmD6GCVLAp2qdV2aUoDs%7Caf8cece5c55775670e1720be86091dcb4f73a6d8a35deaff9f79f5985dbd4d1a; tk_ai=woo%3A%2By2gWctQBdoOkiWn%2B3RC9%2BI9; PHPSESSID=oagt0ogginsfi3bks3krjkhjgv; wpx_logged=1
Hey Martin, talked to our host, and the php error was caused by something server side. They whitelisted the process so it doesnt get blocked and now works like a charm again.
Thanks for all your help. Much appreciated.
Topic can be closed as solved.
Hello turbokingspoker,
thank you for posting all the details.
It seems your web host is using mod_security with a rule which is trying to avoid SQL injection in the SRS Simple Hits Counter plugin (more details on tenable.com). But the rule seems to be quite simple and anytime it sees a post_id argument in the request it’s blocked.
Thanks,
Martin
