-
Posts
364 -
Joined
-
Last visited
-
Days Won
13
Content Type
Profiles
Forums
Gallery
Downloads
Articles
Store
Blogs
Posts posted by Acer
-
-
Hehehe. Look, I asked 18+ hours ago. I think it's reasonable to do a follow up, to keep this post / thread alive.
If you want to make a comment, you can ask the team guys why they haven't bothered to reply?-
1
-
-
Can the team give us an update please?
@datakick @Traumflug @wakabayashi @lesley -
Hi
I'm sure many of us are wondering how Lesley is doing?
Can we have an update please?
-
1
-
-
-
Thanks @lesley and @Traumflug for the feedback here
And for the original DH42 email (Lesley) 😉 -
As @Traumflug mentioned, search for a folder with the name phpunit
if you find it, you can delete the phpunit folder and all its content.
Also, I think it's safe to assume that "upgraded PS 1.6 to TB sites" could be at risk here also. -
7 minutes ago, Traumflug said:
XML files aren't executable, so no threat.
Right, obviously. Lol... I think when something like this comes up, it's easy to panic automatically and risk not seeing things 100%.
To quote myself:QuoteOMG the search found PHPUnit! -> panic -> brain switches off -> survival mode -> just kill it!
😊
-
12 minutes ago, Traumflug said:
To find more candidates and confirm a safe state, search for folders with the name 'phpunit'.
If there are no folders, but the phpunit.xml file comes up?
vendor\greenlion\phpunit.xml
vendor\swiftmailer\phpunit.xml -
Ummm. I think the TB admin guys need to reply here pls...
Just doing a quick search on my local TB 1.1.0 install and I'm getting phpunit.xml in multiple locations.
@GotaborTry doing a search just for the file "phpunit.xml" and see if something comes up?
TB admins, some feedback pls? -
Hi
I've received a mail for DH42 about a new PrestaShop Security Vulnerability that affects all versions of PS.
Can you guys please inform us if this applies to TB?QuoteFriday afternoon we were alerted to a security issue affecting most PrestaShop versions. The issue centers around PrestaShop including PHPUnit in several modules that were either distributed through their API or with installations of PrestaShop. While the security issues are most present in the latest 1.7 versions of PrestaShop, it looks like all versions are affected.
This is the "more info" doc from PS
https://docs.google.com/document/d/1D76Lj93gw-XZ8GgV8UzK6Oi6u5qLxLDEsC2298Go-as/edit#heading=h.tjhj04l5p8kk-
2
-
-
Hi @rubben1985
Nope, as mentioned in this post, Panda+TB+LiteSpeed cache does not work together at the moment.
I've reached out to both developers (Panda+LiteSpeed) and they've mentioned that they would like to fix this eventually. However, as they are both pretty busy I'm not sure when this will be.
Will update this thread when I hear more. -
Just an update on this:
Awesomely, both @Jonny and Lauren from LiteSpeed have shown willingness to make TB Panda compatible with the LiteSpeed plugin! 😁
Big thanks in advance to both of them.
It now all depends on workload on their sides, as they are both currently focused on other projects.
Will update this post when I've heard of any progress.-
1
-
-
It's worth experimenting. But I'm not sure if it will work.
One thing that I did notice is that it caches the user name that is logged in (in the top bar, front-end, shop side).
So I'm not sure if telling LSCache to not cache the 'Login' module will stop this from happening.
Either way, I'm waiting to hear back from @Jonny and the plugin developer. -
Alas... 🤨 It appears we celebrated a bit too early on this one...
So my initial testing was done on a quick test site - and at first everything appeared to be working...
Unfortunately when I did testing with an actual production / Live site, I discovered it's actually not compatible.
LiteSpeed plugin caches the crap out of Panda. Stuff like user logged in, cart etc. are all cached.
Yes it's blazing fast - but it's not working.
Apparently Panda needs to be modified to handle LiteSpeed.I've reached out to the LiteSpeed plugin author and she appears to be willing - but has other priorities to wrap up first.
At the same time, I've reached out to @Jonny to check his willingness & availability. Will update this thread when I know more.Perhaps someone here has been able to make Panda compatible with LiteSpeed?
Bytw: A side benefit of being on a LiteSpeed server (even without the plugin), is that the server is natively faster than Apache/Nix.
Also, when you're on a LiteSpeed server, it comes with a modified and optimised LiteSpeed version of Memcached.
When this is enabled (both in PHP options and TB caching settings) you get a speed boost anyway. No, not 'light speed', but it certainly is close. -
Ok cool, will implement, thank you.
-
1 hour ago, dynambee said:
This is potentially a bad idea. You should check the data table in question
Perhaps you're right. However, I couldn't find the entry in question ('page') using phpMyAdmin (it's not in tb_meta).
So before I just added a new entry to the table, I refreshed - and all was good. Or so it seemed.
So should I add an entry to tb_meta table for 'page' or is it in another table somewhere? (I'm on 30Bz 1.1.0) -
Bytw: in my case (also a Panda issue), I did not have to implement the MySQL update. Just thought I'd let you know.
Just implemented the changes to Meta.php and problem went away. Thank you -
Hi Movieseals
Thanks for the feedback here. I've given it a shot and all appears to be working (the headers are reporting Litespeed as they should)
+ really fast page loads 😄Thanks again
-
Anyone here with the solution?
Not sure if this one is still being monitored or if I should make a new post? -
10 hours ago, Pedalman said:
I bought some years ago a module called: PrestaVaultMalware | Virus | Trojan Protection
by prestashopaddons.prestaheroes.com .
Pedalman, please update the link (I think it's linking to your shop).
This is exactly what I was interested in - will check it out, thanks!Any other suggestions guys?
-
Hi guys
I'm trying to install TB 1.1.0 on a new server, but I'm getting this error (Paypal, can't proceed with Next).
Installed TB 1.1.0 on two other different hosts, and this is the first time I'm seeing this...Following the instructions to modify ConfigurationTest + Configuration hasn't worked....
Can you please share instructions on how to quickly fix this?
As I see there's been a lot of activity on this post - not sure which is the solution / magic bullet?Thanks
-
Thanks for the reply. Are there any hardening tools available?
Like Akeeba admin tools - Joomla, Sucuri monitor - WordPress etc for TB / PS 1.6?
-
Please see original post. How do we prevent this, are there hardening tools or techniques available?
Also as there will likely be changes to files anyway as part of the course of normal development, as you say as well, the core updater will not be useful here. And checking manually is not practical...
Any suggestions, thoughts and ideas re this and 30Bz site security?
-
4 hours ago, movieseals said:
Just to be clear, are you using the Litespeed server Business edition? The module is useless without that version of the server. Open Litespeed (the free version) does not support the module.
The module works well right out of the box with TB for me, but I am using another third party theme, not Panda however. But from what I can tell, with Panda, you should not have any problems. You need to deactivate all the full page caches however in order to use the Litespeed module efficiently.Ok interesting. I think it the Business edition. The reason I'm asking is that apparently it only works with "the default theme + warehouse" and I've seen other TB guys ask on the Litespeed forums how to make it work...
Are you using Warehouse, or which theme?
Any news on Lesley?
in English
Posted · Edited by Theo
The reason is that he as come out and mentioned this himself (in the thread included below).
This comes from a genuine sense of caring and well-wishes from myself and it seems from others.
Unfortunately, it's now become awkward... All we wanted to know is how he is doing (not private specifics of course).
He happens to be a big part of TB... It's great that you guys are missing the point here...