Ralf Geschke's Replies

Forum Replies Created

Viewing 10 replies - 1 through 10 (of 10 total)

Forum: Plugins
In reply to: [BackWPup – WordPress Backup & Restore Plugin] FTP Passwords lost after system update
Thread Starter Ralf Geschke
(@geschke)

7 years ago
I think I found the reason. In the class BackWPup_Encryption_OpenSSL BackWPup tries to detect cipher methods of OpenSSL (method cipher_method() ) . This is later used to encrypt and decrypt all kinds of passwords in BackWPup. I tested the previous version (Ubuntu 18.04 image) vs. current version (Ubuntu 19.04 image). The Dockerfile to generate the image did not change, I’ve just set a new base image (FROM ubuntu:disco instead of ubuntu:bionic).

Here is the output of some tests of the 18.04 version:
```
root@dc48b862fbd2:/phptest# php -v
PHP 7.2.10-0ubuntu0.18.04.1 (cli) (built: Sep 13 2018 13:45:02) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.10-0ubuntu0.18.04.1, Copyright (c) 1999-2018, by Zend Technologies
```
```
root@dc48b862fbd2:/phptest# php -i | grep -i openssl
SSL Version => OpenSSL/1.1.0g
openssl
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.1.0g 2 Nov 2017
OpenSSL Header Version => OpenSSL 1.1.0g 2 Nov 2017
Openssl default config => /usr/lib/ssl/openssl.cnf
openssl.cafile => no value => no value
openssl.capath => no value => no value
Native OpenSSL support => enabled
```
So OpenSSL is enabled and should work.

Then I extracted the code fragment of cipher_method():

At first, a list of all cipher methods is created by openssl_get_cipher_methods(). After that, BackWPup tries to match one of three “preferred methods”:
```
$preferred = array( 'AES-256-CTR', 'AES-128-CTR', 'AES-192-CTR' );
```
If one of these methods, i.e. strings is found in the list, it will be returned and stored as class property.

With the above version the first found method is AES-256-CTR.

Now the results of the newer Ubuntu 19.04 image:
```
root@d894c15e6329:/phptest# php -v
PHP 7.2.17-0ubuntu0.19.04.1 (cli) (built: Apr 18 2019 18:01:25) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.17-0ubuntu0.19.04.1, Copyright (c) 1999-2018, by Zend Technologies
```
```
root@d894c15e6329:/phptest# php -i | grep -i openssl
SSL Version => OpenSSL/1.1.1b
libSSH Version => libssh/0.8.6/openssl/zlib
openssl
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.1.1b 26 Feb 2019
OpenSSL Header Version => OpenSSL 1.1.1b 26 Feb 2019
Openssl default config => /usr/lib/ssl/openssl.cnf
openssl.cafile => no value => no value
openssl.capath => no value => no value
Native OpenSSL support => enabled
```
OpenSSL is enabled again, the versions are updated, This seems ok again.

But when I run the test with this version, nothing is returned! None of the “preferred methods” is found.
In this case BackWPup uses the first cipher method found in the list – in my case it is “aes-128-cbc“.

So decrypting a password which was encrypted with a different cipher must go wrong.

The reason is that the upperclass versions of cipher names are missing. This is a known issue (or bug?) with OpenSSL 1.1.1, see https://www.php.net/manual/de/function.openssl-get-cipher-methods.php, first comment, and more on https://github.com/oerdnj/deb.sury.org/issues/990 and the referenced issues.

Maybe this helps if somebody runs into similar problems after updating OpenSSL.

Kind regards,
Ralf
Forum: Plugins
In reply to: [BackWPup – WordPress Backup & Restore Plugin] FTP Passwords lost after system update

Thread Starter Ralf Geschke
(@geschke)

7 years ago

@pothi Thank you for your nice comment! 🙂 And although this is off-topic, I’ve written an some articles about my installation (sorry, German only, maybe Google translate can help): https://www.kuerbis.org/2018/04/howto-wordpress-im-docker-swarm-mode-mit-nginx-proxy-auf-einem-host/

In the last section the update is described – the command is:
docker service update –image <name_of_new_image> <service_name>, e.g.
docker service update –image geschke/php-fpm-swrm geschkename_phpbackend_geschkename

If you have questions, don’t hesitate to drop me a mail or use the feedback formular on my website.

Kind regards,
Ralf

Forum: Plugins
In reply to: [BackWPup – WordPress Backup & Restore Plugin] FTP Passwords lost after system update

Thread Starter Ralf Geschke
(@geschke)

7 years ago

Hi @duongcuong96 !

No, the password was correct. Maybe I had to explain it better: The system was an Ubuntu 18.10 version, it ran successfully since several months – WordPress, the plugins and everything, especially BackWPup. I didn’t change the password in the BackWPup jobs (there were two jobs with two different FTP targets). The passwords were saved in the BackWPup configuration, and with the same passwords the login was successful in the last few months. But after the update they didn’t work anymore.

After entering the same passwords again, the logins were successful again. So I guess that password storage in BackWPup is dependent on the underlying system, some libraries or something else? Maybe because of encrypting the passwords?

@pothi Thanks for your remark, but I know the release cycle of LTS and normal versions, so please let me use the version I prefer. I have optimized the update process, it’s a one-liner with the help of Docker, and I like to use the latest libraries. It isn’t an enterprise deployment, so back to topic. 😉

Forum: Plugins
In reply to: [Contact Form 7] No need to change the reCaptcha version!

Ralf Geschke
(@geschke)

7 years, 5 months ago

I totally agree, please let the site admin decide to choose v2 or v3, I don’t want the badge on every page.

Thanks in advance.

Ralf

Forum: Plugins
In reply to: [Contact Form 7] reCAPTCHA v3

Ralf Geschke
(@geschke)

7 years, 5 months ago

Thanks for integrating ReCaptcha in the new v3 version. It seems to work (I had no problem by submitting my own feedback formular).

But now the ReCaptcha badge (logo with actions, bottom right) appears on every page on the site, not only on the feedback formular page. This is a little bit too much for me, I’m sorry. And it’s not necessary to include the JavaScript code on all pages. Would it be possible, or do you plan to change this behavior?

Thanks in advance,
Kind regards,
Ralf

Forum: Plugins
In reply to: [Contact Form Clean and Simple] reCAPTCHA v2

Ralf Geschke
(@geschke)

10 years, 11 months ago

Hello!

I’ve copied my modified version of the plugin to Github, have a look at https://github.com/geschke/clean-and-simple-contact-form-by-meg-nicholas
It is slightly modified, so the old reCAPTCHA code is still included, but maybe it could help you with migrating.

Kind regards,
Ralf

PS. I’m using it at https://www.kuerbis.org/feedback/

Forum: Plugins
In reply to: [Contact Form Clean and Simple] reCAPTCHA v2

Ralf Geschke
(@geschke)

11 years, 5 months ago

Hello!

I like the plugin as well, so I’ve modified the code to support the noCaptcha reCaptcha. Do you use Github or another public code repository for plugin development? If you’re interested, I could send you the modifications or create a pull request, maybe it’s easier to integrate the changed code lines.

You will find a demo on https://blog.kuerbis.org/feedback/ (please ignore the certificate errors, it’s a preliminary site and will move to the www address soon).

Kind regards,
Ralf

Forum: Themes and Templates
In reply to: [Tikva] Tikva Header Image
Theme Author Ralf Geschke
(@geschke)

11 years, 8 months ago
Hello!

Good news, I’ve uploaded a new version of the theme and it has passed the review some minutes ago.
- The page width bug is fixed
- I’ve added an option to modify the background color of the sidebar.
- Some improvements with header images: you can upload different images for different display sizes and change the resizing behaviour, just as described some posts before.
Hope you will like it!

Kind regards,
Ralf
Forum: Themes and Templates
In reply to: [Tikva] Tikva Header Image

Theme Author Ralf Geschke
(@geschke)

11 years, 8 months ago

Oh, this is interesting! Thanks for your feedback! Yes, I have an idea – it’s the “skip link” element. Very strange, I’m sorry, I will fix it in the next version.

Currently I’m implementing some improvements of the header image as described in my first post here. Please allow some days, I will work on this tomorrow and the next days again, so I think after the weekend I will submit the next version to the WordPress approval process.

If you are interested to test it before it will be approved by the reviewer team, I could send you the finished theme file per mail. Please contact via ralf (at) geschke (dot) net, or leave a comment (with your email address) at https://www.geschke.net/feedback/ .

Thanks again for your report here!

Kind regards,
Ralf

Forum: Themes and Templates
In reply to: [Tikva] Tikva Header Image

Theme Author Ralf Geschke
(@geschke)

11 years, 9 months ago

Hello!

Thanks for your feedback and answer! My test image has a width of 1115px, this fits the view in a wide browser screen.
But in the current version the image doesn’t resize or change when using a smaller browser window (or after resizing the browser).

There are some possible solutions:
1. Automatic resizing of the image.
Pro: The image fits in every browser width.
Contra: Maybe qualitiy issues?
2. The theme offers to upload a different image for every width (AFAIR there are three width steps)
Pro: Perfect quality in every case; different images could be used (think about a less height for smaller screens).
Contra: The images have to be created and uploaded.

Hmm… Maybe both solutions could be combined, i.e. do an automatically resize when no specialized image was uploaded… I can’t promise that I will find the time to do this in the next days, but I will create a task request for the next version.

Thanks again &
Kind regards,
Ralf

Viewing 10 replies - 1 through 10 (of 10 total)