Http error 500

Réduire
X
 
  • Filtrer
  • Heure
  • Afficher
Tout effacer
nouveaux messages

  • [RÉGLÉ] Http error 500

    Bonjour à tous,

    je suis entrain de m'arracher le peu de cheveux qu'il me reste avec cette erreur:

    HTTP ERROR 500

    En effet sur certaines pages de mon site, que ce soit en front ou back office cette erreur récurrente apparaît.

    site: www.pierbiau.com
    hebergeur: ovh
    version joomla: 3.6.2
    aesecure à jour installé

    Voici les démarches que j'ai effectué:
    - désactivation aesecure
    - renommer tous les htaccess
    - changer les droits des fichiers dossiers
    - suivi tuto d'ovh concernant cette erreur
    - restaurer backup faite quand tout fonctionnait
    - contacter ovh qui me dit ceci:
    Bonjour Monsieur,

    Ce type d'erreur n'est pas liée à votre hébergement mais directement au code
    qui compose votre site et ne dépend donc de notre support. Toutefois il me
    semble que celle-ci est notamment dû aux réécritures d'Url qui ne semblent pas
    actives. Je vous invite à investiguer avec le support Joomla en ce sens.

    Je reste à votre disposition pour toute demande complémentaire.
    Cordialement,
    Un peu d'aide de la communauté serait la bienvenue.

    Merci d'avance.

    Cordialement

    Christophe
    Dernière édition par Tigers à 20/08/2016, 16h01

  • #2
    Re : Http error 500

    Bonjour,

    L'erreur 500 correspond souvent à des erreurs dans les modules. Pour m'en sortir, j'active le "Rapports d'erreurs" (dans Configuration/Serveur) sur Maximum temporairement, sinon c'est vraiment bavard. Cela donne en général une idée du module/plugin qui fonctionne mal.

    Pascal
    If anything can go wrong, it will...If I can help, I will ..https://conseilgouz.com

    Commentaire


    • #3
      Re : Http error 500

      Bonjour,

      merci pour ce début de réponse,
      le soucis c'est que dès que je clique sur configuration bim "HTTP ERROR 500"
      possibilité à votre avis de l'activer autrement ?
      sinon comment désactiver les modules et les réactiver un à un via FTP ?

      Cordialement

      Christophe

      Commentaire


      • #4
        Re : Http error 500

        salut,
        juste une suggestion.

        qu'y a-t-il dans configuration.php, au niveau de :
        public $live_site
        ?
        Si tu as un truc du genre :
        public $live_site = "http://www.tonsite.com";
        Teste en virant : http://www.tonsite.com
        public $live_site = " ";
        Un message d’erreur sur votre site Joomla ... ayez le reflexe de consulter lla base de connaissance : https://kb.joomla.fr

        Ce forum, vous l'aimez ? il vous a sauvé la vie ? Vous y apprenez chaque jour ? Alors adhérez à l'AFUJ https://www.joomla.fr/association/adherer

        Commentaire


        • #5
          Re : Http error 500

          Bonjour

          Quel est le contenu actuel de ton fichier /.htaccess (celui à la racine du site) ?

          Et si tu as un fichier .ovh_config, quel en est le contenu ?
          Christophe (cavo789)
          Mon blog, on y parle Docker, PHP, WSL, Markdown et plein d'autres choses : https://www.avonture.be
          Logiciel gratuit de scan antivirus : https://github.com/cavo789/aesecure_quickscan (plus de 45.000 virus détectés, 700.000 fichiers sur liste blanche)​

          Commentaire


          • #6
            Re : Http error 500

            Envoyé par ghazal Voir le message
            salut,
            juste une suggestion.

            qu'y a-t-il dans configuration.php, au niveau de :

            ?
            Si tu as un truc du genre :

            Teste en virant : http://www.tonsite.com
            Bonjour,

            j'ai bien

            public $live_site = " ";

            Merci quand même...

            Commentaire


            • #7
              Re : Http error 500

              Bonjour,

              ovhconfig:

              app.engine=php
              app.engine.version=5.6
              http.firewall=none
              environment=production
              container.image=default_image

              htaccess:

              ################################################## ################################################

              #

              # aeSecure v2.1 (c) AVONTURE Christophe (http://www.aesecure.com/)

              #

              # !!! ---------------------------------------------------------------------------------------- !!!

              # !!! DON'T MODIFIY THIS FILE MANUALLY. IF YOU NEED TO ADD RULES IN IT, JUST USE YOUR !!!

              # !!! http://yoursite/aesecure/setup.php?YOUR_LONG_KEY PAGE INTERFACE AND GO TO OPTION 1.4 !!!

              # !!! "Manual edit of your .htaccess" !!!

              # !!! ---------------------------------------------------------------------------------------- !!!

              #

              # If the .htaccess file isn't working at all, check in your httpd.conf server file that

              # AllowOverride variable is not set on None and in that case change the settings to All

              #

              # So change "AllowOveridde None" to "AllowOverride All" (without double-quote). Restart then the Apache server.

              #

              ################################################## ################################################

              #aeSecure 1.1



              #AESECURE_BLOCKUSERAGENT_START

              #AESECURE_BLOCKUSERAGENT_END

              #AESECURE_BLOCKIP_START

              #AESECURE_BLOCKIP_END

              #AESECURE_BLOCKPARTURL_START

              #AESECURE_BLOCKPARTURL_END

              #AESECURE_BLOCKREFERRER_START

              #AESECURE_BLOCKREFERRER_END



              # Define the 403 - Access denied page

              ErrorDocument 403 '<html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" >body{color:#fff;background-color:#851507;font:14px/1.5 Helvetica,Arial,sans-serif};</style><title>Access denied</title></head><body><div style="margin:20px auto;width:700px;padding-top:50px"><img src="assets/images/aesecure_denied.png" style="float:right;" alt="aeSecure"/><h1>Access denied, unauthorized access.<br/><br/>If you think it\'s an error, please inform the webmaster to help him to adjust his security rules. Thank you.</h1><pre style="padding:20px;white-spacere-line;border-radius:10px;background-color:#b34334">Code : 403 - Deny access</pre></div></body></html>'



              # Force to mention index.html when trying to access f.i. to http://yoursite/images

              <IfModule mod_autoindex.c>

              IndexIgnore *



              ##

              # READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!

              #

              # The line just below this section: 'Options +FollowSymLinks' may cause problems

              # with some server configurations. It is required for use of mod_rewrite, but may already

              # be set by your server administrator in a way that dissallows changing it in

              # your .htaccess file. If using it causes your server to error out, comment it out (add # to

              # beginning of line), reload your site in your browser and test your sef url's. If they work,

              # it has been set by your server administrator and you do not need it set here.

              ##

              ## Can be commented out if causes errors, see notes above.

              Options +FollowSymLinks -Indexes

              </IfModule>



              # Define the default page ordering (first index.php if present, otherwise index.html)

              DirectoryIndex index.php index.html



              #AESECURE_MAINTENANCE_START

              #AESECURE_MAINTENANCE_END



              #AESECURE_COMPRESSION_START

              #AESECURE_COMPRESSION_END



              #Uncomment if want to force HTTPS and if your server can handle it

              #RewriteCond %{HTTPS} off

              #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}



              # -------------------------------------------------------------------------

              # -- Inclusion of the aeSecure Premium htaccess (only for Premium users) --



              # -------------------------------------------------------------------------



              # -------------------------------------------------------------------------

              # ----------------------------- Site security -----------------------------

              # -------------------------------------------------------------------------



              # Activate PHP 5.4 which is more secure than older version

              # Comment this line when php is no more executed but downloaded, it's the case on local webserver (localhost) or

              # when your hosting company doesn't support php 5.4 yet

              <IfModule mod_php5.c>

              #AddHandler application/x-httpd-php54 .php .php5 .php4 .php3.

              </IfModule>



              #AESECURE_FILEUPLOAD_START

              #AESECURE_FILEUPLOAD_END



              #AESECURE_ERRORREPORTING_START
              #aeSecure 1.3

              # Disable errors and warnings; don't allow the user to see them but redirect them into a logfile

              <IfModule mod_php5.c>

              php_flag display_errors off

              php_flag log_errors on

              php_value track_errors on

              php_value error_log aesecure/logs/error.log

              </IfModule>
              #AESECURE_ERRORREPORTING_END



              <IfModule mod_php5.c>



              # Be sure that these php.ini variables are correctly initialized

              php_value register_globals off



              # Disable magic_quotes (if not yet done in httpd.conf)

              php_flag magic_quotes_runtime off

              php_flag magic_quotes_sybase off



              # Set your default timezone.

              php_value date.timezone Europe/Brussels



              # Increase cookie security; reduce XSS attacks

              # http://www.php.net/manual/fr/session...ookie-httponly

              # CAUSE PROBLEM WITH AUTHENTIFICATION IN JOOMLA!® DON'T UNCOMMENT.

              #php_value session.cookie_secure true

              #php_value session.use_only_cookies true

              #php_value session.cookie_httponly true



              </IfModule>



              # ------------------------------

              # --- Block files/folders



              <IfModule mod_rewrite.c>



              RewriteEngine On



              #AESECURE_BLOCKFILE_START

              #aesecure 1.7

              # Block direct access to these files : don't allow an url like f.i. http://yoursite/install.txt

              RewriteCond %{REQUEST_FILENAME} (boot.ini|changelog.php|changelog.txt|configuratio n.php|contributing.md|copyright.php|credits.php|ht access.txt|httpd.conf|install.mysql)$ [NC,OR]

              RewriteCond %{QUERY_STRING} (boot.ini|changelog.php|changelog.txt|configuratio n.php|contributing.md|copyright.php|credits.php|ht access.txt|httpd.conf|install.mysql).*$ [NC,OR]

              RewriteCond %{REQUEST_FILENAME} (install.pgsql|install.txt|joomla.xml|license.php| license.txt|maintainers.php|maintainers.txt|php.in i|phpinfo.php|readme.htm)$ [NC,OR]

              RewriteCond %{QUERY_STRING} (install.pgsql|install.txt|joomla.xml|license.php| license.txt|maintainers.php|maintainers.txt|php.in i|phpinfo.php|readme.htm).*$ [NC,OR]

              RewriteCond %{REQUEST_FILENAME} (readme.html|readme.txt|upgrade.php|upgrade.txt|we b.config.txt|web.config|wp-config.php)$ [NC,OR]

              RewriteCond %{QUERY_STRING} (readme.html|readme.txt|upgrade.php|upgrade.txt|we b.config.txt|web.config|wp-config.php).*$

              RewriteCond %{SCRIPT_FILENAME} -f

              RewriteRule .* /aesecure/accessdenied.php?s=148 [L]

              #AESECURE_BLOCKFILE_END



              # Never direct access to these files or folder (aesecure)

              # Block f.i. http://yoursite/.htaccess, http://yoursite/configuration.php, ...

              RewriteCond %{REQUEST_FILENAME} .*\.(phtm?l?|ash?x|aspx?|cfml?|cgi|pl|jsp|sql)$ [NC,OR]

              RewriteCond %{REQUEST_FILENAME} .*\.(bak|config|dll|exe|sql|ini|log|sh|inc|dist)$ [NC,OR]

              RewriteCond %{REQUEST_FILENAME} .*\.(htaccess|htaccess_old|htpasswd)$ [NC]

              RewriteCond %{SCRIPT_FILENAME} -f

              RewriteRule .* /aesecure/accessdenied.php?s=148 [L]



              # ------------------------------

              # --- Block fingerprint



              # Block &tp=1 or &tmpl=offline ...

              # Block f.i. http://yoursite/index.php?tmpl=offline

              RewriteCond %{QUERY_STRING} (^|&)tmpl=(system|offline) [NC]

              RewriteRule .* - [L]

              RewriteCond %{QUERY_STRING} (^|&)tp= [NC]

              RewriteRule .* - [F]



              # ------------------------------

              # --- Block specific querystring



              # PHP Easter Eggs

              # Block f.i. http://yoursite/index.php?=PHPE9568F...9-00AA001ACF42 but not if

              # the request comes from the webserver himself (=allowed on localhost and serveur (since called by Joomla backend))

              RewriteCond %{REMOTE_ADDR} !127.0.0.1

              RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC]

              RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?www\.pierbiau\.com [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=758 [L]



              # Block out any script trying to modify a _REQUEST / PHP GLOBAL variables via URL

              # Block out any script trying to set a PHP GLOBALS variable via URL.

              # Block f.i. http://yoursite/index.php?GLOBALS=SuperMe

              RewriteCond %{QUERY_STRING} ((\?|&)GLOBALS(=|\[|\%[0-9A-Z]{0,2})?) [NC,OR]

              RewriteCond %{QUERY_STRING} ((\?|&)_REQUEST(=|\[|\%[0-9A-Z]{0,2})?) [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=654 [L]



              # Block out any script that includes a <script> tag in URL.

              # Block f.i. http://yoursite/index.php?%3Cscript%...;%3C/script%3E

              # Block f.i. http://yoursite/index.php?%3Ctable%2...script:alert(([code])%22%3E%3C/table%3E

              RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]

              RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]

              RewriteCond %{QUERY_STRING} ((java)?script.*(.* [NC,OR]

              RewriteCond %{QUERY_STRING} .*(\&lt;script).* [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=541 [L]



              #xss blocage For instance, a parameter on the querystring is an url (http://...)

              RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]

              # Exception : the http:// parameter has been set by the website himself. This is the case with WordPress, f.i.

              # because wp-admin makes a redirection to wp-login. Allow the server IP and localhost

              RewriteCond %{REMOTE_ADDR} !127.0.0.1

              RewriteCond %{REMOTE_ADDR} !178.33.103.85

              RewriteCond %{QUERY_STRING} !option=com_akeeba&view=backup(.*)$ [NC]

              RewriteCond %{QUERY_STRING} !(.*)https?(://|%3A%2F%2F)www\.pierbiau\.com(.*)$ [NC]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)(s|%73|%53)(%3A|(/|%2F){2}(.*)$ [NC,OR]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)(s|%73|%53)%3a(%3A|(/|%2F){2}(.*)$ [NC,OR]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)(%3A|(/|%2F){2}(.*)$ [NC,OR]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)%3a(%3A|(/|%2F){2}(.*)$ [NC,OR]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(f|%66|%46)(t|%74|%54)(p|% 70|%50)(%3A|(/|%2F){2}(.*)$ [NC,OR]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)%20( t|%74|%54)(p|%70|%50)(%3A|(/|%2F){2}(.*)$ [NC,OR]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)%20(p|%70|%50)(%3A|(/|%2F){2}(.*)$ [NC,OR]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)%20(%3A|(/|%2F){2}(.*)$ [NC,OR]

              RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)%20(t|%74|%54)( t|%74|%54)(p|%70|%50)(%3A|(/|%2F){2}(.*)$ [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=782 [L]



              # Block out any script trying to base64_encode data within the URL.

              # Block f.i. http://yoursite/index.php?ImageName=base64_encode(%22I'm%20an%20ha cker...%20Tadaaa%22)

              RewriteCond %{QUERY_STRING} .*base64_(de|en)code.* [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=345 [L]



              # Block querystring where "PHPSESSID" appears.

              RewriteCond %{QUERY_STRING} ^.*PHPSESSID.*$ [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=310 [L]



              # Redirect tentative to use the com_users standard component of Joomla and

              # redirect to Community Builder

              #RewriteCond %{QUERY_STRING} option=com_users&view=login [NC]

              #RewriteRule .* index.php?option=com_comprofiler&task=login [L]



              # Prevent use of specified methods in HTTP Request, but allow opensiteexplorer.org to do so

              # http://bodvoc.com/index.php?option=com_content&view=article&id=43&ca tid=2&Itemid=3; see rule #1

              RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]

              RewriteCond %{HTTP_REFERER} !(www\.)?opensiteexplorer\.org/ [NC]

              RewriteCond %{HTTP_REFERER} !(www\.)?uptimerobot\.com/ [NC]

              RewriteCond %{HTTP_REFERER} !http://validator\.w3\.org/ [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=651 [L]



              # Block out use of illegal or unsafe characters in the HTTP Request

              # Block urls having a carriage return or linefeed in it

              # Block also urls having "wwwroot" or "public_html" in it. Can be an hacker trying to access to a localfile

              # Block urls having "alert(", "char(", "eval(", "function(" ...

              RewriteCond %{QUERY_STRING} .*((alert|char|eval|function|load_file)\().* [NC,OR]

              RewriteCond %{QUERY_STRING} .*(\_vti\_|crossdomain|wwwroot|public_html).* [NC,OR]

              RewriteCond %{QUERY_STRING} .*(\\r|\\n|%0A|%0D).* [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=429 [L]



              # No carriage return, line feed, escape (%27), ... in the query string

              # Block f.i. http://yoursite/index.php?value=%27

              RewriteCond %{QUERY_STRING} ^.*(<|>|'|%0A|%0D|%25|%27|%3C|%3E|%00).* [NC,OR]

              RewriteCond %{QUERY_STRING} ^.*((\/\*)?\*\/).* [NC,OR]

              RewriteCond %{QUERY_STRING} ^.*\|\|.* [NC]

              RewriteCond %{QUERY_STRING} !option=com_akeeba(.*)$ [NC] # exception for Akeeba backup

              RewriteRule .* /aesecure/accessdenied.php?s=271 [L]



              # Block SQL injection tentatives

              # Block f.i. http://yoursite/index.php?%3CDROP%20TABLE%20jos_users%3E

              RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%25|%27|%3C|%3E|%00). *(/\*|union|select|insert|cast|declare|drop|update|md 5|benchmark).* [NC,OR]

              RewriteCond %{QUERY_STRING} ^.*(%20)?([(])?(union|select|insert|cast|declare|group_concat|d rop|update|md5|benchmark)%20.* [NC,OR]

              RewriteCond %{QUERY_STRING} ^.*(%20|\+)(AND|OR)(%20|\+).* [NC,OR]

              RewriteCond %{QUERY_STRING} ^.*(%20|\+)ORDER(%20|\+).* [NC,OR]

              RewriteCond %{QUERY_STRING} ^.*%201\=1.* [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=682 [L]

              # Block urls trying to get access to the jos_ defaut prefix of Joomla 1.5

              RewriteCond %{QUERY_STRING} .*jos_.* [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=682 [L]



              #Block functions in the querystring (f.i. String.fromCharCode)

              RewriteCond %{QUERY_STRING} ^.*string\.fromcharcode.* [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=352 [L]



              # Filter against shell attacks

              # Block f.i. http://yoursite/index.php?cmd=chmod or http://yoursite/index.php?act=tools&d=54

              # http://yoursite/index.php?page=../../../../proc/self/environ or http://yoursite/index.php?cmd=../../etc/passwd



              RewriteCond %{REQUEST_URI} .*((php|my)?shell|remview.*|phpremoteview.*|sshphp .*|pcom|nstview.*|c99|r57|webadmin.*|phpget.*|phpw riter.*|fileditor.*|locus7.*|storm7.*)\.(p?s?x?htm ?l?|txt|aspx?|cfml?|cgi|pl|php[3-9]{0,1}|jsp?|sql|xml) [NC,OR]

              RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]

              RewriteCond %{QUERY_STRING} ^(.*)([-_a-z]{1,15})=(chmod|chdir|mkdir|rmdir|clear|whoami|unam e|unzip|gunzip|grep|umask|telnet|ssh|ftp|mkmode|lo gname|edit_file|search_text|find_text|php_eval|dow nload_file|ftp_file_down|ftp_file_up|ftp_brute|mai l_file|mysql_dump|db_query)([^a-zA-Z0-9].+)*$ [OR]

              RewriteCond %{QUERY_STRING} ^work_dir=.*$ [OR]

              RewriteCond %{QUERY_STRING} ^command=.*&output.*$ [OR]

              RewriteCond %{QUERY_STRING} ^nts_[a-z0-9_]{0,10}=.*$ [OR]

              RewriteCond %{QUERY_STRING} ^c=(t|setup|codes)$ [OR]

              RewriteCond %{QUERY_STRING} ^act=((about|cmd|selfremove|chbd|trojan|backc|mass browsersploit|exploits|grablogins|upload.*)|((chmo d|f)&f=.*))$ [OR]

              RewriteCond %{QUERY_STRING} ^act=(ls|search|fsbuff|encoder|tools|processes|ftp quickbrute|security|sql|eval|update|feedback|cmd|g ofile|mkfile)&d=.*$ [OR]

              RewriteCond %{QUERY_STRING} ^&?c=(l?v?i?&d=|v&fnot=|setup&ref=|l&r=|d&d=|tree& d|t&d=|e&d=|i&d=|codes|md5crack).*$ [OR]

              RewriteCond %{QUERY_STRING} ^(.*)*etc(/|%2F)passwd* [OR]

              # Windows slashes \..

              RewriteCond %{QUERY_STRING} .*(((\\|%5C)\.\.\\)+).* [OR]

              # Unix slashes /..

              RewriteCond %{QUERY_STRING} .*(((\/|%2F)\.\.)+).* [OR]

              RewriteCond %{QUERY_STRING} ^(.*)*proc\/self\/environ* [NC]

              RewriteRule .* /aesecure/accessdenied.php?s=490 [L]

              </IfModule>



              #AESECURE_BLOCKHIDDENFOLDERS_START

              #aesecure 2.6

              # Block access to hidden files and directories.

              # This includes directories used by version control systems such as Git and SVN.

              <IfModule mod_rewrite.c>

              RewriteCond %{SCRIPT_FILENAME} -d [OR]

              RewriteCond %{SCRIPT_FILENAME} -f

              RewriteRule "(^|/)\." /aesecure/accessdenied.php?s=26 [L]

              </IfModule>

              #AESECURE_BLOCKHIDDENFOLDERS_END

              #AESECURE_BLOCK_COM_USERS_START

              #AESECURE_BLOCK_COM_USERS_END

              #AESECURE_BADBOTS_START

              #AESECURE_BADBOTS_END

              #AESECURE_BLOCK_COMPONENTS_START

              #AESECURE_BLOCK_COMPONENTS_END



              # Disable Server Signature, be sure that PHP version number won't be transmitted

              ServerSignature Off

              # -------------------------------------------------------------------------

              # -------------- IE aka Immonde Explorateur (Awful explorer) -------------

              # -------------------------------------------------------------------------



              # Always force latest IE rendering engine (even in intranet) & Chrome Frame

              # Read http://www.1stwebdesigner.com/design/snippets-html5-boilerplate/; X-UA-Compatible chapter

              <IfModule mod_headers.c>

              <IfModule mod_setenvif.c>

              BrowserMatch MSIE ie

              Header set X-UA-Compatible "IE=Edge,chrome=1"

              # mod_headers can't match by content-type, but we don't want to send this header on *everything*...

              <FilesMatch "\.(js|css|gif|png|jpe?g|webp|pdf|xml|oga|ogg|m4a| ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff2?|ico|w ebp|appcache|manifest|htc|crx|xpi|safariextz|vcf)$ " >

              Header unset X-UA-Compatible

              </FilesMatch>

              </IfModule>

              </IfModule>



              # -------------------------------------------------------------------------

              # --------------------------- Site optimization ---------------------------

              # -------------------------------------------------------------------------



              #AESECURE_HOTLINKING_START

              #AESECURE_HOTLINKING_END



              <IfModule mod_rewrite.c>

              # Browsers trying to access to the site favicon from a bad locations... This will generate 404 pages

              # and entries in logfiles; avoid this. Redirect to the good file

              #--- Commented because need to first verify if the querystring points to favicon or not.

              #--- need to verify too the existence of the /templates/favicon.ico file first

              #RewriteCond %{REQUEST_URI} !^/favicon\.ico [NC]

              #RewriteCond %{REQUEST_URI} favicon\.ico [NC]

              #RewriteRule (.*) http://%{HTTP_HOST}/templates/favicon.ico [R=301,L]

              </IfModule>



              #AESECURE_WITHORNOTWWW_START

              #AESECURE_WITHORNOTWWW_END



              # Everything will be, by default, in utf-8, in French

              AddDefaultCharset UTF-8

              DefaultLanguage fr-FR



              <IfModule mod_mime.c>

              AddType image/svg+xml .svg .svgz .svg.gz

              AddType application/x-gzip .gz .gzip

              AddType text/css .css.gz

              AddType text/html .html.gz .htm.gz

              AddType image/x-icon .ico.gz .icon.gz

              AddType text/plain .txt.gz

              AddType text/json .json.gz

              AddType text/xml .xml.gz

              AddType application/xslt+xml .xsl.gz

              AddType application/javascript .js.gz

              AddCharset utf-8 .atom .css .js .json .rss .xml .css.gz .htm.gz .html.gz .js.gz .xml.gz

              </IfModule>



              #AESECURE_PAGESPEED_START

              #AESECURE_PAGESPEED_END

              #AESECURE_EXPIREBYTYPE_START

              #AESECURE_EXPIREBYTYPE_END

              #AESECURE_MINIFY_START

              #AESECURE_MINIFY_END

              #AESECURE_BOTSNOARCHIVE_START

              #AESECURE_BOTSNOARCHIVE_END

              #AESECURE_BLOCKROBOTSTXT_START

              #AESECURE_BLOCKROBOTSTXT_END



              ## force the latest IE version, in various cases when it may fall back to IE7 mode

              ## github.com/rails/rails/commit/123eb25#commitcomment-118920

              ## Use ChromeFrame if it's installed for a better experience for the poor IE folk

              <IfModule mod_headers.c>



              # Just for the fun, doesn't have any impact.

              Header set Protected-by "aesecure (c) Christophe Avonture"



              # In case of, remove the X-Powered-By which reveal the PHP version number running on the server

              Header unset X-Powered-By



              # Disable ETags (French explanations : http://www.takeitweb.fr/blog/configurer-etags.html)

              Header unset ETag

              FileEtag None



              </IfModule>



              <IfModule mod_headers.c>

              ## Because X-UA-Compatible isn't sent to non-IE (to save header bytes),

              ## We need to inform proxies that content changes based on UA

              Header append Vary User-Agent

              ## Cache control is set only if mod_headers is enabled, so that's unncessary to declare

              </IfModule>



              #AESECURE_REDIRECTIONS_START

              #AESECURE_REDIRECTIONS_END



              # Include your manual changes here below

              #AESECURE_OLDHTACCESS_START
              #AESECURE_OLDHTACCESS_END



              #AESECURE_REWRITE_START
              #aeSecure 7.1

              <IfModule mod_rewrite.c>



              RewriteEngine On



              # Joomla! core SEF Section

              # Workaround for HTTP authorization in CGI environment

              RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]



              # If the requested path and file is not /index.php and the request

              # has not already been internally rewritten to the index.php script

              RewriteCond %{REQUEST_URI} !^/index\.php



              # and the request is for something within the component folder,

              # or for the site root, or for an extensionless URL, or the

              # requested URL ends with one of the listed extensions

              RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]



              # Never rewrite for existing files, directories and links

              RewriteCond %{REQUEST_FILENAME} !-f

              RewriteCond %{REQUEST_FILENAME} !-d

              RewriteCond %{REQUEST_FILENAME} !-l



              # internally rewrite the request to the index.php script

              RewriteRule .* index.php [L]



              </IfModule>
              #AESECURE_REWRITE_END

              Merci d'avance.

              Cdt

              Christophe

              Commentaire


              • #8
                Re : Http error 500

                Tu disais avoir désactivé aeSecure or cela ne semble pas le cas.

                Dans ton .htaccess, recherche la ligne ci-dessous et ajoute un dièse devant la ligne; sauve le fichier et vois si cela résoud le problème

                Code:
                Options +FollowSymLinks -Indexes
                (et donc modifie en
                Code:
                #Options +FollowSymLinks -Indexes
                )

                Note : dans ton dossier /aesecure/setup/backup tu as les anciens fichiers .htaccess puisqu'aeSecure prends un backup avant chaque activation d'une option ==> récupère ton fichier d'avant l'installation du logiciel (donc, en principe le fichier le plus ancien) et tu auras donc ton .htaccess ... d'avant l'installation et donc présumé fonctionnel pour ton site)
                Dernière édition par cavo789 à 18/08/2016, 14h28
                Christophe (cavo789)
                Mon blog, on y parle Docker, PHP, WSL, Markdown et plein d'autres choses : https://www.avonture.be
                Logiciel gratuit de scan antivirus : https://github.com/cavo789/aesecure_quickscan (plus de 45.000 virus détectés, 700.000 fichiers sur liste blanche)​

                Commentaire


                • #9
                  Re : Http error 500

                  Oui je l'ai réactivé entre temps vu que ça ne m'avait pas résolu le soucis.

                  J'ai essayé ta manip ça change rien,

                  j'ai aussi remis le .htaccess d'origine avant installation d'aesecure ça ne change rien non plus...

                  Un module pourrait être la cause de cette erreur ?

                  Commentaire


                  • #10
                    Re : Http error 500

                    Désactive .ovh_config alors.

                    Sinon, direction le fichier de log d'OVH pour comprendre l'origine de ton erreur 500 : https://logs.ovh.net
                    Christophe (cavo789)
                    Mon blog, on y parle Docker, PHP, WSL, Markdown et plein d'autres choses : https://www.avonture.be
                    Logiciel gratuit de scan antivirus : https://github.com/cavo789/aesecure_quickscan (plus de 45.000 virus détectés, 700.000 fichiers sur liste blanche)​

                    Commentaire


                    • #11
                      Re : Http error 500

                      En désactivant .ovh_config

                      Erreur:

                      Parse error: syntax error, unexpected T_OBJECT_OPERATOR in /home/pierbiau/www/index.php on line 43

                      Je file voir les logs du temps...

                      Commentaire


                      • #12
                        Re : Http error 500

                        Ok, logique pour .ovh_config. Tu es repassé sur un vieux PHP.
                        Christophe (cavo789)
                        Mon blog, on y parle Docker, PHP, WSL, Markdown et plein d'autres choses : https://www.avonture.be
                        Logiciel gratuit de scan antivirus : https://github.com/cavo789/aesecure_quickscan (plus de 45.000 virus détectés, 700.000 fichiers sur liste blanche)​

                        Commentaire


                        • #13
                          Re : Http error 500

                          C'est le chantier dans les logs, ça me dépasse...
                          une idée de ce que je dois chercher ?

                          Ce qui est bizarre c'est que le catalogue par exemple fonctionne parfaitement.
                          Mais que certaines requêtes comme dans mon menu ou en back office m'amène une erreur 500...

                          Dernière édition par Tigers à 18/08/2016, 16h00

                          Commentaire


                          • #14
                            Re : Http error 500

                            Prends le log des erreurs (pas celui des accès). Analyse le fichier à l'envers (ordre chronologique descendant). Cherche les lignes concernant les erreurs 500.

                            Ton hébergeur devrait avoir une faq pour t'y aider car oui ce n'est pas intuitif
                            Christophe (cavo789)
                            Mon blog, on y parle Docker, PHP, WSL, Markdown et plein d'autres choses : https://www.avonture.be
                            Logiciel gratuit de scan antivirus : https://github.com/cavo789/aesecure_quickscan (plus de 45.000 virus détectés, 700.000 fichiers sur liste blanche)​

                            Commentaire


                            • #15
                              Re : Http error 500

                              Je trouve bien des erreurs mais en 404 pas en 500...
                              Je vais tenter du supprimer mon dossier www
                              et de remettre ma backup du mois de mai voir ce que ça donne...
                              qu'en penses tu ?

                              Commentaire

                              Annonce

                              Réduire
                              Aucune annonce pour le moment.

                              Partenaire de l'association

                              Réduire

                              Hébergeur Web PlanetHoster
                              Travaille ...
                              X