Hiawatha web server and Cms made simple

The place to talk about things that are related to CMS Made simple, but don't fit anywhere else.
Greenerpastures
Forum Members
Forum Members
Posts: 10
Joined: Thu Jul 13, 2017 6:32 pm

Re: Hiawatha web server and Cms made simple

Post by Greenerpastures »

I'm assuming all's as intended as the Background Job Manager is working error-free and the access logs show regular entries like;

Code: Select all

GET /index.php?mact=CmsJobManager,cntnt01,process,0&cntnt01returnid=1&cms_cron=1&showtemplate=false HTTP/1.1" 200 3640 "-" "-"
... which are all coming from the machine's public ipv6 address. I need to find out what's happening with the firewall, though.[/quote]
Why not allow all outgoing connections from your server as long
as they originate from your server, ie, NOT connections that pass through your server as this would be dangerous.
User avatar
PinkElephant
Forum Members
Forum Members
Posts: 169
Joined: Fri Feb 06, 2009 2:08 pm

Re: Hiawatha web server and Cms made simple

Post by PinkElephant »

Greenerpastures wrote:Why not allow all outgoing connections from your server
It's an attempt at good web citizenship with a basic defence/mitigation against web applications being exploited. All web applications are vulnerable.

(Having thought about it some more - being a bit less dense ;) - I'm now thinking the firewall is working as intended)
Greenerpastures
Forum Members
Forum Members
Posts: 10
Joined: Thu Jul 13, 2017 6:32 pm

Re: Hiawatha web server and Cms made simple

Post by Greenerpastures »

PinkElephant wrote:
Greenerpastures wrote:Why not allow all outgoing connections from your server
It's an attempt at good web citizenship with a basic defence/mitigation against web applications being exploited. All web applications are vulnerable.

(Having thought about it some more - being a bit less dense ;) - I'm now thinking the firewall is working as intended)
I understand, but in general allowing content to leave your server is not going to harm your server, other than used resources which should be monitored, content leaving also depends on it being allowed to leave, content leaves through port 80 all the time, cant stop that unless you inform all your users to modify their browser port.

Its incoming that is the trouble, it always has to come in first before it can leave again or do damage, and thus unless you install problems, or
allow unsecured access then there should be no problems.

Regarding CMS MADE SIMPLE, does the outgoing connections not use port 80 or https port, and email port, which are secured anyway in that they only allow outgoing when configured to do so, and will not allow pass through unless configured to.

In any event am still having slow page loads on the laptop.
Was hoping to design a site and test it locally before buying hosting,
but that may not work out until I get the pages to work first time as
it would drive people away if it happened online.

Any ides regarding whether the box I skipped during site creation would cause this problem.

Thanks and regards to all.
calguy1000
Support Guru
Support Guru
Posts: 8169
Joined: Tue Oct 19, 2004 6:44 pm
Location: Fernie British Columbia, Canada

Re: Hiawatha web server and Cms made simple

Post by calguy1000 »

I have a confession to make, during the install of my site using the assistant, I came across one box that I did not understand, the box was empty and rather than put some text in it that might break functionality I left it blank.
We can't really help without information. And at this point we really can't help diagnose your performance issue because we have no information to go by. It's just stabbing in the dark which is wasting time.

Try running another installation to see if you can
a: find out what 'box' you can't remember leaving empty.
b: diagnose your performance issue.
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
User avatar
PinkElephant
Forum Members
Forum Members
Posts: 169
Joined: Fri Feb 06, 2009 2:08 pm

Re: Hiawatha web server and Cms made simple

Post by PinkElephant »

Greenerpastures wrote:... in general allowing content to leave your server is not going to harm your server
I suspect we're talking at cross-purposes; I'm not suggesting that my machine shouldn't serve content. :) The firewall rule is purely to stop www-data *initiating* connections to external resources. Typically, post-exploit, www-data would attempt to download and install malware for DOS attacks, data theft, or whatever. It does mean that I have to manage a list of allowed hosts for application-updates and to access the likes of platform.twitter.com but it's minimal effort in my case.
Greenerpastures wrote:Its incoming that is the trouble, it always has to come in first before it can leave again or do damage, and thus unless you install problems, or allow unsecured access then there should be no problems.
Err, yes, but we have "installed problems"; all web applications are vulnerable. For example, every version of CMSMS before 2.2.2 has known vulnerabilities and the chances of 2.2.2 not being exploitable are zero. Obviously, this isn't a CMSMS thing; the web is a hostile environment and all big name CMS will have serious issues from time-to-time. Our job is to stay bang up to date and try to be careful with the provenance of third-party modules, etc...
Greenerpastures
Forum Members
Forum Members
Posts: 10
Joined: Thu Jul 13, 2017 6:32 pm

Re: Hiawatha web server and Cms made simple

Post by Greenerpastures »

calguy1000 wrote:
I have a confession to make, during the install of my site using the assistant, I came across one box that I did not understand, the box was empty and rather than put some text in it that might break functionality I left it blank.
We can't really help without information. And at this point we really can't help diagnose your performance issue because we have no information to go by. It's just stabbing in the dark which is wasting time.

Try running another installation to see if you can
a: find out what 'box' you can't remember leaving empty.
b: diagnose your performance issue.
Thanks for posting, I understand the lack of information makes it difficult to help, I was just thinking a dev would know if a particular input box passed over without an entry would result in slow page loads.

I will try another install, but when I get to the box which mentions something about locating pages being the reason for an entry of unknown sorts, then I will get a screen shot to help explain my case.

I can not really diagnose a problem with a system I never used, and
do not understand, if I knew for instance that the fore mentioned synchronous processing would result in slow pages if no external connection to the internet was available, then I would look into this.
but I do not know whether no internet would break the system or simply slow down page loads, and this is only one guess at what could be wrong, and so I asked here.

I shall keep on trying and hopefully get this resolved,
thanks to all who posted.
Post Reply

Return to “The Lounge”