Loading...
 
Skip to main content

tiki-check.php causes crash of rented webspace

Status
Open
Subject
tiki-check.php causes crash of rented webspace
Version
18.x
Category
  • Bug
  • Error
Feature
Admin Interface (UI)
Resolution status
New
Submitted by
hman
Lastmod by
hman
Rating
(0)
Related-to
Description

Calling tiki-check.php (via the drop down menu of control panels) causes my rented webspace to crash. Literally. First, a 500 is thrown (internal server error), and afterwards the entire webspace goes offline for a couple of minutes! Eventually it does recover, but I have no idea by what mechanism of my ISP this happens. Probably a restart of the (assumed) Docker instance.

This can possibly lead to disturbing the online presence of other customers of the same ISP, depending on the grade of encapsulation of the ISP!

Something dangerous is happening inside tiki-check.php. This must never happen, because this spells out that there is something that can lead to a DOS, either involunaterily by co-admins not aware of the danger of the function, or even by attackers who somehow manage to do whatever tiki-check.php does when this happens. Possibly even by attacking other Tikis hosted by the same ISP, if the ISPs encapsulation is weak...

I therefore propose that tiki-check.php be split up into segments that can be called individually (this eases finding the culprit) and then to have an admin configurable set of functions, so admins can disable dangerous functions.

Importance
10 high
Easy to solve?
10 easy
Priority
99
Demonstrate Bug on Tiki 19+
Demonstrate Bug (older Tiki versions)
Ticket ID
7954
Created
Monday 29 November, 2021 11:06:00 UTC
by hman
LastModif
Monday 29 November, 2021 22:09:55 UTC


Show PHP error messages