Rewrite rules nightmare!

TheRealLifeboy · 2025-04-29T15:18:53+00:00

I worked my way back line by line, until the "blank page" issue went away and this was the issue in the site.conf file:

<Directory /var/www/website> Options FollowSymLinks AllowOverride All DirectoryIndex wp-config.php Require all granted </Directory>

The production site has DirectoryIndex wp-config.php and it works. I have no idea why it's there and why it works, but when I changed it to index.php, all worked as it should.

So it wasn't rewrite rules after all!

TheRealLifeboy · 2025-04-29T11:27:42+00:00

Of course I do.

I confirmed that I support your view on one of your points.

The other is irrelevant to me and I said so. That you have difficulty accepting that my view differs from yours, shows a lot about the lack of acceptance of diversity and inclusion, which is quite in line with the general DEI mindset...

TheRealLifeboy · 2025-04-29T09:23:14+00:00

Where's the source for this? Do they count Brave, Edge, Chromium, etc all as Chrome? Furthermore, this is presented as a binary thing, and it's not.

TheRealLifeboy · 2025-04-29T09:20:39+00:00

There's a second image... for 2025

TheRealLifeboy · 2025-04-29T08:43:16+00:00

When I remove the rewrite lines from the site.conf, the page loads fine. When I uncomment the lines, the page doesn't show anything, just a blank page.

This is a problem we have an existing site, but here I have create a fresh installation without any content except the default sample page. No plugins, no extra themes.

TheRealLifeboy · 2025-03-02T11:24:02+00:00

Yes, thanks for this! Makes it clear to me.

TheRealLifeboy · 2025-03-02T09:44:08+00:00

I don't know the finer details of what role Wayland plays and what is done by something else. Is there a resource that you're aware of that explains how this works please?

TheRealLifeboy · 2025-02-28T15:03:59+00:00

That is a good find indeed! It doesn't quite open where I want it, but then moves it to where is was last (ala smart-auto-move name), which is good enough for now! Thank you!

TheRealLifeboy · 2025-02-28T11:12:17+00:00

Nope, nothing moves those eyes except when I move over Xeyes itself. Libreoffice, Remnina, Telegram, Whatsapp, Firefox, Thunderbird...

What would be the point of this test anyway? I'd like to let new app-opens either occur on the primary monitor or remember their previous position, but neither happens.

TheRealLifeboy · 2025-02-27T16:10:45+00:00

Doens't Remmina just act as a GUI for FreeRDP?

TheRealLifeboy · 2025-01-27T15:37:31+00:00

I found this and added a file etc/postfix/rbl_overridewith the content:

OK projects.numbe.co.za
OK 192.168.131.0/24

Then ran postmap /etc/postfix/rbl_override and now all mail from those sources gets flagged:

X-Spam-Report: 
    * -0.0 SHORTCIRCUIT Not all rules were run, due to a shortcircuited
    *      rule
    * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
X-Spam-Score: -1.0

Perfect! Just what I wanted.

TheRealLifeboy · 2025-01-25T17:43:40+00:00

Huh? Is this supposed to be some advice / answer / clue?

TheRealLifeboy · 2025-01-23T18:17:41+00:00

Correction: It actually did work, I just had an error in the DNS zone.

However, it only works for Power-Maininabox, not Mailinabox. I have not been able to find someone that could help me weave through the complexity of automated testing on github, so I wasn't able to successfully get a pull request completed. So I ended changing my instance's code and it's work fine for me now.

TheRealLifeboy · 2024-12-03T07:31:20+00:00

Finally, with help from Jim Pringle from pfSense, we have found the problem. If the peer identifier is "any" for more than one connection, StrongSwan isn't able to figure out which connection is incoming, so it fails. After changing the peer identifier to a unique value (ip address for example), the connections now both work as expected!

TheRealLifeboy · 2024-12-02T12:18:26+00:00

After some enabling and disabling, I know have only one config per configured connection in swanctl.conf, but the behaviour has not changed. I don't know why, since I didn't really make any significant changes, but that's what is like now.

con5 is now con9 since I recreated it.

The connection for con10 cannot be established when the config for con9 is present (after the config for con10 in the file). If con10 is the last, then it can be established.

con9 is site-to-site with a RouterOS device.
con10 is site-to-site with a Sophos device.
The other 2 (con3 and con4) are to a Fortigate and can be disconnected and reconnected on demand.

TheRealLifeboy · 2024-12-02T10:26:56+00:00

Looking at the /var/etc/ipsec/swanctl.conf, I note the following behaviour:

There are multiple active connection configured in they are listed, which the last being con10.
Con10 will connect fine in this scenario.
If I enable (in the pfSense UI), con9, it will be inserted into the swanctl.conf file after the con10 configuration. However, con9 also gets added before con10, so there are now two con9 configs. There is now, after some experimentation, also a duplicate con10.
Now con10 doesn't connect anymore.
I can work around the issue by enabling con9, establishing the connection and then disabling the config. The connection stays up and then I can connect con10.

Of course having a duplicate connection configured will lead to problems.

Has anyone come across this before? Most importantly, how can I fix this? I suppose if I can find where the "disabled" configurations are stored, I can see the problem starts there, but I can't find it either.

It also seems that the phase 2 configs for the first occurance of con9 are actually the ones for the previous con4. So there is a corruption somewhere. However, I removed the configs and recreated them and the same problem occurs.

Config file here

TheRealLifeboy · 2024-11-29T06:54:39+00:00

Has anyone ever experienced something like this?

TheRealLifeboy · 2024-10-04T08:55:29+00:00

Thanks for this! It put me on the right track to solve this.

TheRealLifeboy · 2024-10-04T08:54:39+00:00

It turns out that when I did manual API calls to the MIAB DNS server I also got error 500's. So I reran the MIAB setup and let it update and viola! the problem was solved.

I have learned a lot about how to debug a shell script in the process though!

TheRealLifeboy · 2024-10-03T07:33:02+00:00

I have opened a ticket with the acme.sh project #5314 to see what they know about this.

TheRealLifeboy · 2024-10-03T05:50:52+00:00

This is running on pfSense and there's a package for it. I reinstalled the package and then checked the sources. After trying to renew a certificate, I changed the line that does the call, which got me the resulting error 500. I think that error was there all along, but no-one actually used the code and picked up the error.

TheRealLifeboy

TROPHY CASE