• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

TPU Site issues 2016/17

Status
Not open for further replies.
Drone said:
Lots of images won't show, especially NASA ones. Is it because of hotlinking or whatever because they show up in reply/preview/quote mode
Click to expand...
No, it's clearly due to a conspiracy by the illuminati. :p
 
Drone said:
Lots of images won't show, especially NASA ones. Is it because of hotlinking or whatever because they show up in reply/preview/quote mode
Click to expand...
Works for me. Can you check if the images load eventually? I have a new DOS protection that will slow down your requests (up to 10 seconds) if you exceed a certain number in a short timeframe.
 
W1zzard said:
Works for me. Can you check if the images load eventually? I have a new DOS protection that will slow down your requests (up to 10 seconds) if you exceed a certain number in a short timeframe.
Click to expand...
Didn't work. Exceed what number exactly?
 
Drone said:
Here or here
Click to expand...
Found some filesystem corruption in our image cache, cleaned it up, let's hope the broken files go away now. Please check again in an hour or so
 
W1zzard said:
Found some filesystem corruption in our image cache, cleaned it up, let's hope the broken files go away now. Please check again in an hour or so
Click to expand...
I've waited more than an hour but images won't show. Does it mean that cache error persists?
 
Broken images for me too.
 
Drone said:
I've waited more than an hour but images won't show. Does it mean that cache error persists?
Click to expand...
So I looked more into this and it seems that the broken images send a HTTP 301 redirect to a different URL.

In the past this worked, but apparently there was some security issue related to it, which was fixed recently, see this thread: https://xenforo.com/community/threa...e-image-proxy-to-follow-301-redirects.120346/

Not sure yet how to address this

Edit: From what I understand the issue is following, you put a link to your own webserver, then you make that send a 301 request that leads to one of our secret internal URLs, which shouldn't be accessible from the outside. But since the image proxy in XF will follow the URL, it will fetch our secret content or execute evil things.
 
Drone said:
I see, thanks for explanation. Sounds complicated
Click to expand...
You can fix it manually by pasting the image url in your browser, loading the image and then pasting the new url, which is usually just a change from http to https
 
W1zzard said:
So I looked more into this and it seems that the broken images send a HTTP 301 redirect to a different URL.

In the past this worked, but apparently there was some security issue related to it, which was fixed recently, see this thread: https://xenforo.com/community/threa...e-image-proxy-to-follow-301-redirects.120346/

Not sure yet how to address this

Edit: From what I understand the issue is following, you put a link to your own webserver, then you make that send a 301 request that leads to one of our secret internal URLs, which shouldn't be accessible from the outside. But since the image proxy in XF will follow the URL, it will fetch our secret content or execute evil things.
Click to expand...
That loss of functionality sucks a bit, but I think it's overall better to be safe than sorry. I'd rather lose some pictures than potentially get a driveby malware download. Not worth hacking around it in my opinion.
 
What a shame.....some of my threads have many many pics missing.
 
W1zzard said:
You can fix it manually by pasting the image url in your browser, loading the image and then pasting the new url, which is usually just a change from http to https
Click to expand...
The thing is posts can't be edited after a certain amount of time and there's no global search and replace function so I'll just move on lol
 
W1zzard said:
This is our affiliate link for newegg. The forum adds those in transparently, so TPU makes a little bit of money when you buy something through the links (about 1%)
Click to expand...

Would it be possible to add a section dedicated to Affiliate Links for those that may want to purchase from Newegg or others? Added to this page: https://www.techpowerup.com/forums/

Is it geared to single specific items or all purchases? How can I use it so you can get credit?

Example: Interested in this, http://www.newegg.com/Product/Product.aspx?Item=N82E16814137046
 
Last edited:
W1zzard said:
Oh you are right, i'll think of something
Click to expand...
How about removing the editing time restriction? It's a real pain for me when I see something on one of my older posts that needs fixing or adding to. I know you put it in because there were a few disaffected members who started vandelizing their posts, but it seems unfair to me to punish the whole community because of a few doing this infrequently.

Ultimately, it can be picked up by say, noting the frequency of edits much like the frequency of new posts (no faster than one every 30 seconds) and flagging it to the mods and admins to deal with and reverse.
 
My favourite thread i ever started looks like this,




jjjjjjjjjj.PNG






I,m not sure im up to the task.......:(
 
jsfitz54 said:
Would it be possible to add a section dedicated to Affiliate Links for those that may want to purchase from Newegg or others? Added to this page: https://www.techpowerup.com/forums/

Is it geared to single specific items or all purchases? How can I use it so you can get credit?

Example: Interested in this, http://www.newegg.com/Product/Product.aspx?Item=N82E16814137046
Click to expand...
Just click any link to Amazon or newegg here on the forums and make your purchases within a day or so
 
W1zzard said:
Oh you are right, i'll think of something
Click to expand...
I can understand this being a problem with respect to exposing secure internal network resources but, not so much with regards to remote code execution on your servers. I think there is a bigger concern that image proxy might not actually be getting just images. Maybe this could be a case where certain criteria could be allowed? For example, if the 302 response shares the first two domain segments (tld + first level,) or same IP, to allow it? I know this won't solve all of the broken images but, I would imagine that some of the locations of redirects might be safe to use based on where it is in relation to where the redirect came from. That would protect against any cross-domain redirects. Just an idea.
 
Last edited:
Aquinus said:
I can understand this being a problem with respect to exposing secure internal network resources but, not so much with regards to remote code execution on your servers. I think there is a bigger concern that image proxy might not actually be getting just images. Maybe this could be a case where certain criteria could be allowed? For example, if the 302 response shares the first two domain segments (tld + first level,) or same IP, to allow it? I know this won't solve all of the broken images but, I would imagine that some of the locations of redirects might be safe to use based on where it is in relation to where the redirect came from. That would protect against any cross-domain redirects. Just an idea.
Click to expand...
I looked into exactly that, same ip = allow, but it's not an easy mod to the xf source code
 
so @W1zzard can you or are you able to fix the problem with being unable to edit OP in clubhouse or other threads? i heard you locked it down due to someone leaving and going apesh!t with editing posts :P
 
Status
Not open for further replies.
Back
Top