Dear sir,
I am running moodle with 8000 students, all of them are manually created using upload users,
some of users face the following issues:
1- some users their password not accepted and says invalid password ( Although it is the correct one)
2- other users get wrong or invalid password AFTER Changing there manually created password.
Would anyone tell me what is the wrong and how to solve it ASAP, please
You've described the basic issue, but not shared any info about setup/server.
Moodle version? Changed the theme recently? What is theme?
Have you checked error logs of the server?
There was an issue back in Nov 2018 similar but fixed.
https://github.com/moodleuulm/moodle-theme_boost_campus/issues/45
'spirit of sharing', Ken
Thanks for your support my moodle version is 3.6.2 (Build: 20190114)';
didnot change the theme, my current theme is EGURU theme
I added the required line related to logintaken but still some users can not log in,
I donot know how to get the server log but here the error belong to some users
| Login failed for user 'it2873'. Most likely the password did not match (error ID '3'). |
id 3 is supposedly the password.
Look at Site security settings
What is
Password policy - checked box or unchecked box
"Turning this on will make Moodle check user passwords against a valid password policy. Use the settings below to specify your policy (they will be ignored if you set this to 'No')."
Since the passwords are entered manually via csv or otherwise, do the passwords
meet the security settings ...
Password length,digits,lowercase letters, uppercase letters,non-slphanumeric characters,
consecutive identical characters.
If not the token issue, without a look see at error logs, bout the only thing I could guess is above.
Take it that all students are using same browser/devices?
'spirit of sharing', Ken
Thanks a lot for your replay
I added before uploading all passwords to allow numerical numbers only, while either enter or not to enter other password settings but still give some users such error
here the log of another users
| Login failed for user 'ais3799'. User is locked out (error ID '4'). |
Also, I changed the password for certain user WITHOUT checking Force password change, it gives me wrong passwod, BUT after checking the FORCE password change box the password work
Also Some users changed their password and when they relogin it gives them wrong password
how to fix such issue please help, it is really annoying
What does this mean?
"I added before uploading all passwords to allow numerical numbers only, while either enter or not to enter other password settings but still give some users such error"
In the security settings for password the only characters allowed for a password are numbers?
The only reference given is what one sees in Moodle site report - and only one of those. Not asking for a full report, BTW ... that really won't help anyone attempting to help you. The one you shared indicated the user failed to provide correct password (for whatever reason) and then server protections kicked in to deny the activity by that IP address/user being used - which is telling us a result but gets no closer to the reasons without accessing other resources that could indicate/hint at the cause.
Due to what appears to be sporadic nature of what you are observing about this situation, am wondering if your cron job is set appropriately ... once every minute is the recommendation according to Moodle docs.
If you don't know where to locate web server logs ... error logs in particular, please ask the true operating system server administrator to do that for you. In some setups, php error_log files are created in the moodle code directories where the errors occurred. So your true server admin person would know that and might be able to provide some more technical info.
These 8000 users ... did you import via csv all 8000 at once and that's when this issue began?
Can you provide a dummy .csv file example? No real student names/email addresses, etc. for others to see how that's formatted? When, if, I use .csv imports I never trust what a spreadsheet app might do when creating a .csv file. I always open it in a text editor to see if the spreadsheet app did something funny.
'spirit of sharing', Ken
"to the reasons without accessing other resources that could indicate/hint at the cause."
I will get the php log, the error log file indicates the following
that what I found in the error log
[10-Feb-2019 02:44:51 America/New_York] Default exception handler: Course or activity not accessible. Debug: You are not logged in
Error code: requireloginerror
* line 2677 of /lib/moodlelib.php: require_login_exception thrown
* line 3079 of /lib/moodlelib.php: call to require_login()
* line 49 of /index.php: call to require_course_login()
[10-Feb-2019 02:44:51 America/New_York] Default exception handler: Course or activity not accessible. Debug: You are not logged in
Error code: requireloginerror
* line 2677 of /lib/moodlelib.php: require_login_exception thrown
* line 3079 of /lib/moodlelib.php: call to require_login()
* line 49 of /index.php: call to require_course_login()
[10-Feb-2019 02:44:51 America/New_York] Default exception handler: Course or activity not accessible. Debug: You are not logged in
Error code: requireloginerror
* line 2677 of /lib/moodlelib.php: require_login_exception thrown
* line 3079 of /lib/moodlelib.php: call to require_login()
* line 49 of /index.php: call to require_course_login()
===============================================
the hosting send me the following logs
e have some ModSecurity logs. The examples of the logs you can find below:
[Fri Mar 01 08:dd35.ddddd9] [lsapi:error] [pid ddd51:tid 1xxxx88] [client 1xxxxxx] [host xxxxm] Error receiving response: Rec eiveResponse: receive pkg hdr failed: ReceivePkgHdr: nothing to read from backen d (LVE ID dddd), check http://docs.cloudlinux.com/mod_lsapi_troubleshooting.html , referer: httpsxxxxxxx/admin/tool/uploaduser/index.php
[Fri Mar 01 10:34:57.5dddd5 2019] [:error] [pid xxxx:tid xxx] [cli ent xxx:45032] [client xxx] ModSecurity: Error reading reque st body: Connection reset by peer [hostname "xxxxxx.com"] [uri "/login/logout. php"] [unique_id "XHlRFddgCgqOcLdq7pBoqQAAAdg"], referer: https:/ /xxxxxxxx.com/login/index.php
====================================
These 8000 users ... did you import via csv all 8000 at once and that's when this issue began?
Yes I uploaded them at once, and I rechecked the CSV uploaded has the same login data
Thanks for logs ...
think the culprit is seen in the mod_security logs tech support shared with you.
I see lsapi ... and that means your server is running LightSpeed as a web service.
I don't run LightSpeed ...
so the following a guess ...
ReceivePkgHdr: nothing to read from backen d (LVE ID dddd) ... looks like
moodle code cannot talk to backend database for moodle logins/logouts? due to ModSecurity rules.
Tech support, which doesn't appear to be doing their jobs ...
should reference link given: https://docs.cloudlinux.com/mod_lsapi_troubleshooting.html
And the modsecurity logs for a mod_security rule that came into play. I have no idea what that rule could be ... but they can see the mod_security config and rules ... and if need be, enter an exception to those rules to allow
the moodle to do what it wants to do. If tech support doesn't know how to do that ... then escalate trouble ticket in help desk of hosting and ask for an engineer or whatever level up from the first level of support hosting provider has/offers.
You could also ask them to disable mod_security for your site ... maybe ... unless you are on shared hosting.
Mind me asking where you host?
Have done all I can do ... maybe if you share how hosted and with whom, there might be others in these forums that host with same provider that could give you better guidance.
'spirit of sharing', Ken
Thanks a lot i will send them ticket to whitlist modsecuirty that prevent moodle from working
Yes i am on shared hosting. Namecheap
I will send the feedback of the hosting once answer me
You might want to prepare yourself ...
Well, will say this, among shared hosting providers, Namecheap does have a how 2 in their KB that is pretty good ...
https://www.namecheap.com/support/knowledgebase/article.aspx/10046/2182/how-to-install-moodle
If this is the only issue you'll face, consider yourself lucky. Moodle seems to require more and more with each new version. Could get yourself into a situation where you want to upgrade and can't due to limitations of DB server - character sets.
Wouldn't be surprised if they suggest you move to a VPS system where you are the only customer ... that, I've found, is better than shared, but still in a user jail. Many providers try to protect customers from themselves. It has been interesting to see helpdesk responses to the request for the superuser credentials to the dedicated/self-hosted DB server on customers machine - remember, you are the only customer ... and you've paid to be 'in control'. Hmmmm ....
Good luck!
'spirit of sharing', Ken
They already advised me to upgrade for vps,
And know they told me they can not know the specific modsecuirity rules causing the issue so they asked me of want to disable the whole modsecuirity for the whole site,
Is there a way to know the specific modsecuirity rule causing the issue??
Is it risky to get modsecuirity off to the whole site on shared hosting??
What ia your recommendation?
"And know they told me they can not know the specific modsecuirity rules causing the issue ..."
modsecurity logs ... they shared clips from that log. They didn't show what rule came into play but it is in that log. And yes they can make an exception to a rule ... that is done by referencing the URL that triggered the rule. Am assuming that on that server, even if shared host, they could (if they wanted to) figure out that /path/site/file.php to include. Rule would not be opened to others on the shared host due to **the exact** /path/site/file.php (which would be the /path/yoursite/your.php file).
"... so they asked me of want to disable the whole modsecuirity for the whole site,"
Your call ... not mine ... will say this about Moodle security ... ***IF*** you keep your site up to date and at a version that is getting fixes for not only code but security, then I'd say disable. ***IF*** you don't keep your site up-to-date, ?????
With a VPS, one can get or acquire remote support from persons who are more knowledgeable about Moodle. Staying with shared with mod_security off might make it kinda frustrating for those remote support people - and it's not really mod_security that's the issue (shared host). I can personally attest to that! :|
VPS will cost more ... but ... with 8000 users paying for courses ... how greedy are ya? Hmmm ... I've heard ... 'gotta spend money to make money'! Yeah, that's rather blunt ... but see no reason for 'soft skills' at this point - much gets lost in translation anyway.
VPS means someone will have to learn more ... do it yourself ... more, but helpdesk of provider is still there for some things ... what's providers helpdesk policies/cost for a VPS? That question not for response here but for you to research and weigh in decision.
Soooo ... there's my 2 cent opinion and advice ... everyone else invited to give there 2 cent advice as well!
'spirit of sharing', Ken
Really thanks for your reply, they white listed all the triggered rules in modsecuirty, and hope it solve the problem,
the 8000 the payment is differet, it is only for each teacher and he can include up to 1000 on his course, so they actually 8 , but it is still in its start, thanks a lot for your replay and support. Hoping that solve my problem.
Welcome! But ... think you've kinda dodged a bullet on shared hosting ... and that issues are still in your future with shared hosting. Won't ask any more about how you are charging for courses ... not sure I can calculate what you've described, but ... that's not my concern, is it?
Best of luck!
'spirit of sharing', Ken
thanks again, do you recommend me a good hosting for renewing after finishing my current period?
Answering with a question for your consideration ...
Is it better to stay with the 'devil' you know? Granted, you don't know what you don't know but ... let me provide an example ... and this would be a good question for your current provider since you are already on the 'inside' ... ie, a customer and if you begin discussion with your current provider, they should answer all your questions.
As the VPS administrator, will I have the super user credentials for the dedicated DB server that will run my Moodle?
That's called the 'fine print'. Believe it or not, about a month ago was helping a person who was having issues, moved to a VPS, and one of the tools to discover issues with DB required super user creds. Customer didn't have that info and customer asked helpdesk for those creds. The response said he/she shouldn't have that knowledge ... shouldn't know those creds. Uhhhh??? Kinda like buying a car and then the dealer welds the hood shut ... or will give you keys for the trunk, but not the ignition!!!
Now your currently setup on shared hosting ... what have you learned so far? mod_security blocked user logins sporadically. Yes, they fixed it, but how did they fix it? So you've learned nothing ... so make note ... if you go to a VPS with current provider they will *copy* your jailed account on shared host to a VPS server ... does that include mod_security with, as you put it, everything whitelisted? Is that good or a work-around?
You an rate this reponse useless if you like ... but ... there is nothing that will replace your own investigation of moving to a VPS ... just start asking tough questions.
'spirit of sharing', Ken
