FTP not working in snapshot

I'm not able to get snapshot FTP working. I can get access thru two other tools, but not it.

  • Vaughan
    • Support/SLS MockingJay

    Hi LArry,

    Hope you're well?

    Can you try increasing the following value in php.ini (You may need to ask your webhost how to change this globally on your server)

    max_execution_time = 300
    max_input_time = 300

    See if that helps?

    Though it does seem to be sending to my FTP account ok.

    Thanks

  • tishimself
    • Syntax Hero

    Hi,

    This ticket was opened after the live support guy confirmed that he could FTP into my site using the info in the snapshot destination. I have tried various combinations in the destination info but nothing seems to work. I will try installing on a newer WP install site to see if it works there.

    Larry

  • tishimself
    • Syntax Hero

    Hi,

    No surprise here. Whatever is going wrong is probably the same on both sites.
    I use this same FTP info in Dreamweaver and WeBuilder (not sure it is a keeper because I can't get it to remember the destination for files on my PC and I'm getting pretty tired of telling it every single time).

    Larry

  • tishimself
    • Syntax Hero

    Hi,

    I have to wonder if SSL is causing a problem. Certainly, my Dreamweaver does not use an SSL secured connection and my WeBuilder does, so how could SSL be a problem?

    I tried making a secure ftp connection, but that did not work.

    But nothing else stands out. Fuzzy logic cause I can't really detail what the problem. I do have Really Simple SSL plugin active. Could it be insisting on the secure connection. Pure speculation on my part.

    I have to wonder if this is getting in the way of the google mapping plugin too?

    Larry

  • Vaughan
    • Support/SLS MockingJay

    Hi,

    It could be SSL related, that's the only thing that sticks out to me too.

    As you can see, the FTP details I used worked fine.

    This could certainly be affecting Googlemaps plugin too, as google does insist on https now.

    Could you perhaps provide me with your CPanel hosting credentials so I can try setting up FTP account on your hosting. Maybe there is something in the config that's different to on my host.

    Can you send your details via email direct to contact@wpmudev.org

    Mark for attn: Vaughan
    Include a ref URL to this thread.

    Please include the following details;
    - Site login details (super-admin if on multisite)
    - FTP login details so I can take a look at the theme/plugin files.
    - CPanel Credentials so I can look at the FTP config.

    Thanks

  • tishimself
    • Syntax Hero

    Hi,

    Ouch! I contacted the hosting company to see if they could locate an error message.
    The login was not being validated. It listed the ID in the error so that was right. I knew I had used the right password. So I guessed that SNAPSHOT had a password size limit that had been exceeded w/o producing an error message. Yep, it did not pass my full 50 char password, so the login failed.

    What is the password limit? Please update it to 50 characters and check when the password is entered that it is not too big.

    Now I am connecting.

    Sometimes I think breaking software is one of my talents. :slight_smile:

    Larry

  • tishimself
    • Syntax Hero

    Hi,

    Actually, Snapshot should not care about my password length or strength.
    In my case it is reducing my password security by reducing the length.

    Please fix soon while I work on getting the backup setup.

    Is it possible to attach your cloud storage to my PC like I do DropBox? If so then that would make it easy to maintain. I would just move the old ones off to my PC for safe keeping.

    Larry

  • tishimself
    • Syntax Hero

    Hi, add another issue to the mix. I am using PHP 7.1.5

    When I create a new child theme there is a PHP warning:

    Notice: A non well formed numeric value encountered in /home/chicagop/public_html/psychologist/plugins/snapshot/lib/Snapshot/Helper/Utility.php on line 1772

    Larry

  • Huberson
    • Recruit

    Hi Larry,
    To fix the "non well formed numeric value" error, please make this simple modification in the file "snapshot.php" under the plugin directory: Inside "/plugins/snapshot/snapshot.php" file remove the comments from line "2078" and "2095".

    Is it possible to direct them to my DropBox?

    Is it possible to attach your cloud storage to my PC like I do DropBox? If so then that would make it easy to maintain. I would just move the old ones off to my PC for safe keeping.

    Not sure if you can attach our cloud storage to your PC but, it is possible to set your snapshot destinations to Dropbox and use the Dropbox desktop utility to manage them on your local machine. Dropbox option is under "Snapshot > Destinations > Dropbox - Add New" .

    I tried to schedule for twice a week, but it only permitted me to add one date/time.

    When adding new snapshot you can configure the backup frequency under " When to Archive" tab. Twice a week in your case.

    I hope we address all your concerns Larry :slight_smile:. As always, we here if you need more assistance.

    Best,
    Huberson

  • tishimself
    • Syntax Hero

    Hi,
    >Snapshot should not care about my password length or strength. Please remove the limit.

    The silence is starting to concern me. As of yet I have heard no recognition of the issue let alone any indication that it will be fixed.

    May 22:
    Actually, Snapshot should not care about my password length or strength.
    In my case it is reducing my password security by reducing the length.

    Please fix soon while I work on getting the backup setup.

    May 26:
    Mostly, I want the plugin security issue fixed. I want my long passwords.

    Larry

  • Kasia Swiderska
    • Support nomad

    Hello Larry,

    I'm extremely sorry for the delay on our end and not addressing this issue with password length. I just send message to our developer about it and I'm waiting for the feedback.
    As soon I will have more information (why there is limit, if it can be removed) I'll update thread.

    kind regards,
    Kasia

  • Kasia Swiderska
    • Support nomad

    Hello Larry,

    Our developer is investigating this. I was not able to replicate and confirm, simply because my hosting provided does set a limit to char amount in FTP password (seems I will be opening tickets with them :wink:).
    But the issue is tasked and if indeed there is limit in Snapshot, it will be fixed.

    kind regards,
    Kasia

  • Vaughan
    • Support/SLS MockingJay

    I've spoke with the developer, there is nothing in the snapshot code at all that restricts the length of password, i've looked myself & I can't find any limitations in the plugin either.

    Can I ask why you need a 100 character password tho? a 20 character password is impossible to brute force in less than 100yrs even with the largest computer arrays anyway.

    Also to note, if your wp site gets hacked, the FTP password is actually stored in plaintext in the DB too.

    I'll ask the developer to have another look into this again, more thoroughly, but so far we haven't found any limits in the code.

    Thanks

  • tishimself
    • Syntax Hero

    Hi,

    First, just what is the proper way to login to wpmudev? The LOGIN tab no longer works. I thought it was my iPad, but no workie for PC either. I go to the hub to get in...awk.

    >Can I ask why you need a 100 character password tho? a 20 character password is impossible >to brute force in less than 100yrs even with the largest computer arrays anyway.
    Sure, first of all the password is not just my FTP password so in my view extra caution is worthwhile. Second, it is a easy/painless decision as there is no user impact to me to enter a long password. In other words, why not.

    >Does your password happen to contain characters like < or > as they are stripped by sanitize >function in wp. Just a shot in the dark.
    I had to change the password to make it work, but as it happens I kept a copy of my original failing password (just for such a question as this) which I can share as it is no longer valid:
    os?7&Bk9fnr*t]?%N&siK,oR>,^?!^Pj^BKyWV~mdD@}FRH#6+

    >Also to note, if your wp site gets hacked, the FTP password is actually stored in plaintext in the >DB too.

    Now I have another another reason to not use Snapshot, it stores the plain text password in the WP DB. Please address this issue as well.

    It is a fact that the max password length is limited. I figured it was in the Admin User Interface to snapshot that does something. Maybe I will have a look see for myself.

    Larry

  • Vaughan
    • Support/SLS MockingJay

    Ok, i've gone through a lot of different password lengths, no issue with length at all.

    But it doesn't like the following characters in Passwords:

    < > &

    If you don't use those characters, it will work ok with whatever length your server allows.

    I'll bring this to the developers attention.

    I apologise for the time this has taken, we were too busy focussing on the length, not the actual password itself.

  • tishimself
    • Syntax Hero

    Hi,

    Thanks, it is working now that I have removed those characters. I had no idea that there were such restrictions on the use of these characters. Certainly, they are not a problem for FTP.

    Now for a solution for encrypting the WP mySQL DB. Not yet seeing a way to do this.

    BTW, iThemes recommends 50 character passwords, but makes no mention of those 3 characters.

    Larry

  • Vaughan
    • Support/SLS MockingJay

    had no idea that there were such restrictions on the use of these characters. Certainly, they are not a problem for FTP.

    It's because we run the form fields through wp core function sanitize_text_field(). I've created a bug report for this issue, so i'm sure the devs will look into this.

    Regarding Encryption, yeah, we have to use solutions that are compatible for everyone, and including shared hosts which might not have those features. I'll raise this with the devs tho to see if we can find a way to do this, encryption is complicated tho, and as I say, we have to be compatible for most server configs. Be assured tho, i will bring it up (as i'm 1 for pushing security issues too)

  • Ivan
    • Developer

    Hi tishimself !

    Thank you! This issue will be fixed in soon. If you can't wait for it, you can try to use provided patch. Please, replace attached file instead of {wordpress_folder}/wp-content/plugins/snapshot/lib/Snapshot/Model/Destination/ftp/index.php file via FTP.

    Best regards,
    Ivan.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.