Matteo Beccati

Sorry, what you suggest requires Revive Adserver to track on permanent storage hashes and the banner that has been displayed, which is kind of a "server side" cookie storage. Being it email, it would also give no possibility for the end user to accept or not. I don't think this can be on the roadmap, especially given the current privacy concerns and laws.

So sorry... the keyword system and direct selection are pretty much deprecated. So are local tags. It seems you're out of luck here :(

How would you expect Revive to know which banner was clicked?

Revive 5.3 will be compatibile with PHP 8.0. We expect to release a release candidate in a few weeks.

Sorry @wppmediagroup, advertiser users never have had the permissions to create campaigns. I also don't see any buttons or links to create new campaigns when logged in as an advertiser used, so could you please elaborate?

During the installation, you should have seen something like: Installing Revive Adserver Plugin: Banner Types PluginOK while the installer was installing all the bundled plugins, e.g.

The installation is not over at that point

Then there is something very wrong with your setup or hosting, or apache security modules. One of the last steps of the installer does also install the plugins.

Perhaps the standard plugins are disabled or not installed.

Did you just change that? Your logs where explicitly mentioning OA_Maintenance_Auto. Also 5 minutes operation interval is an extremely bad idea. Try setting it back to 60 minutes and schedule 1 cron job at minute 0. PS @andrewatfornax I really think we should remove the option.

If you have messages stating that maintenance is complete, there is nothing you should be worrying about. You're using automatic maintenance and concurrent requests will try to trigger it: one will succeed and the others will rigthfully fail. I'd suggest disabling auto-maintenance and setting up scheduled maintenance via cron.

My suggestion would be to try and restart MySQL. I do remember having seen once or twice such lock being stuck and not released.

To everyone else that I haven't already contacted, if you are interested to help pls PM me. I'll send you my IP and SSH key to see if I can find any more clues.

Research is still ongoing: we are in touch with a few affected users, but until now we haven't received enough evidence to understand how the malicious plugin or the php files in the images folder are being planted.

Hi @scott001, I'm sorry - we must have missed this. We've had similar reports, but until now no one was able to provide any useful information on how the malware or compromised plugin files were injected in the first place. Do you have any older logs that could help?