[Issue with Upgrade to 5.0]

Ok, I will try to upgrade this weekend and report what happens. If I have issues, I'll zip up my installation and share it with you.

[Issue with Upgrade to 5.0]

Any update on this issue?

[Insecure Cookies Warnings - Non-SSL Cookies]

I currently have the force secure cookies .htaccess code in my site's root. Should it instead be in the directory for Revive's root, or perhaps in the directory where the cookie set php files are?

[Insecure Cookies Warnings - Non-SSL Cookies]

Yes, mod_headers is installed and working.

[Issue with Upgrade to 5.0]

I just want to check to see if you guys got what you needed to help resolve this issue...please let me know.

[Insecure Cookies Warnings - Non-SSL Cookies]

Both the Revive adserver site and the site I display my ads are on the same server and domain: https://www.celiac.com Both are also set to be https under the SSL certificate. I have even tried using these in .htaccess to force secure cookies an https:

#force https
 <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
 </IfModule>
#
#FORCE SECURE COOKIES
<IfModule mod_headers.c>
# only for Apache > 2.2.4:
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
#
# lower versions:
#Header set Set-Cookie HttpOnly;Secure
</IfModule>
 

 

but the error still shows:

https://www.dareboost.com/en/report/a_25e3a5b31a0612f6f36f66767?reportIds=a_25e3a5b31a0612f6f36f66767

[Issue with Upgrade to 5.0]

Thank you @manuel, please let me know if you still need my help. I would like to be able to upgrade soon.

[Insecure Cookies Warnings - Non-SSL Cookies]

Any help here would be appreciated. My cookies are still not secure. I don't follow how to add in an header line, sorry.

[Insecure Cookies Warnings - Non-SSL Cookies]

As you can see, within that file all are set to on or https...is there a setting somewhere else for this? My cookies are not secure, I do not use the cloud or have a proxy server. How can I make my cookies secure?

In config here are my settings:

[openads]
installed=1
requireSSL=1
sslPort=443
language=en

[max]
requireSSL=1
sslPort=443

 

[cookie]
permCookieSeconds=31536000
maxCookieSize=2048
domain=
viewerIdDomain=
 

[Insecure Cookies Warnings - Non-SSL Cookies]

I found the code you mean, I just don't know exactly what you did to the code to change it. Here is my code:

function setupConfigVariables()
{
    $GLOBALS['_MAX']['MAX_DELIVERY_MULTIPLE_DELIMITER'] = '|';
    $GLOBALS['_MAX']['MAX_COOKIELESS_PREFIX'] = '__';
    $GLOBALS['_MAX']['thread_id'] = uniqid();

    // Set a flag if this request was made over an SSL connection (used more for delivery rather than UI)
    $GLOBALS['_MAX']['SSL_REQUEST'] = false;
    if (
        (!empty($_SERVER['SERVER_PORT']) && !empty($GLOBALS['_MAX']['CONF']['openads']['sslPort']) && ($_SERVER['SERVER_PORT'] == $GLOBALS['_MAX']['CONF']['openads']['sslPort'])) ||
        (!empty($_SERVER['HTTPS']) && ((strtolower($_SERVER['HTTPS']) == 'on') || ($_SERVER['HTTPS'] == 1))) ||
        (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && (strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https')) ||
        (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && (strtolower($_SERVER['HTTP_X_FORWARDED_SSL']) == 'on')) ||
        (!empty($_SERVER['HTTP_FRONT_END_HTTPS']) && (strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) == 'on')) ||
        (!empty($_SERVER['FRONT-END-HTTPS']) && (strtolower($_SERVER['FRONT-END-HTTPS']) == 'on'))
    ) {
        // This request should be treated as if it was received over an SSL connection
        $GLOBALS['_MAX']['SSL_REQUEST'] = true;
    }

    // Maximum random number (use default if doesn't exist - eg the case when application is upgraded)
    $GLOBALS['_MAX']['MAX_RAND'] = isset($GLOBALS['_MAX']['CONF']['priority']['randmax']) ?
        $GLOBALS['_MAX']['CONF']['priority']['randmax'] : 2147483647;

        list($micro_seconds, $seconds) = explode(" ", microtime());
        $GLOBALS['_MAX']['NOW_ms'] = round(1000 *((float)$micro_seconds + (float)$seconds));

    // Always use UTC when outside the installer
    if (substr($_SERVER['SCRIPT_NAME'], -11) != 'install.php') {
        // Save server timezone for auto-maintenance
        $GLOBALS['serverTimezone'] = date_default_timezone_get();
        OA_setTimeZoneUTC();
    }
}
 

[Issue with Upgrade to 5.0]

Ok, it might take me a week or so, but I'll get it together...

[Issue with Upgrade to 5.0]

yes, but is it possible for me to flush out most of the subscribers beforehand?

[Insecure Cookies Warnings - Non-SSL Cookies]

6 hours ago, Artistan said:

our load balancer was forwarding to servers on port 80. had to add the `HTTP_FRONT_END_HTTPS` or similar for verifying SSL_REQUEST

Can you please tell me exactly what you added and where? That would be a huge help...thank you!

[Issue with Upgrade to 5.0]

Please ignore the post I made...got my forum's confused! I still haven't attempted an upgrade due to the database issue. Is there any news?

[Issue with Upgrade to 5.0]

I am still stuck on v4.2.1 and nobody at Revive seems to notice this thread...

[Throttle By Domain]

It seems that nobody with a large list would every use the throttle features the way they are set up, as it will throttle every domain. Does anyone know if there is a plugin that would allow one to throttle only domains on a list? I have ~4-5 domains I need to throttle, but don't need to throttle gmail, hotmail, etc. If not, this would be a great feature to add.

[Issue with Upgrade to 5.0]

I still can't upgrade for the reasons listed above. It would be nice if they could look into this. I too have an old installation...I've been running it since it was PHPAdsNew, so way over 10 years.

["Can't reach site" Error When Running Process Bounces]

After upgrading recently I am now getting Can't Reach Site errors when running the process bounces in the ACP. This never happened before. Any ideas?

Also, I still cannot upgrade and haven't gotten an answer here:

https://forum.revive-adserver.com/topic/5526-issue-with-upgrade-to-50/

[Issue with Upgrade to 5.0]

Still no solution? Nobody can upgrade?

[Issue with Upgrade to 5.0]

I still have not tried to upgrade again. If you have made no changes to the 5.0 release, the same thing will happen, and I won't be able to upgrade. Were there any changes made to the software since I had this issue? 

[Switching adserver to subdomain]

I spent a day trying again to get a sub-domain working. I was able to get it working using the iFrame and Java tags, including the single page call Java tags, however, now matter what I did, I could not get the async tags working using the sub domain (which is my goal here). Is there any reason anyone can think of that would explain why all of the other tags are working for this, but not the async tags?

[Issue with Upgrade to 5.0]

Still no fix for this issue??

[Issue with Upgrade to 5.0]

PS - I did follow your upgrade process perfectly, copied over the new files, etc. I've been running this for over 10 years now, so know how to upgrade. I think you have a bug in your updater this time. I reverted my copy back to 4.2.1.

[Issue with Upgrade to 5.0]

I just upgraded to 5.0, ran the upgrade wizard, all seemed to go fine, but was expecting after it ran that when I went to my acp I would be prompted to update my database...I was not. When I go now to the Product Updates area I see:

• You are currently using Revive Adserver v5.0.0 (warning: database is stamped as v4.2.1) running on Apache, PHP 7.3.10 and MySQL 5.5.5-10.3.18-MariaDB.

So was my database supposed to upgrade with 5.0? Now that it didn't happen, how can I upgrade it?

[Switching adserver to subdomain]

Thank you for taking a shot at this, but it is configured correctly, as I am using it to serve images from another app that I run, which is my Invision Power Board forum.