Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.my user/1 account just got the IP blacklisted. I checked the permissions, and I DO have bypass filters checked. site crashed with WSOD on the url /duplicate/denied/ip
Comments
Comment #1
jeremy commentedInteresting. Did you start with an alpha version of the module, and then upgrade to the beta1 release? If so, please be sure that you replaced _all_ files. I did some regression testing prior to releasing this tarball, and did not run into this bug.
Please look in your Apache error logs. What error showed up there when you hit /duplicate/denied/ip?
Comment #2
jenlamptonI did not upgrade, just installed the beta version. looking into logs for you now.
Q: looks like spam does not register the callback /duplicate/denied/ip - how did I get there?
Comment #3
jenlamptonthanks, you helped me realize I have a hole in my logging! Unfortnately that means I don't have anything useful for you.
More testing reveals that I get WSOD on every comment post now - my IP has been blocked - so maybe it happens for all blocked IPs?
I hit my php mem limit once...
here is the callstack for that error
# Time Memory Function Location
1 0.0000 40944 {main}( ) ../index.php:0
2 0.0325 1953748 menu_execute_active_handler( ) ../index.php:15
3 0.0701 2972848 call_user_func_array ( ) ../menu.inc:418
4 0.0701 2972848 comment_reply( ) ../menu.inc:0
5 0.0843 3100172 comment_form_box( ) ../comment.module:675
6 0.0843 3100172 drupal_get_form( ) ../comment.module:1579
7 0.0861 3105604 drupal_process_form( ) ../form.inc:80
8 0.1387 3204608 drupal_submit_form( ) ../form.inc:258
9 0.1387 3204744 call_user_func_array ( ) ../form.inc:430
10 0.1387 3204744 comment_form_submit( ) ../form.inc:0
11 0.1409 3222068 comment_save( ) ../comment.module:1672
12 0.1641 3223588 comment_invoke_comment( ) ../comment.module:792
13 0.1641 3223588 comment_comment( ) ../comment.module:1979
14 0.1641 3223588 spam_content_insert( ) ../spam_comment.inc:14
15 0.1643 3224428 spam_content_filter( ) ../spam.module:220
16 0.1649 3225276 spam_invoke_module( ) ../spam.module:147
17 0.1649 3225276 call_user_func_array ( ) ../spam.module:988
18 0.1649 3225276 module_invoke( ) ../spam.module:0
19 0.1649 3226272 call_user_func_array ( ) ../module.inc:386
20 0.1649 3226488 duplicate_spamapi( ) ../module.inc:0
21 0.1651 3231016 duplicate_spam_filter( ) ../duplicate.module:110
22 35.3293 3240356 db_query( ) ../duplicate.module:307
23 35.3293 3240356 preg_replace_callback ( ) ../database.inc:200
24 35.3293 3240508 _db_query_callback( ) ../database.inc:0
25 35.3293 3240508 array_shift ( )
Comment #4
jeremy commentedYour stack includes the following headers: "# Time Memory Function Location". We enter the spam module in #14, 0.1641 seconds in, with what I assume is 3,223,588 bytes of memory, or 3MB. Everything proceeds quickly until we call db_query() from duplicate_spam_filter() in #21. This query takes 35 seconds -- something is very wrong! Line 403 is a very simple query, attempting to determine the id of the content we are about to unpublish. I do not see any reason this query should take a long time. In any case, the spam module does not appear to be consuming that much more memory at this point, about 16K.
What is your memory_limit set to in php.ini? Can you increase this limit?
I'm also perplexed, as this function is invoked from the spam module function spam_content_filter(), and the first few lines of that function check if you have "bypass filters" access, and if you do it should exit. Are you sure you're actually logged in with UID1? This suggests that you're not. Or, are you using some contributed permissions system?
Comment #5
jeremy commented"Q: looks like spam does not register the callback /duplicate/denied/ip - how did I get there?"
This is from duplicate_init() in the duplicate.module. And this does not actually check the "bypass filters" permission, as it should. Thus, one theory on how you got here: if you were testing the duplicate module, and marked some content as spam, this populated your spam_duplicate module with your IP address. Once you tested enough pieces of content, your IP became blocked.
I do consider this a bug and will check in a fix.
Comment #6
jeremy commentedFix committed to development branch. (I still recommend you increase your memory limit)
Comment #7
jenlamptonmy memory_limit is set at 64M.
So far no comments have been makred as spam by me. The threshold for duplicate messages was to three and I created three comments that said "test" and ended up with my IP on the blacklist. (I am both user 1, and my role is has the bypass filters permission.)
I'll try the dev branch and see if I still have this issue. Thanks for the speedy turnaround.
Jen
Comment #8
jeremy commentedInteresting. It's not clear to me why you ran out of memory. Nor is it clear why your test comments ended up in the spam queue. Can you please post the output of the following:
Note that -devel snapshots are only built once every 12 hours, so the updated code can take a while to show up.
Comment #9
jeremy commentedOh. Heh, of course. If you created three duplicate comments, then that's why they were flagged as spam. However, if you're logged in as UID 1, they should have bypassed the filter. Are you sure you're not using another user?
Comment #10
jenlamptonI was using uid 1 (yes, I'm sure) but my tests were from before you posted the patch for duplicate that checked the bypass filters permission (maybe it was also not checking for user 1?) anyway - I hadn't encountered any more issues after upgrading to the dev branch, but have now switched to the abuse module instead. (My admins really like the "ban" link right on the abuse moderation page - perhaps I should post that as a feature request for spam?)
Comment #11
jeremy commentedThis appears to no longer be an issue, fixed in the latest -dev branch.