Bug in New GeoIP Settings

Thanks for adding the ability to auto-update the GeoIP database, unfortunate the SAVE button for the auto-updating settings seems to be broken.

I assume this should be working with the “GeoIP (Php)” option?

I tested in Chrome and IE9, the Save button is broken in both (also tested with multiple Piwik installations). When clicked, it does nothing.

it should be working. If you reload the page, is the URL not there ?

do you see any error in javascript console in the browsers?

Thanks for your reply, I didn’t think to look at the console. Yes that was helpful :slight_smile:

After clicking the Save button it shows this:

POST http://www.(mydomain).com/piwik/index.php?period=month&idSite=1&date=today 403 (Forbidden)

I guess this is because I have set a password for my piwik directory using .htaccess

I currently have the following exceptions in my .htaccess file:

<Files ~ “^piwik.(js|php)|robots.txt$”>
Allow from all
Satisfy any

I guess adding index.php to that exception would defeat the purpose of having a password for the directory. Is there some other workaround?

I did reply but apparently that post disappeared into a moderation queue, not sure why.

So I checked the console and it’s reporting:

POST http://www.(mydomain).com/piwik/index.php?period=month&idSite=1&date=today 403 (Forbidden)

I thought it might be my .htaccess file which password-protects the Piwik directory (with the exceptions as recommended on this site) but removing the .htaccess file didn’t help, the console still reports a 403 POST error when clicking the save button.

Now I figured it out, it’s due to the ModSecurity rules on my server, specifically:

Match of “rx ://%{SERVER_NAME}/” against “MATCHED_VARS:loc_db” required. [file “/usr/local/apache/conf/modsec_rules/10_asl_rules.conf”] [line “497”] [id “340162”] [rev “285”] [msg “Remote File Injection attempt in ARGS (AE)”] [data “http://geolite.maxmind.com/download/geoip/database/geolitecity.dat.gz”] [severity “CRITICAL”]

So basically there’s a ModSecurity rule to prevent users from entering URLs into POST forms.

This is part of the standard ModSecurity ruleset provided by GotRoot.com

I disabled that ModSecurity rule temporarily to changing the Piwik settings, then I found there’s a second rule that also prevents it working. So in case anybody else is using the ModSecurity rules from GotRoot.com (the free version is great!) and is having the same problem, you need to temporarily disable both rules 340162 and 340163. Then you can save the Piwik GeoIP auto-update settings successfully.

Thanks for your help.

If you leave the ISP and Organization fields blank, the Save button does nothing.

If all fields have the link as provided under “Setup automatic updates of GeoIP databases”, a download starts then fails shortly after with this message:

A fatal error occurred while downloading this file. There might be something wrong with your internet connection, with the GeoIP database you downloaded or Piwik. Try downloading and installing it manually.

Downloading and installing manually defetas the purpose of automatic updates. What would trigger this error?

Hi graves007,

I think the issue you were experiencing in your first post (where leaving ISP/Organization blank results in nothing happening) is a UI bug. If the databases you’re setting links for already exist, the links are updated, but the ‘Done’ message doesn’t display. You can fix that by replacing the ./piwik/plugins/UserCountry/Controller.php file with this one[/url]. Also, replace the ./piwik/plugins/UserCountry/GeoIPAutoUpdater.php file with [url=https://raw.github.com/piwik/piwik/1.X/plugins/UserCountry/GeoIPAutoUpdater.php]this one as I fixed another bug while looking into your issue.

The second issue could be caused by a lot of things. My guess, though, is that it took too long to download the file and the browser decided to stop waiting. We were aware of this issue when building the feature, so Piwik will actually try and download the file piece by piece. Unfortunately, Maxmind’s servers don’t allow doing this.

If you only care about the location database and/or ISP database, you shouldn’t encounter any issues. Let me know if this helps (or if it doesn’t).

One other thing to note: when putting in the URLs to the Organization & ISP databases, make sure the ‘date=…’ part of the URL isn’t present. If they are there, the latest version of the database won’t be downloaded. (They are in the links MaxMind provides, so it can easy to overlook them.)

In case the browser timing out isn’t the problem, here’s one other idea: You might not have PEAR installed, or PHP might not be able to include PEAR.php.

Also, if you’ve got logging enabled (w/ “logger_message[] = file” in your config.ini.php) you might be able to find more information in the Piwik log files.