[GH-ISSUE #87] 1.5.6 virustotal plugin error #16

New issue

Closed

opened 2026-03-02 02:59:23 +03:00 by kerem · 2 comments

kerem commented

2026-03-02 02:59:23 +03:00

Owner

Originally created by @andyoulovexy on GitHub (Apr 11, 2024).
Original GitHub issue: https://github.com/bunkerity/bunkerweb-plugins/issues/87

What happened?

[error] 230#230: *112 [ACCESS] virustotal:access() failed : /usr/share/bunkerweb/deps/lib/lua/resty/upload.lua:109: http v2 not supported yet

How to reproduce?

use virustotal and configure apikey

Configuration file(s) (yaml or .env)

services:
  bunkerweb:
    image: bunkerity/bunkerweb:1.5.6
    ports:
      - 80:8080
      - 443:8443
    labels:
      - "bunkerweb.INSTANCE=yes"
    environment:
      - SERVER_NAME=www.xxxxx.com
      - MULTISITE=yes
      - DATABASE_URI=mariadb+pymysql://xxxx:xxxx@bw-db:xxxx/db # Remember to set a stronger password for the database
      - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
      - USE_CLAMAV=yes
      - CLAMAV_HOST=clamav
      - USE_VIRUSTOTAL=yes
      - VIRUSTOTAL_API_KEY=90xxxxxx9a78a64
      - AUTO_LETS_ENCRYPT=yes
      - USE_CROWDSEC=yes
      - CROWDSEC_API=http://crowdsec:xxxx
      - CROWDSEC_API_KEY=xxxxx
      - DISABLE_DEFAULT_SERVER=yes
      - USE_CLIENT_CACHE=yes
      - USE_GZIP=yes
      - www.xxxx.com_USE_UI=yes
      - www.xxxx.com_USE_REVERSE_PROXY=yes
      - www.xxxx.com_REVERSE_PROXY_URL=/admin
      - www.xxxx.com_REVERSE_PROXY_HOST=http://bw-ui:7000
      - www.xxxx.com_INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504

Relevant log output

2024/04/11 09:50:29 [error] 230#230: *112 [ACCESS] virustotal:access() failed : /usr/share/bunkerweb/deps/lib/lua/resty/upload.lua:109: http v2 not supported yet, client: xxxxxx, server: bw.andyou.com, request: "POST /vulnerabilities/upload/ HTTP/2.0", host: "bw.xxxxx.com", referrer: "https://xxxx.xxxxx.com/vulnerabilities/upload/"

BunkerWeb version

1.5.6

What integration are you using?

Docker

Linux distribution (if applicable)

No response

Removed private data

I have removed all private data from the configuration file and the logs

Code of Conduct

I agree to follow this project's Code of Conduct

Originally created by @andyoulovexy on GitHub (Apr 11, 2024). Original GitHub issue: https://github.com/bunkerity/bunkerweb-plugins/issues/87 ### What happened? [error] 230#230: *112 [ACCESS] virustotal:access() failed : /usr/share/bunkerweb/deps/lib/lua/resty/upload.lua:109: http v2 not supported yet ### How to reproduce? use virustotal and configure apikey ### Configuration file(s) (yaml or .env) ```YAML services: bunkerweb: image: bunkerity/bunkerweb:1.5.6 ports: - 80:8080 - 443:8443 labels: - "bunkerweb.INSTANCE=yes" environment: - SERVER_NAME=www.xxxxx.com - MULTISITE=yes - DATABASE_URI=mariadb+pymysql://xxxx:xxxx@bw-db:xxxx/db # Remember to set a stronger password for the database - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 - USE_CLAMAV=yes - CLAMAV_HOST=clamav - USE_VIRUSTOTAL=yes - VIRUSTOTAL_API_KEY=90xxxxxx9a78a64 - AUTO_LETS_ENCRYPT=yes - USE_CROWDSEC=yes - CROWDSEC_API=http://crowdsec:xxxx - CROWDSEC_API_KEY=xxxxx - DISABLE_DEFAULT_SERVER=yes - USE_CLIENT_CACHE=yes - USE_GZIP=yes - www.xxxx.com_USE_UI=yes - www.xxxx.com_USE_REVERSE_PROXY=yes - www.xxxx.com_REVERSE_PROXY_URL=/admin - www.xxxx.com_REVERSE_PROXY_HOST=http://bw-ui:7000 - www.xxxx.com_INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504 ``` ### Relevant log output ```shell 2024/04/11 09:50:29 [error] 230#230: *112 [ACCESS] virustotal:access() failed : /usr/share/bunkerweb/deps/lib/lua/resty/upload.lua:109: http v2 not supported yet, client: xxxxxx, server: bw.andyou.com, request: "POST /vulnerabilities/upload/ HTTP/2.0", host: "bw.xxxxx.com", referrer: "https://xxxx.xxxxx.com/vulnerabilities/upload/" ``` ### BunkerWeb version 1.5.6 ### What integration are you using? Docker ### Linux distribution (if applicable) _No response_ ### Removed private data - [X] I have removed all private data from the configuration file and the logs ### Code of Conduct - [X] I agree to follow this project's Code of Conduct

kerem

2026-03-02 02:59:23 +03:00

closed this issue
added the
bug
label

kerem commented

2026-03-02 02:59:25 +03:00

Author

Owner

@TheophileDiot commented on GitHub (Apr 16, 2024):

Hi @andyoulovexy, thank you for opening this issue.
Could you please open the same issue on the appropriate repository ? Thank you
https://github.com/bunkerity/bunkerweb-plugins

@TheophileDiot commented on GitHub (Apr 16, 2024): Hi @andyoulovexy, thank you for opening this issue. Could you please open the same issue on the appropriate repository ? Thank you https://github.com/bunkerity/bunkerweb-plugins

kerem commented

2026-03-02 02:59:25 +03:00

Author

Owner

@fl0ppy-d1sk commented on GitHub (Jul 15, 2024):

Hello @andyoulovexy, ATM http2 is not supported on many community plugins. Before we have the time to fix it, you should disable it with HTTP2=no.

@fl0ppy-d1sk commented on GitHub (Jul 15, 2024): Hello @andyoulovexy, ATM http2 is not supported on many community plugins. Before we have the time to fix it, you should disable it with `HTTP2=no`.