Thunderstone Support Forums

This update provides:

• Better suppression of placeholder results. Hash is included by default, and can be added to Compound Index Fields to assist.
• Profile selection table now sortable and searchable.
• Option for whether hyphens are used to denote a phrase, or should be literal hyphen characters.
• Fixes for category search with metasearch, infield query parsing
• Better support for some proxy configurations.

The Texis 7.07 is about 5 years old now. At the time our Search Appliances ran on CentOS 6, so that version should have been tested on CentOS 6. We do not regularly test with docker, so it is possible that there are issues there, particularly with the inter-process communication that we use. I think we did test with docker and CentOS about a year later, but that might have been Texis version 8.

Was anything written to any of the texis logs?

Several updates for system internal items have been released to fix security issues (CVEs listed below).

Use your appliance's System / System Setup / Webmin / Software Package Updates to install all available updates. You should plan and perform a reboot shortly after installing the updates.

CVE-2007-4559
CVE-2019-12900
CVE-2020-11023
CVE-2020-26159
CVE-2021-35937
CVE-2021-35938
CVE-2021-35939
CVE-2021-3903
CVE-2022-24805
CVE-2022-24806
CVE-2022-24807
CVE-2022-24808
CVE-2022-24809
CVE-2022-24810
CVE-2022-3515
CVE-2022-37967
CVE-2022-39377
CVE-2022-40897
CVE-2022-40982
CVE-2022-41804
CVE-2022-43552
CVE-2022-44792
CVE-2022-44793
CVE-2022-46329
CVE-2022-46663
CVE-2022-47024
CVE-2022-47629
CVE-2022-48303
CVE-2022-48624
CVE-2022-49043
CVE-2023-20867
CVE-2023-20900
CVE-2023-22652
CVE-2023-22655
CVE-2023-22745
CVE-2023-23583
CVE-2023-23908
CVE-2023-23916
CVE-2023-25690
CVE-2023-27533
CVE-2023-27534
CVE-2023-27535
CVE-2023-27536
CVE-2023-27538
CVE-2023-28321
CVE-2023-28322
CVE-2023-28484
CVE-2023-28746
CVE-2023-29469
CVE-2023-31346
CVE-2023-33204
CVE-2023-34058
CVE-2023-34059
CVE-2023-34440
CVE-2023-38408
CVE-2023-38469
CVE-2023-38470
CVE-2023-38471
CVE-2023-38472
CVE-2023-38473
CVE-2023-38545
CVE-2023-38546
CVE-2023-38575
CVE-2023-38709
CVE-2023-39368
CVE-2023-39615
CVE-2023-39975
CVE-2023-42667
CVE-2023-43490
CVE-2023-43758
CVE-2023-44487
CVE-2023-45733
CVE-2023-46103
CVE-2023-46218
CVE-2023-48795
CVE-2023-49141
CVE-2023-51385
CVE-2023-52605
CVE-2023-52922
CVE-2023-6516
CVE-2023-6597
CVE-2024-0450
CVE-2024-10041
CVE-2024-10963
CVE-2024-11168
CVE-2024-11187
CVE-2024-12797
CVE-2024-1737
CVE-2024-1975
CVE-2024-21820
CVE-2024-21853
CVE-2024-2236
CVE-2024-22365
CVE-2024-23918
CVE-2024-2398
CVE-2024-23984
CVE-2024-24582
CVE-2024-24795
CVE-2024-24853
CVE-2024-24968
CVE-2024-24980
CVE-2024-25062
CVE-2024-2511
CVE-2024-25939
CVE-2024-27316
CVE-2024-28047
CVE-2024-28127
CVE-2024-28182
CVE-2024-29214
CVE-2024-30203
CVE-2024-30204
CVE-2024-30205
CVE-2024-31068
CVE-2024-31157
CVE-2024-32487
CVE-2024-35235
CVE-2024-3596
CVE-2024-36293
CVE-2024-36387
CVE-2024-37020
CVE-2024-37370
CVE-2024-37371
CVE-2024-38474
CVE-2024-39279
CVE-2024-39331
CVE-2024-39355
CVE-2024-4032
CVE-2024-4076
CVE-2024-43855
CVE-2024-45490
CVE-2024-45491
CVE-2024-45492
CVE-2024-4603
CVE-2024-47175
CVE-2024-4741
CVE-2024-50120
CVE-2024-50264
CVE-2024-50302
CVE-2024-50602
CVE-2024-53095
CVE-2024-53113
CVE-2024-53177
CVE-2024-53178
CVE-2024-53197
CVE-2024-54680
CVE-2024-5535
CVE-2024-56171
CVE-2024-6119
CVE-2024-6232
CVE-2024-6345
CVE-2024-6387
CVE-2024-6409
CVE-2024-6923
CVE-2024-8088
CVE-2024-8176
CVE-2024-9287
CVE-2025-0624
CVE-2025-21785
CVE-2025-24855
CVE-2025-24928
CVE-2025-27363

No, the the primary and secondary thesaurus are combined before the query is processed. You would only be able to optionally merge the secondary thesaurus in or not for the entire query.

There is a search setting for which thesaurus to use as the Main Thesaurus and the Secondary Thesaurus, so you shouldn't need to hardcode that into the scripts so that script updates won't break it.

You could add a setting that would toggle whether the secondary thesaurus (ueqprefix) is enabled or not, and that would be a script edit.

Thanks for updating. The nonce is there to protect against Cross-Site Request Forgery (CRSF) attacks.

Webinator itself shouldn't be producing 403 errors. I'm not sure if you can check the Apache error.log to see if it is denying the request and gives a reason. The URLs themselves look correct, and the CGI should find the update.html inside the dowalk script. The only different is that the update.html will get a POST, whereas the lookfeel.html a GET. Is it possible that the directives are trying to rewrite the POST even if it's already https?

You could also look under System / Information / System Information at the Client tab to see if the headers look correct.

Let me check. I thought we had done so in the past, but I haven't tried recently.

Do you have a preferred From in the Dockerfile I should test with?

Did you try and have problems? Which version of Texis?

This is a minor update to the texisScripts package which will prevent crawls which aren't finishing if you are not storing placeholders, have multiple servers being crawled, and canonical urls tags on your pages.

You could use <urlinfo> with various options to see what headers or other information is returned.

You may also want to use <urlcp sslprotocols> to restrict it to TLSv1.2, which I think is the most recent one your version supports.

There are also trace options https://docs.thunderstone.com/site/vort ... trace.html that you can use to add more verbosity in case there are other returns coming through.