Hi,
I just moved PW to a new server and now I can't login because I am getting the error:
"this request was aborted because it appears to be forged" when submitting the login form.
I tried changing the password and username with the API... thinking this is session related?
Any suggestions?
Thanks in advance,
this request was aborted because it appears to be forged
Started by joshuag, Jul 30 2012 12:09 PM
login
20 replies to this topic
#1
joshuag
-
- Members
-
- 109 posts
-
71
Sr. Member
- LocationCalgary AB, & Mérida, Yucatan
#2
joshuag
-
- Members
-
- 109 posts
-
71
Sr. Member
- LocationCalgary AB, & Mérida, Yucatan
Posted 30 July 2012 - 12:14 PM
ok fixed this. It was permission problem... (smacks head.)
had to make sure /site/config.php was readable.
Clear case of the mondays.
had to make sure /site/config.php was readable.
Clear case of the mondays.
#5
onjegolders
-
- Members
-
- 795 posts
-
206
Hero Member
- LocationMidlands, UK
#6
onjegolders
-
- Members
-
- 795 posts
-
206
Hero Member
- LocationMidlands, UK
#7
DaveP
-
- Members
-
- 285 posts
-
135
Sr. Member
- LocationChorley, UK
#8
ryan
-
- Administrators
-
- 5,771 posts
-
3112
Hero Member
- LocationAtlanta, GA
Posted 15 August 2012 - 12:17 PM
Just managed to get in by changing permissions on the assets folder to 777. Not sure how much I fancy leaving it like that but for now will have to do as putting it back down to 755 for example, I get the error message again.
Most likely Apache is running as the same user for everybody on the server, probably with a name like "nobody". So it's not going to be able to write to a directory that is only writable to you (755)... it'll only be able to read from it. If the accounts a truly jailed from one another, and one account can't manipulate the files of another (by way of Apache) then 777 should be no problem. Likewise if it's a dedicated or VPS without untrusted accounts on it, then it should be fine. It sounds like that's the only way it'll run right now, so I would set it to that and then check with the web host what they recommend for Apache-writable directory permissions, and do what they suggest. You might also inquire if you can get an suPHP environment, where Apache/PHP would run as your account--in that case, you would only need rwx to yourself (700) or writable to you and rx to others (755).
#9
alanfluff
-
- Members
-
- 405 posts
-
118
Sr. Member
- LocationOttawa, Canada
Posted 17 September 2012 - 09:04 AM
Same here: I moved a site to a safe live hosting env' and had this error.
The fix proved to be making /site/assets/ 777 and recursively applying that to all inside /site/assets/, that fixed it
thanks posters.
The fix proved to be making /site/assets/ 777 and recursively applying that to all inside /site/assets/, that fixed it
thanks posters.
#10
Pete
-
- Administrators
-
- 1,756 posts
-
657
Administrator
- LocationChester, England
Posted 17 September 2012 - 12:06 PM
I've had two lots of hosting where I asked the host to switch it to suPHP - there are only a few minutes of downtime during the process, if that, and the permissions side of things suddenly makes infinitely more sense, so +1 to ryan.
#11
evanmcd
-
- Members
-
- 79 posts
-
28
Full Member
Posted 25 September 2012 - 12:22 AM
I just got this error too, but found that it persisted even after I double-checked my assets and config.php permissions.
I had installed the site using the ProcessWire Blank Profile, so figured I'd try it without that. Not sure why, but it did the trick. Removing the current install and reinsalling while sticking with the default site cleared up the issue.
I had installed the site using the ProcessWire Blank Profile, so figured I'd try it without that. Not sure why, but it did the trick. Removing the current install and reinsalling while sticking with the default site cleared up the issue.
#12
Martijn Geerts
-
- Members
-
- 373 posts
-
168
Sr. Member
Posted 04 October 2012 - 03:12 AM
"this request was aborted because it appears to be forged" message is also shown when try to login and cookies are disabled.
(Somewhat confusing, better to get a message to enable cookies before tying to login)
(Somewhat confusing, better to get a message to enable cookies before tying to login)
#13
cstevensjr
-
- Members
-
- 16 posts
-
13
Distinguished Member
- LocationBanning, California
Posted 27 October 2012 - 06:36 PM
I just got this error too, but found that it persisted even after I double-checked my assets and config.php permissions.
I had installed the site using the ProcessWire Blank Profile, so figured I'd try it without that. Not sure why, but it did the trick. Removing the current install and reinsalling while sticking with the default site cleared up the issue.
I just ran into the exact same problem trying to use the Blank Profile.
"It's not what you say ... it's what you do that makes the difference"
"By his deeds shall a man be known"
#14
antknight
-
- Members
-
- 103 posts
-
21
Sr. Member
- LocationCambridge, UK
Posted 24 November 2012 - 07:34 AM
I just ran into the exact same problem trying to use the Blank Profile.
Same for me
OS X · Spectacle · ST · MAMP · Chrome w/ LiveReload + Cache Killer
#15
Soma
-
- Moderators
-
- 3,186 posts
-
1743
Hero Member
- LocationSH, Switzerland
Posted 24 November 2012 - 08:10 AM
Blank profile is done using pw 2.2.0 I think so there could be the problem. However it would take u only little time creating a new one. Or just start with the default install, which is actually very nice start.
@somartist | modules created | support me, flattr my work flattr.com
#16
antknight
-
- Members
-
- 103 posts
-
21
Sr. Member
- LocationCambridge, UK
Posted 24 November 2012 - 09:17 AM
Is it OK to just use the default install and just delete the fields, pages and templates? Anything else that should be done?
OS X · Spectacle · ST · MAMP · Chrome w/ LiveReload + Cache Killer
#17
Soma
-
- Moderators
-
- 3,186 posts
-
1743
Hero Member
- LocationSH, Switzerland
Posted 24 November 2012 - 10:10 AM
Nope. But i pefer to use the fields and templates as a start so never ever do it. :-P
@somartist | modules created | support me, flattr my work flattr.com
#18
ryan
-
- Administrators
-
- 5,771 posts
-
3112
Hero Member
- LocationAtlanta, GA
Posted 24 November 2012 - 11:23 AM
Is it OK to just use the default install and just delete the fields, pages and templates? Anything else that should be done?
This is perfectly fine. I think that's what most people do. Though those fields, pages and templates are the bare minimum foundation for nearly any site I build, so it's rare that they get deleted here. I guess you could say that the default profile is the blank profile for some of us.
#19
Georgson
-
- Members
-
- 53 posts
-
31
Distinguished Member
- LocationMunich
Posted 26 February 2013 - 04:31 AM
Just managed to get in by changing permissions on the assets folder to 777. Not sure how much I fancy leaving it like that but for now will have to do as putting it back down to 755 for example, I get the error message again.
Same for me here... I don't know why that happened. Seemes to me like it has got something to do with the rights of my ftp-account - because this error popped up after I created a single ftp-account for the new pw-directory - rather than using one global ftp-account for all directories.
Anyone got a solution here? Cause I feel quite uncomfortable having site/assets/ on 777...
#20
ryan
-
- Administrators
-
- 5,771 posts
-
3112
Hero Member
- LocationAtlanta, GA
Posted 28 February 2013 - 08:25 AM
Anyone got a solution here? Cause I feel quite uncomfortable having site/assets/ on 777...
Is it a shared hosting account, or a dedicated/vps? If it's some kind of dedicated platform where you don't have other accounts under someone else's control, then it's not as much of a concern. But I think this is a question for your hosting provider. What's probably happening is that PHP can't write to /site/assets/. Who is listed as the directory owner? It's most likely you, which would mean that Apache is running under an account other than yours that does not have write access. I would check with your hosting provider to see what permissions they recommend for CMSs that need to have a writable directory. This can very from host to host, so it's tough for us to narrow in on it here short of trying different options (that are more secure than 777) till it works.
Also tagged with one or more of these keywords: login
Community Support →
Getting Started →
Register users and add page same as usernameStarted by vineonardo, 14 May 2013  login, create page and 1 more...
|
|
|
||
Community Support →
General Support →
When logging in to Admin getting unable to generate password hashStarted by alanfluff, 10 May 2013 admin, security, login, error
|
|
|
||
Community Support →
General Support →
System error on login failureStarted by onjegolders, 03 May 2013 error, login
|
|
|
||
Community Support →
General Support →
Calling logout from within a wordpress installStarted by AnotherAndrew, 24 Apr 2013 login, members
|
|
|
||
Community Support →
General Support →
Multisite install login problem?Started by photoman355, 09 Apr 2013 multisite, login, password and 1 more...
|
|
|
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
