Manaus Posted April 1, 2016 Share Posted April 1, 2016 Hi, I downloaded a module (in this case AutoFbPost). After finishing the download I've been logged out, and when I try to log in I get a 'This request was aborted because it appears to be forged.' I cannot find the module within /site/modules/, where is it? Thanks! Link to comment Share on other sites More sharing options...
BitPoet Posted April 1, 2016 Share Posted April 1, 2016 (edited) This sounds more like a stale frontend-proxy or session caching issue than something caused by module installation. Try setting $config->protectCSRF = false; in site/config.php, then you should be able to log in again and can dig deeper into the root of the problem. Edit: meant setting it to false, of course. Edited April 1, 2016 by BitPoet Link to comment Share on other sites More sharing options...
Manaus Posted April 1, 2016 Author Share Posted April 1, 2016 Thanks BigPoet, put the string in the config, but nope, still alarmed for forgery... I also deleted an recreated /logs /sessions and /cache, to no avail... Link to comment Share on other sites More sharing options...
BitPoet Posted April 1, 2016 Share Posted April 1, 2016 Did you see my correction (I had initially written "true", which, of course, doesn't change anything). Link to comment Share on other sites More sharing options...
Manaus Posted April 1, 2016 Author Share Posted April 1, 2016 Ah! Thats it! Well forgery is gone, but I cannot login via usual credentials. Should I change pass uploading some temp code? Setting debug to true I see the error resides in session_start(), No such file or directory (2) in /var/www/[...]/web/site/modules/AutoFbPost/AutoFbPost.module Failed to write session data. Link to comment Share on other sites More sharing options...
BitPoet Posted April 1, 2016 Share Posted April 1, 2016 Could it be that you replaced your site/config.php and changed $config->userAuthSalt? If yes, restoring the old value for userAuthSalt would be the preferred way to go. Link to comment Share on other sites More sharing options...
Manaus Posted April 1, 2016 Author Share Posted April 1, 2016 The salt is the same on both local and remote (I upped the whole bunch)... Link to comment Share on other sites More sharing options...
BitPoet Posted April 1, 2016 Share Posted April 1, 2016 Ah, I see that only now. You should be able to comment out the require_once and session_start lines in AutoFbPost.module and change the autload property in line 40 to false to stop it from interfering with your session. Link to comment Share on other sites More sharing options...
Peter Knight Posted April 1, 2016 Share Posted April 1, 2016 I get that a lot when trying to sign in via some automatic password apps. I think it's also because some of my sites are based on similar setups and share AuthSalt keys. Same here? Link to comment Share on other sites More sharing options...
Manaus Posted April 1, 2016 Author Share Posted April 1, 2016 Can't say why, but the downloaded module has weird owner and group, probably the admin, can't say. Wrote to the provider, whose services I am starting to understand less... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now