Jump to content
Jason Huck

[Solved] AJAX Requests Blocked on Production Host

Recommended Posts

Trying to deploy a PW site to a client's hosting provider. Everything works as expected in development, but on the production host, certain AJAX requests fail. Here's what I'm seeing:

1) I have form on every page which is submitted via AJAX POST to the current page. No matter which page you POST to, it always returns a PW 404 page.

2) AJAX image uploads on the back end return a 200 or 302 for the original request, then spawn a GET request for the homepage.

In trying to troubleshoot this, I have found that the host has both suhosin and mod_security installed. They've provided me with a local php.ini to test configuration changes. I've added the following to .htaccess (temporarily):

# account-specific php.ini file
<IfModule mod_suphp.c>
	suPHP_ConfigPath /home/[username]
	<Files php.ini>
		order allow,deny
		deny from all
	</Files>
</IfModule>

# disable mod_security
<IfModule mod_security.c>
	SecFilterEngine Off
	SecFilterScanPOST Off
</IfModule>

In the php.ini file, I've set the following directives:

suhosin.simulation = On
always_populate_raw_post_data = -1

I've also set a specific directory for uploads:

upload_tmp_dir = /home/[username]/tmp

GD support is included.

PW doesn't log any errors, even with $config->debug set to true.

This is PW 2.7.3 on PHP 5.6.28.

 

What else should I check?

 

 

Share this post


Link to post
Share on other sites

Also:

- The host uses both nginx and varnish in front of Apache. I do not have access to the nginx config, and only realized it was in the mix by inspecting the response headers from the server.

- The host also uses varnish. I have access to a varnish folder, the only contents of which is a text file where you can exclude domains from caching. I added the domains for this host, but I still see varnish headers in the response. The response is a "miss", though, so I don't think caching is an issue.

- ProcessWire is fielding the AJAX request and the code I have in place to handle it gets executed without (server-side) errors. It subscribes the user to a MailChimp mailing list (verified at Mailchimp), sets a cookie, and returns a JSON response.

- Even though setcookie returns 1, the cookie doesn't get set in my browser. The standard PW cookies do get set, though.

I've tried explicitly setting various access control headers in .htaccess, but it's not a cross-origin request. My best guess currently is that nginx and/or varnish have security settings which are interfering. I've asked the provider for assistance but haven't had much luck yet.

 

Share this post


Link to post
Share on other sites

Just to close this out, there turned out to be multiple, unrelated issues. The 404 on the front end was due to a coding error on my part. The upload issue on the back end was due to missing support for iconv and imagick. All sorted now.

 

 

  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By ICF Church
      Hi 👋
      Anyone else having this problem?
      Requirements:
      - Repeater (matrix & normal) with mutlilanguage fields (text, textarea…) 
      - Backend language set to something other than default (ie. German) 
      Reproduce:
      - Add a new repeater Item (ajax, I found no way to possible to disable it with matrix)

      (Notice how the default language tab is active instead of the backend language…)
      - Write something into the (default language) field
      - Try to save, if field is required, this will not work. If not required, then when reloading, the content will be inside the backend language field, instead of the default language field who was (presumably) active
      Analysis:
      When  loading  a new repeater element with ajax, the default langue tab is active, but the backend language inputfield is visible (with no visual indication). When writing into the field, it will populate the backend language. When manually clicking on the default language tab (which is already active), the field will switch to the actual default language field (which is [now] empty) (that can now be populated…)
      Also Notice, the labels of the elements to be added are in default language as well instead of the translated label (images instead of Bilder)…
      ProcessWire 3.0.148, Profields 0.0.5…
      Is it my system configuration, or does anyone else have the same issue? This is a screen recording of the problem:

      Screen Recording 2020-02-25 at 14.18.31.mov
    • By dimitrios
      Hello,
      this module can publish content of a Processwire page on a Facebook page, triggered by saving the Processwire page.
      To set it up, configure the module with a Facebook app ID, secret and a Page ID. Following is additional configuration on Facebook for developers:
      Minimum Required Facebook App configuration:
      on Settings -> Basics, provide the App Domains, provide the Site URL, on Settings -> Advanced, set the API version (has been tested up to v3.3), add Product: Facebook Login, on Facebook Login -> Settings, set Client OAuth Login: Yes, set Web OAuth Login: Yes, set Enforce HTTPS: Yes, add "https://www.example.com/processwire/page/" to field Valid OAuth Redirect URIs. This module is configurable as follows:
      Templates: posts can take place only for pages with the defined templates. On/Off switch: specify a checkbox field that will not allow the post if checked. Specify a message and/or an image for the post.
      Usage
      edit the desired PW page and save; it will post right after the initial Facebook log in and permission granting. After that, an access token is kept.
       
      Download
      PW module directory: http://modules.processwire.com/modules/auto-fb-post/ Github: https://github.com/kastrind/AutoFbPost   Note: Facebook SDK for PHP is utilized.


    • By rushy
      Hi. I've been using Processwire for a few years now and installed it on a few different shared hosting servers without issues, but I'm now running into an issue on a Fasthosts shared server that I've not seen before. The installation goes ok and I have a working default site profile but I am unable to complete any uploads of images. It just hangs at the progress spinner during the upload. I thought it might be a priviledge issue so have temporarily set the dir / file privs. as 777 / 666 just to test that but it made no difference. I have no errors in the wire log. In server error log I have:
      set_time_limit() has been disabled for security reasons in ....htdocs/wire/core/ImageSizerEngine.php on line 1035 and i note in the assets/file dir. where the image is being stored the date on the file being created has a year of 1970 and 0 length. If I leave the page this file disappears and nothing has been stored. 
      Does anyone know how I can enable set_time_limit if this is likely to be the problem? 
      Many thanks! Paul
    • By Fanni
      Hi all, 
      I am having some issues uploading a PDF to our website (a problem we’ve had before).
      I have tried reducing the size of the PDF but the problem seems to be with generating the thumbnail image because the upload works under the Fallback mode but the thumbnail is terrible (see attached). 
      Does anybody have any advice about this? Please note that I'm not a developer. 
      Thanks!
       


    • By michelangelo
      Hello there,
      I am building my website, which has a dozen projects with 10 images each. Basically, I need a filtering system but built in the most efficient and user-friendly way. You can see below that the images flow sideways so being hidden, JS lazy loading was a good tool, but I just wanted to try AJAX. Is it fit for this purpose or it's more for dynamic content?
       

×
×
  • Create New...