Jump to content

[Partially Solved] Unable to login: "This request was aborted because it appears to be forged."


ragnarokkr
 Share

Recommended Posts

Hi all guys! I've a BIG problem here and hope you can help me to solve it.

Suddenly yesterday my PW installation stopped letting me to log in.

I can access the front-end, but each time i try to log into the back-end it gives me "This request was aborted because it appears to be forged."

I already have searched into the forum and tried every possible solution, without any result :'(

In order:

  • site/config.php is readable
  • site/assets/{cache,logs,sessions} is present and 0755 (and setting them to 0777 doesn't make any difference)
  • tried to backup site/assets/sessions directory and make another new empty one
  • nothing is changed with user:group permissions
  • setting $protectCSRF, $sessionChallenge, and $sessionFingerprint to false the error disappears but the login page still remains
  • making the sessions table empty doesn't make any difference
  • enabled/disabled the www. redirection in .htaccess, just in case but nothing
  • enabled $debug and no error
  • removed cookies
  • restarted the server

Anybody has an idea? :-[

Link to comment
Share on other sites

  • 2 weeks later...
  • 3 weeks later...
On 5/3/2017 at 2:51 AM, FrancisChung said:

Are you using a VPN or anything that is changing your IP Address? I normally see this when my IP address has changed and I try to login to the backend again.

I'm not using any VPN or anything else that could change my IP. The only thing I could think to is that something in SessionHandlerDB's tables/data has been corrupted for some reason and didn't allows me to login.

Since I'm still not migrated to the lastest 3.x version, I'll take my time to do an as clean as possible migration, trying to remove every possible troubles maker thing.

Link to comment
Share on other sites

On 22/03/2017 at 4:13 AM, ragnarokkr said:

The only thing I could think to is that something in SessionHandlerDB's tables/data has been corrupted for some reason and didn't allows me to login.

Since I'm still not migrated to the lastest 3.x version

If you are using an older version of PW and have Tracy Debugger installed together with SessionHandlerDB you can end up with truncated session data, which causes a CSRF error.

See this post (and the thread in general) for more:

 

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...