Jump to content

[Partially Solved] Unable to login: "This request was aborted because it appears to be forged."

ragnarokkr

By ragnarokkr
in General Support

 Share

Recommended Posts

ragnarokkr Jr. Member

ragnarokkr

Posted
Posted

Hi all guys! I've a BIG problem here and hope you can help me to solve it.

Suddenly yesterday my PW installation stopped letting me to log in.

I can access the front-end, but each time i try to log into the back-end it gives me "This request was aborted because it appears to be forged."

I already have searched into the forum and tried every possible solution, without any result :'(

In order:

  • site/config.php is readable
  • site/assets/{cache,logs,sessions} is present and 0755 (and setting them to 0777 doesn't make any difference)
  • tried to backup site/assets/sessions directory and make another new empty one
  • nothing is changed with user:group permissions
  • setting $protectCSRF, $sessionChallenge, and $sessionFingerprint to false the error disappears but the login page still remains
  • making the sessions table empty doesn't make any difference
  • enabled/disabled the www. redirection in .htaccess, just in case but nothing
  • enabled $debug and no error
  • removed cookies
  • restarted the server

Anybody has an idea? :-[

ragnarokkr Jr. Member

ragnarokkr

Posted
  • Author
Posted

No solution still, the only thing I've been able to do is to programmatically uninstall the SessionHandlerDB module.

Now I've got again the access to the back-end.

 

  • Like 1
  • 2 weeks later...
FrancisChung Sr. Member

FrancisChung

Posted
Posted

Are you using a VPN or anything that is changing your IP Address? I normally see this when my IP address has changed and I try to login to the backend again.

  • Like 1
  • 3 weeks later...
ragnarokkr Jr. Member

ragnarokkr

Posted
  • Author
Posted
On 5/3/2017 at 2:51 AM, FrancisChung said:

Are you using a VPN or anything that is changing your IP Address? I normally see this when my IP address has changed and I try to login to the backend again.

I'm not using any VPN or anything else that could change my IP. The only thing I could think to is that something in SessionHandlerDB's tables/data has been corrupted for some reason and didn't allows me to login.

Since I'm still not migrated to the lastest 3.x version, I'll take my time to do an as clean as possible migration, trying to remove every possible troubles maker thing.

Robin S Hero Member

Robin S

Posted
Posted
On 22/03/2017 at 4:13 AM, ragnarokkr said:

The only thing I could think to is that something in SessionHandlerDB's tables/data has been corrupted for some reason and didn't allows me to login.

Since I'm still not migrated to the lastest 3.x version

If you are using an older version of PW and have Tracy Debugger installed together with SessionHandlerDB you can end up with truncated session data, which causes a CSRF error.

See this post (and the thread in general) for more:

 

  • Like 1
ragnarokkr Jr. Member

ragnarokkr

Posted
  • Author
Posted

Hi @Robin S,

I don't use Tracy Debugger so I can't give you any response about the issue you mentioned above but thanks for the link, just in case it will happens with some old PW version :biggrin:

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...