Jump to content

This request was aborted because it appears to be forged (NGINX)


anttila
 Share

Recommended Posts

I have a new server and wanted to use nginx. However, I have two ProcessWire websites which does not let me do anything. I'll get this error every time when I try to change something and sometimes when logging in. Deleted all caches already from ProcessWire and browser. This also happens after installing new ProcessWire and all directories were owned by www-data.

I also have two working websites without any problems and all these four uses same kind of setting on nginx config. I don't understand why some of those working fine and some not.

Running Debian 10, MariaDB 10.3.22, PHP 7.4, nginx 1.14.2

This request was aborted because it appears to be forged.

#0 /sites/clients/clientname/wire/modules/Process/ProcessPageTrash.module(49): ProcessWire\SessionCSRF->validate()
#1 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\ProcessPageTrash->___execute()
#2 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod()
#3 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks()
#4 /sites/clients/clientname/wire/core/ProcessController.php(337): ProcessWire\Wire->__call()
#5 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\ProcessController->___execute()
#6 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod()
#7 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks()
#8 /sites/clients/clientname/wire/core/admin.php(150): ProcessWire\Wire->__call()
#9 /sites/clients/clientname/wire/modules/AdminTheme/AdminThemeDefault/controller.php(13): require('/sites/clients/...')
#10 /sites/clients/clientname/site/templates/admin.php(15): require('/sites/clients/...')
#11 /sites/clients/clientname/wire/core/TemplateFile.php(318): require('/sites/clients/...')
#12 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\TemplateFile->___render()
#13 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod()
#14 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks()
#15 /sites/clients/clientname/wire/modules/PageRender.module(536): ProcessWire\Wire->__call()
#16 /sites/clients/clientname/wire/core/Wire.php(383): ProcessWire\PageRender->___renderPage()
#17 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod()
#18 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks()
#19 /sites/clients/clientname/wire/core/WireHooks.php(924): ProcessWire\Wire->__call()
#20 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks()
#21 /sites/clients/clientname/wire/modules/Process/ProcessPageView.module(213): ProcessWire\Wire->__call()
#22 /sites/clients/clientname/wire/core/Wire.php(383): ProcessWire\ProcessPageView->___execute()
#23 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod()
#24 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks()
#25 /sites/clients/clientname/index.php(55): ProcessWire\Wire->__call()
#26 {main}


 
Link to comment
Share on other sites

15 minutes ago, Jim Bailie said:

there was a permissions issue in the app's directory structure

Thanks for quick reply. I used $config->protectCSRF = false; which fixed the issue, but I have no idea why this problem came in the first place.

I normally run 750 and 640, but tried also 755 and 644 owned by www-data. Should be all the necessary permissions and installation went through without any problems. This is some kind of session problem. And somehow there is two fully working ProcessWires, so can't be nginx issue(?).

Link to comment
Share on other sites

2 minutes ago, anttila said:

I normally run 750 and 640, but tried also 755 and 644 owned by www-data. Should be all the necessary permissions and installation went through without any problems. This is some kind of session problem.

Do all of your user/groups/permissions line up throughout your config files (nginx/php/php-fpm)? Are these all stock apt-get installs? And the new Debian based distos are using that goofy netplan s%#t. Is that working as advertised?

Link to comment
Share on other sites

I made /etc/nginx/conf/processwire where is all the global settings for every ProcessWire clients, and some of those worked and some of not. I'm running latest ProcessWire for all of those.

PHP 7.3 is now recommended and supported, but I use 7.4 from outside of distro's apt. But if that's the case, then all the ProcessWires should be effected. Everything else is from official sources.

I don't know about netplans, but now I'm interested. :)

Found a new issue or maybe this is part of the first one:
When trying to put page to the bin, then I'll get popup warning where is only undefined. No real errors and no log entries.

(I can delete page if I'm editing it but not from Pages by pressing the button from hover menu (only edit works, so all JQuery things are not(?)))

Link to comment
Share on other sites

I'm sorry I don't have any silver bullets, but I've been through this on a development machine and from what I remember, it came down to permissions/config files along with netplan and how I accessed the apps via nginx.conf (i.e server_name).

For development, I've always used IP aliases in /etc/network/interfaces a'la ifupdown and set my nginx server blocks to listen to such IP addresses. Netplan doesn't allow this. It says it does, but I don't feel like writing a PhD thesis to get it to work, so I removed netplan and replaced it with ifupdown. I'm not telling you to do this! I did it because I understood the problem and just wanted to use the network stack like I always have.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...