Cannot login: This request was aborted because it appears to be forged

[rash]

Hi all,

on a site working flawlessly since a few years, I suddenly cannot login anymore, all I get is 'This request was aborted because it appears to be forged'. The site runs on a shared hosting server, my last active changes happened many months ago and the hosting service usually changes nothing without clearly notifying it long before. Means: I haven’t got the slightest clue where to start. Of course I’ve used the forum search, read probably all related threads and followed the most hints (some of them are pretty old, so I decided to be cautious) but no success. A few facts:

- I don’t know the exact PW version as I can’t find it outside the unaccessible backend, but it should be at least 3.0.16X.
- TracyDebugger is in use on this site, but not SessionHandlerDB.
- I deleted /site/assets/logs, /site/assets/cache and /site/assets/session. Before I did that, all of them were writable.
- I replaced index.php with the latest dev version.
- When I set $config->protectCSRF to false, the message disappears, but the login  page gets constantly reloaded.
- Setting $config->debug to true delivers 'Deprecated: strpos(): Non-string needles will be interpreted as strings in the future. Use an explicit chr() call to preserve the current behavior in .../site/config.php on line 104', followed by warnings, that the header was already sent by.

[Pixrael]

check this:

 

[rash]

@Pixrael Thanks for your help. Your thread is one of those I read before, but it didn’t lead me much further. It seems as if the error can have approximately thousand different causes and so the 127+ forum topics you mentioned are mostly guesswork with some enviably happy winners. That’s not meant sneeringly, I know that server based issues can be very hard to catch. In my case I’m not sure whether I’m struggling with a server case at all. When you go to bed with a working site and wake up the next morning with an unworking one without any changes on your system, it’s not very likely that your database acts suddenly strange or your PHP session path is not writable anymore. Furthermore I copied the site to a local environment in the meantime, where precisely the same shit happens.

As far as I can see, it has to be something inside the /site/ directory or the database. As I updated to the latest dev version, /wire/, index.php and htaccess should be fine.

[rash]

Not solved, just bypassed: Fresh PW install into a different root directory on the same machine, moved old /site/ directory to the new install and set config.php to the old database and user salt. After clearing the cache and session folder, everything runs fine now. Fortunately, this very obscure situation appeared on a site that is managed by myself and nobody else. To have this on customer work would probably be a nightmare.

I don’t know if it’s possible or rather a security issue, but I would appreciate it very much if an error message would reveal a bit more than 'This request was aborted because it appears to be forged'. The error seems to occur repeatedly at least since 2012 without any systematic debugging strategy beyond guesswork into the blue. To hear that something went wrong is arguably better than complete silence, but a bit more information what the system doesn’t like would be helpful.