Support Forum

Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
general-topic
Upgraded to 5.7.1, no one can login to the forum now!
Avatar
Dave Rodenbaugh
Member
sp_UserOfflineSmall Offline
Sep 12, 2016 - 11:09 pm

So how do you explain the fact that just navigating in the address bar to /wp-login works but SP's POST fails?

The WPEngine server logs are showing nothing on the hosting side--I asked, they looked and nothing was registering, so I don't know what else to provide there.  Cloudflare is a proxy service, so there's no server-side logging they offer.  Looking at their firewall log, there's no errors or challenge events they have recorded here.  Just in case, I dumped Cloudflare's cache as well--no change.

We aren't allowed to run any special security plugins on WPEngine like WordFence, so nothing there.

Is there anything else you can suggest here?

 

UPDATE:  I updated EVERY SP plugin today.  Every last one.  They're all up to date.  That error's timestamp may be older than the time when I updated, so you may be looking at a red herring error during the time of update of SP and the update of the SP plugins.  I just confirmed this on the WordPress Updates area.

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
Sep 12, 2016 - 11:12 pm

please dont forget about posts 9 and 10 which are now on a previous page... some stuff for you...

I cant... nor can I explain why posting to a standard wp page causes a 500 error...

If there was a common error, 10's of thousands of users would be screaming... of course, cant rule out something with SP, but then its still unique to your server and we need to keep digging for info...

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
Sep 12, 2016 - 11:19 pm

btw... will continue some research...and perhaps @yellow-swordfish will have some ideas when he stops by...

Avatar
Dave Rodenbaugh
Member
sp_UserOfflineSmall Offline
Sep 12, 2016 - 11:20 pm

this tells me you have SP plugins that have not been updated and may not be compatible with the current version…  Can you please go to the wp updater and make sure you dont have any need sp plugins to update???

If you carefully look at the timestamp of that error, it's almost 12 hours ago.  I updated the plugins this morning.  That error is old and out of date.

As I noted, the WP Updater shows nothing needs to be updated right now.

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
Sep 12, 2016 - 11:23 pm

okay, cool... which is why I asked you to check... being a unique situation, we just to check almost everything and anything... and try to collect as much data as possible...

Avatar
Dave Rodenbaugh
Member
sp_UserOfflineSmall Offline
Sep 12, 2016 - 11:27 pm

Screenshot to convince you:  http://businessdirectoryplugin.....lugins.png

What else can I provide you here to help figure this out?  Like I said, I have no error logs...it's just not registering on the server.

Avatar
Dave Rodenbaugh
Member
sp_UserOfflineSmall Offline
Sep 12, 2016 - 11:57 pm

EDIT (question):  What cookies does the plugin use or if it uses a session?  They need to know for caching purposes which one(s).

UPDATE:  I took this back to my hosting provider again and it works in the staging environment, but fails in production.  It's something related to WPEngine's caching, which is not inside of my control.  They are investigating now.  Anyone reading this thread who is a WPE customer should contact their support if they have trouble with the 5.7.x SP release. 

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
Sep 13, 2016 - 12:43 am

No sessions... and any login/user cookies are wp specific...

interesting... would be very interested in what they find... especially since the 5.7.1 release was very minor with only a handful of changes...

thanks for the info...

Avatar
Dave Rodenbaugh
Member
sp_UserOfflineSmall Offline
Sep 13, 2016 - 4:50 pm

OK, finally found the issue.  Our host does "login protection" where they send custom parameters to wp-login.php.  See below:

In order to resolve the issue, we needed to disable our login protection. Basically, what our login protection does is it checks for a specific query argument that our WP Engine plugin appends to the end of a standard login request.

For example, if you go to http://site.com/wp-login.php and log in while monitoring the requests going through, you'll see a POST request to http://site.com/wp-login.php?w.....me>;

In order to get your custom login form working properly with login protection enabled (which I would strongly recommend) you'll need to modify the code of the login form to include that POST request.

Is there some way you can consider adding this support in a future release?  I'd hate to make my WP install less secure...and customizing your code makes the forum un-upgradeable.

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
Sep 13, 2016 - 10:23 pm

if you know the needed query args to add to the url, you can already do it...  or if you need to POST it,you can filter the html output for the form and add it yourself...

you will want to use a standard wp filter on 'sph_LoginForm'... so something like this:

add_filter('sph_LoginForm', 'my_login_form');
function my_login_form($out) {
    str_replace('</form>', '<input xxx></form>',$out);
    return $out;
}

note, I dont know what form element you want for posting, so just replace xxx with the rest of the form input element...

Forum Timezone: Europe/Stockholm
Most Users Ever Online: 1170
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Mr Papa: 19448
Ike: 2086
Brandon: 864
kvr28: 804
jim: 650
FidoSysop: 577
Conrad_Farlow: 531
fiddlerman: 358
Stefano Prete: 325
Member Stats:
Guest Posters: 620
Members: 17365
Moderators: 0
Admins: 4
Forum Stats:
Groups: 7
Forums: 17
Topics: 10128
Posts: 79626