Support » Plugin: Social Share, Social Login and Social Comments Plugin - Super Socializer » Fail to login (403 forbidden) with google using Super Socializer

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Contributor Heateor Support

    (@heateor)

    Hi Jitendra,

    It seems, Google login is blocked by the firewall/security settings at your web server. For now, you can try adding some kind of exception in that security rule to allow Google login (something like posted as last reply here)
    I will see if any changes could be made in the plugin to prevent this, in upcoming releases.

    Thread Starter jitendragupta87

    (@jitendragupta87)

    Hi,
    I have raised a ticket to my webHost provider quoting the same reason.

    There is a suggestion to change the Google Login request format as done by other social plugins (I tried with another plugin and it doesn’t throw this error and login successful). Even though I need to use Super Socializer only as it provides much more features.

    Hoping to get this issue resolved with your suggestion.

    Thanks.

    Thread Starter jitendragupta87

    (@jitendragupta87)

    Hi,
    I got a reply from web host provider.
    And based on log it is critical ModSecurity issue which can’t be suppress at server to give Google login access-

    [Mon Jun 10 22:30:44.188826 2019] [:error] [pid 2**6:tid 1403******648] [client 1**.**.**.50:1**0] [client 1**.**.**.50] ModSecurity: Access denied with code 403 (phase 2). Pattern match “=(?:ogg|tls|gopher|data|php|zlib|(?:ht|f)tps?)://” at REQUEST_URI. [file “/etc/httpd/modsecurity.d/10_asl_rules.conf”] [line “519”] [id “340165”] [rev “287”] [msg “Atomicorp.com WAF Rules: Uniencoded possible Remote File Injection attempt in URI (AE)”] [data “/shop?state=https://www.DOMAINNAME.com/shop/&code=4/zgebzg-s15na_51–4w-zca****************vwx-m***********j6yy&scope=email https://www.googleapis.com/auth/userinfo.email openid&authuser=0&session_state=e0103*************4a74c..c734&prompt=consent”] [severity “CRITICAL”] [hostname “www.DOMAINNAME.com”] [uri “/shop”] [unique_id “XP***********API”], referer: https://accounts.google.co.in/accounts/SetSID

    So it is mainly the format of how this plugin redirects to home page after getting the Google login access.
    It would be nice if you can change this format in your next release to avoid this kind of issue for other users as well who can’t change security settings.

    Alas! I need to move to another plugin for Google Login but hoping to come back here if it fixes this format in the future.

    Regards,
    Jitendra

    apple infotech

    (@appleinfotechindia)

    I am also facing the same issue, I changed the authorised URI redirect at google console but no use. I don’t think it’s mod Htaccess file problem. Because the domain is same except it has parameters in URL. It’s better please give the exact URL that must be placed at google authorised URI.

    apple infotech

    (@appleinfotechindia)

    Why not show a YouTube tutorial on integration of api and key with some dummy URI so everything is cleared in one
    go

    thank you.

    Plugin Contributor Heateor Support

    (@heateor)

    It’s not related to the redirect URI saved in the Google client settings. It’s probably because there is a url in the redirection after Google authentication. Will see if any changes could be made in the plugin to fix it.

    I am also facing the same issue, my hosting provider Bluehost is already whitelist it but still doesn’t work. Hope the new update can fix this issue.

    Aaron

    (@aaron13100)

    I’m also facing the same issue with bluehost. Maybe adding an exception in .htaccess as suggested here https://stackoverflow.com/a/39261812 ? I haven’t been able to try this yet.

    Aaron

    (@aaron13100)

    I solved this by adding https://website.com/flashcards/wp-login.php?loginSocial=google to the “Authorized redirect URIs” on the google developer console and changing the settings in Super Socializer so that “Login redirection” was set to “Homepage.” Probably only one of these two things solved the issue.

    Plugin Contributor Heateor Support

    (@heateor)

    @aaron13100 The parameter “loginSocial=google” doesn’t belong to this plugin. There is some other plugin which is making Google login work.

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Fail to login (403 forbidden) with google using Super Socializer’ is closed to new replies.