Latest update prevents login
-
Hi,
The latest update doesn’t let anyone login using the tml login, attempts eventually timeout with a 502 bad gateway error. The wordpress login pages still work…it’s been so long I have forgotten how/where I coded the tml login links and buttons.7.0.3 didn’t fix the issue.
Any ideas how to resore TML login?
Thanks
The page I need help with: [log in to see the link]
-
The problem is on their end. See my last reply on this thread: https://wordpress.org/support/topic/cannot-login-502-bad-gateway/page/2/#post-10423035
I have been working with namecheap support for about an hour now. We tested with disabled Mod security and still getting 502 bad gateway. here is the log:
[Thu Jun 21 15:24:01.684068 2018] [lsapi:notice] [pid 809649:tid 140307454654208] [client 76.103.73.232:45776] [host clayisland.com] Backend log: script not found:<script type=”text/javascript”></script>\n
[Thu Jun 21 15:24:04.310789 2018] [lsapi:notice] [pid 809649:tid 140307479832320] [client 76.103.73.232:45942] [host clayisland.com] Backend log: script not found:<script type=”text/javascript”></script>\n, referer: https://clayisland.com/login
[Thu Jun 21 15:24:04.510260 2018] [lsapi:notice] [pid 809794:tid 140307521795840] [client 76.103.73.232:46004] [host clayisland.com] Backend log: script not found:<script type=”text/javascript”></script>\n
[Thu Jun 21 15:24:18.658979 2018] [lsapi:notice] [pid 809649:tid 140307630900992] [client 76.103.73.232:47234] [host clayisland.com] Backend log: script not found:<script type=”text/javascript”></script>\n, referer: https://clayisland.com/
[Thu Jun 21 15:24:21.065754 2018] [lsapi:notice] [pid 810013:tid 140307656079104] [client 76.103.73.232:47454] [host clayisland.com] Backend log: script not found:<script type=”text/javascript”></script>\n, referer: https://clayisland.com/login/?loggedout=true
[Thu Jun 21 15:24:33.608720 2018] [lsapi:notice] [pid 810118:tid 140307454654208] [client 76.103.73.232:49446] [host clayisland.com] Backend log: script not found:<script type=”text/javascript”></script>\n
[Thu Jun 21 15:24:35.361463 2018] [lsapi:notice] [pid 810118:tid 140307614115584] [client 76.103.73.232:49978] [host clayisland.com] Backend log: script not found:<script type=”text/javascript”></script>\n, referer: https://clayisland.com/loginWhat next?
I worked with them for an hour to no avail. The representative I was working with wasn’t really listening to what I was saying.
Clearly, they are not solving the problem correctly. Their server is not even accepting the request when the “testcookie” parameter is present.
If you want to prove this yourself, simply delete the hidden “testcookie” field using your browser inspector and attempt to submit the form. It will go through.
Or, you can use this code to remove the field:
function remove_testcookie_field_from_tml_login() { tml_remove_form_field( 'login', 'testcookie' ); } add_action( 'init', 'remove_testcookie_field_from_tml_login' );
Furthermore, if you install the plugin on another host, this is a non-issue.
deleting the hidden testcookie field went through.
However that function did not, the login page only had the text Log In at the top and then the rest of the page was blank.
any suggestions?
Verify that you have the correct code. I changed it after I originally posted it.
Furthermore, this is hardly a workaround, as the testcookie field is required to alert you/your users if they have cookies disabled.
hummm. So what else? How did the other thread resolve the issue?
They haven’t yet, as far as I know. The proper way to resolve it, short of switching web hosts, would be for your host to fix whatever mod_security rule they have in place that is blocking the request.
If you’re not worried about the cookie check, you can remove the field as shown above.
Well, I am feeling confused.
Namecheap support disabled mod_security entirely, they tried to log in and were still getting the 502 error. I tried to login and also got the 502 error. We concluded it must be something else…
How does this sound to you?
Possibly something else on their server is rejecting it? I’m not their server administrator, so I do not know what kind of setup they have. All I know is that the POST request is rejected when the “testcookie” parameter is present. Didn’t you just say you witnessed this yourself?
So another hour with namecheap support and they say this is strange and they can’t fix it on their end.
For now I am over it. The old verison of TML worked for years and still works, so what has changed in v7 that doesn’t work now? And why are so many other TML users complaining about problems with v7 and leaving 1 star negative reviews??
6.4.11+ probably will not work for you either, as the test cookie was re-introduced then. Reverting to pre-6.4.11, is the same as just removing the test cookie field as I mentioned before, in that regard.
As far as the reviews, I can’t speak for those users.
I am now on 6.4.17 and it is working fine.
Ah, looks like we forgot to add the “testcookie” field to the form. I wouldn’t update to 6.4.18 then, as it will have it.
For curiosities sake, could you possibly add the field to your 6.4.17 login form and see if it works?
<input type="hidden" name="testcookie" value="1" />
Actually, it seems that the problem is the order of the fields. If you could, please give this modified version of 7.0.5 a try: https://thememylogin.nyc3.digitaloceanspaces.com/plugins/tml-7.0.5-modified.zip
Version 7.0.6 is working, I will play around with it some more to make sure all is well.
- The topic ‘Latest update prevents login’ is closed to new replies.