Error for domain secure https (Request potential CSRF attack or not found)

Discussion in 'Installation & Upgrades' started by teompa, Mar 30, 2017.

  1. teompa

    teompa New Member

    I installed Subrion CMS 4.0.5 and 4.0.0 Yellow Pages Script for domain name secure https (SSL Certificate). When I enter the admin panel I can not make any changes and error occurs Request treated as a potential CSRF attack. Home page shows Error 404 Requested URL not found. I installed the same script on a field without security clearance and were so problems. It has made changes to that standard .htacces rewriting is made for domains with http. Dashboard - Settings - System: HTTPS - I can not choose this option appears and Request treated as a potential CSRF attack. I chose a domain name secure https, but there are many problems and do not find the answer.
  2. Vasily_B.

    Vasily_B. Project Manager

    Hello,

    Yes, it looks like you configured redirects but have not enabled https in your admin dashboard.
    Let's do this way. Please configure your https config value via phpMyAdmin (config table, system group = https should be set to 1)and then enable rule in .htaccess file to enable non secure traffic redirection to https.
    Once this is done, please delete all the files in tmp/ folder. That's it.

    It should work without any issues. If you have problem, just create a new ticket and we will assist.

    Thanks
  3. teompa

    teompa New Member

    I tried but I did not succeed. I'll wait until you get the new version of the yellow pages. How to change .htaccess file to rewrite pages to https?
    Last edited: Mar 31, 2017
  4. Vasily_B.

    Vasily_B. Project Manager

    Hi,

    Yes, we are working on it. Today we hope to release Subrion CMS 4.1.3 version with some improvements and fixes. Once it's released we get back to the package development.

    Regarding redirection rules:

    Code (Text):

        # Uncomment two lines below to redirect all non-secure traffic to https://
        # Make sure you enabled HTTPS in Dashboard / System / System in Subrion CMS
        # RewriteCond %{HTTPS} off
        # RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
     
    Just add this code in .htaccess, after RewriteEngine On line
  5. liamiam

    liamiam New Member


    Hi. Where are we with this issue? I have made the fixes per recommendation without success.

    Thanks!

Share This Page