no adminCP login after HTTPS implementation
#11
I appreciate the offer but I learn best by doing. If I hit a brick wall I will certainly PM you.

So I'm connected to the DB via MySQL Workbench. Also have access to cPanel from the host. Anyway, I have done multiple searches for headerinclude template and have come up empty handed. Not sure why.

Learning all this again fun.... sort of.
Reply
#12
in the database, look in templates table.
looks like sid is 3 for your active dark theme.
based on sid you can find its headerinclude template.
Reply
#13
Thanks for the additional direction.
I think I found it, but the cookiesecureflag line was already in there. Posted screen shot.

   

How did you know I'm running dark theme?
Reply
#14
^ please check sid of your theme from templatesets table of the database
Reply
#15
(2020-07-30, 08:01 AM).m. Wrote: ^ please check sid  of your theme from templatesets table of the database

looks like my dark theme is SID 2. Concur with attached?
Apologize for resolution. It's 2am here. Synapses aren't exactly firing well.  Big Grin

   
Reply
#16
^ yes, check content of headerinclude template which has sid as 2

if var cookieSecureFlag = "{$mybb->settings['cookiesecureflag']}"; does not appear then
you can add it after var cookiePrefix = "{$mybb->settings['cookieprefix']}";

after executing it once again clear your browser cookies ;
close & reopen browser and then try login process again ..
Reply
#17
Found two headerinclude SID 2 in mybb_templates. Is this typical?
One had cookiesecureflag and one didn't.
I added as suggested and didn't fix, reran, cleared cookies and restart. Still same issue.

   
Reply
#18
are you able to login to forum & navigate around with https without any issues ?
do you have problem with admin panel login ? does it deny login without giving error ?
Reply
#19
Front end works great on HTTPS. No login or navigation issues.
The problem is ACP login. HTTP and HTTPS cannot login.

A login popup appears. I enter credentials. The login popup reappears each time I submit credentials, like on a loop. It's instantaneous too like my username and password aren't even being read.

So to answer, you question, yes, it does deny login without giving an error.

Ok, so I have another post regarding login differences between mobile and desktop and I was directed to https://docs.mybb.com/1.8/administration...basic-auth where it had be previously secure my ACP folder.

I believe one of the barriers is the credentials it has been asking for are not the ACP credentials but the folder credentials. I removed that protection and now receive a 403.

Going to dive into that now. Will let you know.
Reply
#20
looks like the problem is related to some modification you had done for more security (ref.)

sorry, can't think further about the cause for admin panel login problem. I've to move ...
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)