Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Can't stay Logged in to admin: Forbidden error: error saving page


Reply


42 Posts   8311 Views

Avatar
ryanwachtl

Community Member, 46 Posts

9 March 2009 at 11:00am

I'm still unable to solve this issue. I have contacted the Web host 'Network Solutions' and so far they have been little help.

Are SilverStripe sessions stored in the database or in a folder?

I'd appreciate any guidance here as to why I can't stay logged into the admin on this (Network Solutions) server.

Thanks,

Ryan

Avatar
Yulia

Community Member, 26 Posts

10 March 2009 at 8:42am

I have the same problem with network solutions. Please Help!

Avatar
Double-A-Ron

Community Member, 604 Posts

10 March 2009 at 10:25am

Shot in the dark guys.

These hosts usually run PHP5 under CGI because they are still running PHP4 on the same boxes to support legacy code. Maybe some sort of conflict here.

Can you add ONE of these lines to your .htaccess file and try again? Just try one at a time, different servers will use different commands.

AddType x-mapp-php5 .php
AddHandler application/x-httpd-php5 .php
AddHandler cgi-php5 .php

Guys - Didn't one of these US hosts (Dreamhost?) require a /tmp directory to be made in the document root? Could it be a similar issue? I don't remember what that particular problem was.

Cheers
Aaron

Avatar
ryanwachtl

Community Member, 46 Posts

10 March 2009 at 11:13am

Thanks Double-A-Ron

You directed me to look at a few other items. I am up and running now without any errors.

I created a folder for sessions in my web root.

session.save_path = /[my-path-to-htdocs]/htdocs/sessions

in php.ini

which for Network Solutions is located (has to be created) in the cgi-bin/ right outside the web root (htdocs/)

Everything seems to be working fine now just wondering if there is anything I need to concerned about regarding this fix.

Thanks,

Ryan

Avatar
Double-A-Ron

Community Member, 604 Posts

10 March 2009 at 11:28am

Edited: 10/03/2009 11:37am

Great news Ryan,

No I don't think you should be worried, but I'm not a *nix security bunny. I'm sure this is similar to the Dreamhost issues, where a /tmp directory needed to be created in the docroot. I don't think the symptoms were the same however.

You should probably get a short "how to" added to the hosting page for this host then if you have time. Not sure if you just put it in the comments section or email it to SS. Sam may be able to clarify if he's still watching this thread.

See [url]http://doc.silverstripe.com/doku.php?id=suggested-web-hosts[/url] for how the tips are formatted. That page has come in handy a few times when duplicate problems arise.

I assume you aren't on shared if you have access to php.ini. I wonder how this will work for people on shared setups unless you can set the save path in .htaccess.

Cheers
Aaron

Avatar
Sam

Administrator, 685 Posts

10 March 2009 at 11:49am

Hi Ryan,

The main thing that you want to watch out for is whether files in the sessions directory can be accessed from the web browser, because that would be a security hole.

One potential way to fix this would be to put the following code into your .htaccess file:

<Location sessions>
Deny from all
</Location>

Avatar
Yulia

Community Member, 26 Posts

11 March 2009 at 1:37am

Thanks guys, this was really helpful,

Only one more thing, when i put

<Location sessions>
Deny from all
</Location> in .htaccess file it gives me an error, i tried many other ways, but still no luck, (i am sure it is something really simple... i am just starting to learn this stuff)

any ideas?

Thank you

Avatar
Double-A-Ron

Community Member, 604 Posts

11 March 2009 at 8:40am

Edited: 11/03/2009 8:40am

What does the error say Yulia?