Jump to:

4873 Posts in 7171 Topics by 1471 members

Installing SilverStripe

SilverStripe Forums » Installing SilverStripe » Random CMS Forbidden error

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1 2 3 4 5
Go to End
Author Topic: 7181 Views
  • one2gamble
    Avatar
    Community Member
    30 Posts

    Re: Random CMS Forbidden error Link to this post

    I moved it to the root, same crap different location. This is with a clean install of rc4. Also of note the page itself only loads maybe 3 out of every 5 times. The other two times I either get a blank page or I get a page with no style sheet loaded.

  • Briohny
    Avatar
    Community Member
    199 Posts

    Re: Random CMS Forbidden error Link to this post

    Yep... welcome to my world! I wish a SS developer would find this post and take a look. There's obviously a problem with loading SS onto a sub directory... this really needs to be fixed.

  • Sam
    Avatar
    Administrator
    679 Posts

    Re: Random CMS Forbidden error Link to this post

    Hi Briohny and everyone else who has been having this error. Sorry about not getting on this sooner; I just came across this thread now.

    My suspicion is that, for some reason, you're triggering an error that is logging you out - this can happen if you try and access something that you don't have the rights to access. I expect that some part of the CMS is trying to access are locked-off resource and that's the underlying problem here.

    Are you logged in as a user with full ADMIN rights, or just with CMS_ACCESS_CMSMain sites or something? What right does the logged-in user have?

    Could you try opening up sapphire/security/Security.php, and finding the permissionFailure() method:

       static function permissionFailure($controller = null, $messageSet = null) {
          if(Director::is_ajax()) {
             $response = ($controller) ? $controller->getResponse() : new HTTPResponse();
             $response->setStatusCode(403);
             $response->setBody('NOTLOGGEDIN:');

    Then add a debugging statement to email you some details when this method gets called:

       static function permissionFailure($controller = null, $messageSet = null) {
          mail("youremail@example.com", "Secuity::permissionFailure debugging", self::get_rendered_backtrace(debug_backtrace(), true));
          if(Director::is_ajax()) {
             $response = ($controller) ? $controller->getResponse() : new HTTPResponse();
             $response->setStatusCode(403);
             $response->setBody('NOTLOGGEDIN:');

    And then, if it emails you, post those emails to the list?

    The other thing you could try is getting rid of the custom cookie parameters for the session cookie. Open sapphire/core/Session.php, and find the start method:

       public static function start() {
          self::load_config();
          
          if(!session_id() && !headers_sent()) {
             session_set_cookie_params(self::$timeout, Director::baseURL());
             session_start();
          }
       }

    And comment out the session_set_cookie_params(). Restart your browser and log into the CMS, and see if that works.

    Finally, are you using Director::setBaseURL()? What value are you giving it? And could you see what Director::baseURL() returns, for example, by adding this to your Page_Controller::init() and visiting a page on the site.

    class Page_Controller {
    static function init() {
    echo Director::baseURL();
    parent::init();
    }
    }

  • Fuzz10
    Avatar
    Community Member
    786 Posts

    Re: Random CMS Forbidden error Link to this post

    Hi Sam,

    Thanks for that...

    but self::get_rendered_backtrace(debug_backtrace()) produces an error....

  • one2gamble
    Avatar
    Community Member
    30 Posts

    Re: Random CMS Forbidden error Link to this post

    Ive been a bit busy, I should be able to test that tonight

  • Briohny
    Avatar
    Community Member
    199 Posts

    Re: Random CMS Forbidden error Link to this post

    I haven't had a chance yet either. Hope to try tonight also. Let me know how you get on one2gamble.

  • one2gamble
    Avatar
    Community Member
    30 Posts

    Re: Random CMS Forbidden error Link to this post

    I ran out of time with this particular project, it wasnt a big deal either way. I just set up wordpress for them and went from there. Ill try silverstripe again here pretty quick and try to see what is going on.

  • Fuzz10
    Avatar
    Community Member
    786 Posts

    Re: Random CMS Forbidden error Link to this post

    Sam :

    - Default BaseURL : /

    - No more custom cookie params

    The problem still exists.

    I added some debugging code in the permissionFailure method , but it does not get called.

    I had a look at the PHP_INFO output , no weird values for session time-outs etc. The only thing I did not like was the PHP version : 5.1.6 , had some minor problems with that in the past , but since I have SS running on that version on a different machine , I don't think that is the problem.

    The site works perfectly, but the client is getting very aggravated about not being able to use the CMS. Do you have any other thought or ideas we could try ?

    Thanks !

    7181 Views
Page: 1 2 3 4 5
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.