Jump to:

4945 Posts in 17703 Topics by 1494 members

Installing SilverStripe

SilverStripe Forums » Installing SilverStripe » Random CMS Forbidden error

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1 2 3 4 5
Go to End
Author Topic: 7708 Views
  • Briohny
    Community Member
    199 Posts

    Re: Random CMS Forbidden error Link to this post

    I'm exactly the same as Fuzz10. Tried and tested the same. Client also getting increasingly annoyed.

  • Sam
    679 Posts

    Re: Random CMS Forbidden error Link to this post

    Umm, I'm a little stumped to be honest. This isn't something I've come across before, except when people have put "_" characters in domain names, which muck up session cookies in IE.

    * Have you tried different browsers? Do you get any different results?
    * Can you send me details of how to get to your sites at sam [at] siverstripe [dot] com, so I can have a look myself?

  • Briohny
    Community Member
    199 Posts

    Re: Random CMS Forbidden error Link to this post

    Hey Sam,

    Sorry for late reply. I ended up moving my site to a new hosting company. I couldn't find a fix for over a month and my client was getting very mad to say the least. The problem did occur in both IE and Firefox. I wasn't able to test on any other platform.

    I believe it has something to do with installing on a sub-directory. Perhaps the guys at Silverstripe can take a look when they get a spare moment... i'm sure many other people will encounter this same problem.

    Thanks for following up

  • Gravitational FX
    Community Member
    22 Posts

    Re: Random CMS Forbidden error Link to this post

    I've had exactly the same problem - also in the "php 5 installation error" thread.

    After numerous reinstallations and hanging at the PHP 5 is required during installation, I came back to the install after dinner, restarted the browser and was pleased (and confused) to see the ss232 installed and the homepage running.

    Yay - I thought - but prematurely.

    When clicking on "the CMS" link from the homepage and loggin in with the admin credentials I get the following page (ss1.png).
    Refresh.. refresh..refresh..refresh.. nothing..

    Type in /mysite.com/admin and I get the Admin interface again (ss2.png)

    Click on the security tab and it goes back to the login screen (ss3.png)

    Very wierd!

    Attached Files
  • moloko_man
    Community Member
    72 Posts

    Re: Random CMS Forbidden error Link to this post

    So, one year later (almost to the day), and I've got the same problem. To sum it up, I installed SS 2.4.0, onto a Rackspace cloud server. I currently have 3 other SS installs on the same cloud, different domains, and they work just fine (they are v. 2.3.4).

    Here is my long story summed up as best as possible.
    Installed v 2.3.4 just like the other three sites I have on the cloud.
    Everything installed fine.
    Tried to log in - worked (sort of). I was presented with the CMS, and couldn't save any forms, then was redirected to the login page again.
    I tried, reinstalling, pulling hair out, avoiding the boss, etc.
    Installed v 2.4.0
    Same problem as above.
    Followed Sam's suggestions in this post - no workie.
    Tried the suggestions in this post: http://silverstripe.org/installing-silverstripe/show/285523#post285523 - No workie.

    Like Briohny, my client is getting mad, as well as my boss.

    Firebug is giving me the errors of "NOTLOGGEDIN" and "SecurityID doesn't match, possible CSRF attack."

    Here is my setup:
    PHP 5.2.13
    MySQL 5+
    working in the root directory (always have been)
    user has full admin rights
    I have tested and have this problem on Safari, Firefox (pc and mac) IE, 7 & 8, so its not a browser problem.

    I'm at a total loss here. What finally worked for any of you to get this working?

  • moloko_man
    Community Member
    72 Posts

    Re: Random CMS Forbidden error Link to this post

    to whom it may concern. I've been chatting with rackspace tech support for over an hour, and basically hosting sites have a common folder for all virtual private servers to hold session files.

    So if you are having issues you can add the following to the bottom of your .htaccess file and take control of your own sessions:

    php_value session.gc_probability 1
    php_value session.gc_divisor 100
    php_value session.gc_maxlifetime 3600
    php_value session.save_path /mnt/stor1/123456/example.com/web/sessions

    my session save path is outside my content folder that holds the web files, so it can't be accessed from the www.

    Here is a link explaining the above.

  • ChrisBryer
    Community Member
    95 Posts

    Re: Random CMS Forbidden error Link to this post

    I just upgraded a site to 2.4.0 and i am getting this error only in my statically published index.php page.

    my staticPublisher outputs php files to the cache folder. all pages that are statically published are written correctly with the exception of the index.php page. this page only says "NOTLOGGEDIN:" with a few headers


    * This is a system-generated PHP script that performs header management for the statically cached content given below.

    define('MAX_AGE', '0');
    define('LAST_MODIFIED', '2010-07-20 00:27:11');

    if(MAX_AGE > 0) {
       header("Cache-Control: max-age=" . MAX_AGE);
    } else {
       header("Cache-Control: no-cache, max-age=0, must-revalidate");

    header("Expires: " . gmdate('D, d M Y H:i:s', time() + MAX_AGE) . ' GMT');
    header("Last-modified: " . gmdate('D, d M Y H:i:s', strtotime(LAST_MODIFIED)) . ' GMT');

    if(isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
       if(strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= strtotime(LAST_MODIFIED)) {
          header("Last-modified: " . gmdate('D, d M Y H:i:s', strtotime(LAST_MODIFIED)) . ' GMT', true, 304);


    i tried flushing the cache, (?flush=all), and logging out & logging back in.

    i wanted to email the backtrace but dont see any method to do that in the 2.4.0 Security class.

    how can i debug this?

    thanks, any help would be great,

  • splatEric
    Community Member
    15 Posts

    Re: Random CMS Forbidden error Link to this post

    Just wanted to say thanks to moloko man for his response on this topic regarding rackspace hosting ... was completely driving me crazy, and was struggling to find this solution.

    For the sake of hopefully helping future searches, The issues I had either gave me the message

    "securityid doesn't match, possible csrf attack"

    or I would get messages telling me to log back in when I was trying to create new users. This was all in the admin on 2.42 ... on the rackspace cloud.

    thanks again,


Page: 1 2 3 4 5
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.