Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Repeated "Please log in and the try again" pop-ups - SS3.1 site


Go to End


3 Posts   1718 Views

Avatar
vwd

Community Member, 166 Posts

4 September 2015 at 1:20pm

Hi,

Having a strange issue with an SS3.1 site. I remember encountering this issue a long time ago with an SS2.4 site, which resolved itself.

Every minute or so when logged in to the CMS admin, I get a dialog pop up saying "Please log in and then try again". When I click OK, it takes me to mysite.com.au/Security/login which tells me I'm already logged in. I can of course continue working in the original CMS admin.

I've tried clearing browser cache & cookies, logging out and then back in again and even rebooted.

Each time the dialog pops up, it coincides with a 501 error:

     "Failed to load resource: the server responded with a status of 501 (Not Implemented): mysite.com.au/Security/ping"

When I try to explicitly access this URL, I do get a 501 error page. Other routes implemented by Security obviously work as I can log out and log in again.

Any ideas?

Thank you.
VWD.

Avatar
3dgoo

Community Member, 135 Posts

2 October 2015 at 8:27pm

Edited: 02/10/2015 8:36pm

This is an issue with the server configuration of the mod_security module. mod_security will take any url that ends with /ping and return a 501 error. The admin section calls http://example.com/Security/ping every few minutes to check if the user still has permission to view the back end. Because of the 501 message, the ping doesn't receive the message it is expecting.

One solution is to ask your web host to allow /Security/ping to be called.

An alternative solution is to add the following rewrite rule to your .htaccess file:

RewriteRule ^Security/ping$ /Security/ping/ [R=301,NC,L]

This will redirect /Security/ping to /Security/ping/ (with a slash on the end). /Security/ping/ is not blocked by mod_security and still calls the ping function needed by the admin section.

Avatar
vwd

Community Member, 166 Posts

3 October 2015 at 1:33am

@3dgoo - awesome! You're a legend!

Thanks very much for solving this most annoying problem for me!

VWD