- Posts: 24
- Thank you received: 0
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
302 error on /admin, / and index pages
- jimmi4u
- Topic Author
- Offline
- Junior Member
Less
More
1 year 8 months ago - 1 year 8 months ago #230882
by jimmi4u
302 error on /admin, / and index pages was created by jimmi4u
Please help us help you and fill where relevant:
Your LimeSurvey version: 5.3.29
Own server or LimeSurvey hosting: own: running on k3s
Survey theme/template: standard
==================
hi folks,
I 'm running LS on k3s cluster on a rocky 8.5 container with php8 and postgres crunchy op. I managed to install db and run LS. Surveys are showing up, but with strange behaviour. When I try to log in /admin, the log in window shows up and after putting my credentials in and clicking on log in the page loads again with a 302 error, so I'm not able to get to the admin area. Same thing with the surveys: they're showing up, when clicking on one of them I'm getting to the participating site, clicking on the button to participate wan't let me do anything and I'm hanging there with the 302 error.
When investigating I found 302 errors in my apache logs:
my apache conf:
<VirtualHost *:80>
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php-fpm/www.sock|fcgi://127.0.0.1:9000/var/www/LIMESURVEY
ProxyPreserveHost on
Alias /upload "/var/www/LIMESURVEY/upload"
Alias /tmp "/var/www/LIMESURVEY/tmp"
Alias /third_party "/var/www/LIMESURVEY/third_party"
Alias /scripts "/var/www/LIMESURVEY/scripts"
Alias /styles "/var/www/LIMESURVEY/styles"
Alias /styles-public "/var/www/LIMESURVEY/styles-public"
Alias /installer "/var/www/LIMESURVEY/installer"
Alias /templates "/var/www/LIMESURVEY/templates"
Alias /images "/var/www/LIMESURVEY/images"
Alias /themes "/var/www/LIMESURVEY/themes"
Alias /assets "/var/www/LIMESURVEY/assets"
<Proxy unix:/run/php-fpm/www.sock>
Require all granted
</Proxy>
<Proxy fcgi://127.0.0.1:9000>
Require all granted
</Proxy>
<Directory /var/www/LIMESURVEY>
Options -Indexes
AllowOverride All
Order allow,deny
allow from all
<FilesMatch \.php$>
SetHandler "unix:/run/php-fpm/www.sock|fcgi://127.0.0.1:9000"
</FilesMatch>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000"
</IfModule>
# AllowOverride all
Require all granted
</Directory>
<Directory ~ ^/var/www/LIMESURVEY/application/(config|logs)>
Require all denied
</Directory>
ServerAdmin serveradmin@myserver
ServerName limesurvey.myserver
DocumentRoot /var/www/LIMESURVEY
LogLevel debug
RewriteEngine on
# RewriteOptions inherit
RewriteRule ^/$ /index.php [R,L]
RewriteRule ^/login$ limesurvey.myserver/index.php/admin [NC,R,L]
ErrorLog /var/log/httpd/limesurvey.myserver-error_log
CustomLog /var/log/httpd/limesurvey.myserver-access_log combined
</VirtualHost>
php-fpm shows no errors. Does anybody maybe have a clue or a hint on whats happening here?
Thanks a lot!
jim
Your LimeSurvey version: 5.3.29
Own server or LimeSurvey hosting: own: running on k3s
Survey theme/template: standard
==================
hi folks,
I 'm running LS on k3s cluster on a rocky 8.5 container with php8 and postgres crunchy op. I managed to install db and run LS. Surveys are showing up, but with strange behaviour. When I try to log in /admin, the log in window shows up and after putting my credentials in and clicking on log in the page loads again with a 302 error, so I'm not able to get to the admin area. Same thing with the surveys: they're showing up, when clicking on one of them I'm getting to the participating site, clicking on the button to participate wan't let me do anything and I'm hanging there with the 302 error.
When investigating I found 302 errors in my apache logs:
my apache conf:
<VirtualHost *:80>
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php-fpm/www.sock|fcgi://127.0.0.1:9000/var/www/LIMESURVEY
ProxyPreserveHost on
Alias /upload "/var/www/LIMESURVEY/upload"
Alias /tmp "/var/www/LIMESURVEY/tmp"
Alias /third_party "/var/www/LIMESURVEY/third_party"
Alias /scripts "/var/www/LIMESURVEY/scripts"
Alias /styles "/var/www/LIMESURVEY/styles"
Alias /styles-public "/var/www/LIMESURVEY/styles-public"
Alias /installer "/var/www/LIMESURVEY/installer"
Alias /templates "/var/www/LIMESURVEY/templates"
Alias /images "/var/www/LIMESURVEY/images"
Alias /themes "/var/www/LIMESURVEY/themes"
Alias /assets "/var/www/LIMESURVEY/assets"
<Proxy unix:/run/php-fpm/www.sock>
Require all granted
</Proxy>
<Proxy fcgi://127.0.0.1:9000>
Require all granted
</Proxy>
<Directory /var/www/LIMESURVEY>
Options -Indexes
AllowOverride All
Order allow,deny
allow from all
<FilesMatch \.php$>
SetHandler "unix:/run/php-fpm/www.sock|fcgi://127.0.0.1:9000"
</FilesMatch>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000"
</IfModule>
# AllowOverride all
Require all granted
</Directory>
<Directory ~ ^/var/www/LIMESURVEY/application/(config|logs)>
Require all denied
</Directory>
ServerAdmin serveradmin@myserver
ServerName limesurvey.myserver
DocumentRoot /var/www/LIMESURVEY
LogLevel debug
RewriteEngine on
# RewriteOptions inherit
RewriteRule ^/$ /index.php [R,L]
RewriteRule ^/login$ limesurvey.myserver/index.php/admin [NC,R,L]
ErrorLog /var/log/httpd/limesurvey.myserver-error_log
CustomLog /var/log/httpd/limesurvey.myserver-access_log combined
</VirtualHost>
php-fpm shows no errors. Does anybody maybe have a clue or a hint on whats happening here?
Thanks a lot!
jim
Last edit: 1 year 8 months ago by jimmi4u. Reason: add log file
Please Log in to join the conversation.
- jimmi4u
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 24
- Thank you received: 0
1 year 8 months ago #230909
by jimmi4u
Replied by jimmi4u on topic 302 error on /admin, / and index pages
I got a bit further and tested with php7.2.24. What I can say is that the problem is not with php-fpm or the fcgi. with the exact configuration I got a 500 error from this logs:
[Wed Aug 03 09:04:08.338731 2022] [proxy_fcgi:debug] [pid 659:tid 139984526898944] mod_proxy_fcgi.c(1028): [client 10.42.1.210:48154] AH01078: serving URL fcgi://php-fpm/var/www/LIMESURVEY/index.php
[Wed Aug 03 09:04:08.338736 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2353): AH00942: FCGI: has acquired connection for (php-fpm)
[Wed Aug 03 09:04:08.338744 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2408): [client 10.42.1.210:48154] AH00944: connecting fcgi://php-fpm/var/www/LIMESURVEY/index.php to php-fpm:8000
[Wed Aug 03 09:04:08.338749 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2445): [client 10.42.1.210:48154] AH02545: fcgi: has determined UDS as /run/php-fpm/www.sock
[Wed Aug 03 09:04:08.338752 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2634): [client 10.42.1.210:48154] AH00947: connected /var/www/LIMESURVEY/index.php to httpd-UDS:0
[Wed Aug 03 09:04:08.338759 2022] [proxy:trace2] [pid 659:tid 139984526898944] proxy_util.c(2918): FCGI: reusing backend connection ?:0<>0.0.0.0:0
proxy_fcgi:trace4] [pid 659:tid 139984526898944] util_script.c(574): [client 10.42.1.210:48154] Headers from script 'index.php':
[Wed Aug 03 09:04:08.421895 2022] [proxy_fcgi:trace4] [pid 659:tid 139984526898944] util_script.c(575): [client 10.42.1.210:48154] Status: 500 Internal Server Error
[Wed Aug 03 09:04:08.421899 2022] [proxy_fcgi:trace1] [pid 659:tid 139984526898944] util_script.c(656): [client 10.42.1.210:48154] Status line from script 'index.php': 500 Internal Server Error
[Wed Aug 03 09:04:08.421903 2022] [proxy_fcgi:trace4] [pid 659:tid 139984526898944] util_script.c(575): [client 10.42.1.210:48154] X-Powered-By: PHP/7.2.24
[Wed Aug 03 09:04:08.421907 2022] [proxy_fcgi:trace4] [pid 659:tid 139984526898944] util_script.c(575): [client 10.42.1.210:48154] Content-type: text/html; charset=UTF-8
[Wed Aug 03 09:04:08.421922 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2368): AH00943: FCGI: has released connection for (php-fpm)
[Wed Aug 03 09:04:08.421935 2022] [headers:trace2] [pid 659:tid 139984526898944] mod_headers.c(875): AH01502: headers: ap_headers_output_filter()
[Wed Aug 03 09:04:08.421964 2022] [http:trace3] [pid 659:tid 139984526898944] http_filters.c(1128): [client 10.42.1.210:48154] Response sent with status 500, headers:
[Wed Aug 03 09:04:08.421969 2022] [http:trace5] [pid 659:tid 139984526898944] http_filters.c(1135): [client 10.42.1.210:48154] Date: Wed, 03 Aug 2022 07:04:08 GMT
[Wed Aug 03 09:04:08.421972 2022] [http:trace5] [pid 659:tid 139984526898944] http_filters.c(1138): [client 10.42.1.210:48154] Server: Apache
[Wed Aug 03 09:04:08.421977 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] X-Powered-By: PHP/7.2.24
[Wed Aug 03 09:04:08.421980 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] X-XSS-Protection: 1; mode=block
[Wed Aug 03 09:04:08.421997 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] Content-Length: 0
[Wed Aug 03 09:04:08.422001 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] Connection: close
[Wed Aug 03 09:04:08.422003 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] Content-Type: text/html; charset=UTF-8
[Wed Aug 03 09:04:09.101582 2022] [http2:trace1] [pid 655:tid 139985181202176] h2_h2.c(588): [client 10.42.1.1:45208] h2_h2, process_conn
[Wed Aug 03 09:04:09.101582 2022] [http2:trace1] [pid 659:tid 139985307027200] h2_h2.c(588): [client 10.42.1.1:45210] h2_h2, process_conn
[Wed Aug 03 09:04:09.101616 2022] [http2:trace1] [pid 655:tid 139985181202176] h2_h2.c(602): [client 10.42.1.1:45208] h2_h2, process_conn, new connection using protocol 'http/1.1', direct=0, tls acceptable=1
[Wed Aug 03 09:04:09.101619 2022] [http2:trace1] [pid 659:tid 139985307027200] h2_h2.c(602): [client 10.42.1.1:45210] h2_h2, process_conn, new connection using protocol 'http/1.1', direct=0, tls acceptable=1
[Wed Aug 03 09:04:09.101622 2022] [http2:trace1] [pid 655:tid 139985181202176] h2_h2.c(661): [client 10.42.1.1:45208] h2_h2, declined
[Wed Aug 03 09:04:09.101624 2022] [http2:trace1] [pid 659:tid 139985307027200] h2_h2.c(661): [client 10.42.1.1:45210] h2_h2, declined
I'll be really very happy about a hint.
Thanks!
[Wed Aug 03 09:04:08.338731 2022] [proxy_fcgi:debug] [pid 659:tid 139984526898944] mod_proxy_fcgi.c(1028): [client 10.42.1.210:48154] AH01078: serving URL fcgi://php-fpm/var/www/LIMESURVEY/index.php
[Wed Aug 03 09:04:08.338736 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2353): AH00942: FCGI: has acquired connection for (php-fpm)
[Wed Aug 03 09:04:08.338744 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2408): [client 10.42.1.210:48154] AH00944: connecting fcgi://php-fpm/var/www/LIMESURVEY/index.php to php-fpm:8000
[Wed Aug 03 09:04:08.338749 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2445): [client 10.42.1.210:48154] AH02545: fcgi: has determined UDS as /run/php-fpm/www.sock
[Wed Aug 03 09:04:08.338752 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2634): [client 10.42.1.210:48154] AH00947: connected /var/www/LIMESURVEY/index.php to httpd-UDS:0
[Wed Aug 03 09:04:08.338759 2022] [proxy:trace2] [pid 659:tid 139984526898944] proxy_util.c(2918): FCGI: reusing backend connection ?:0<>0.0.0.0:0
proxy_fcgi:trace4] [pid 659:tid 139984526898944] util_script.c(574): [client 10.42.1.210:48154] Headers from script 'index.php':
[Wed Aug 03 09:04:08.421895 2022] [proxy_fcgi:trace4] [pid 659:tid 139984526898944] util_script.c(575): [client 10.42.1.210:48154] Status: 500 Internal Server Error
[Wed Aug 03 09:04:08.421899 2022] [proxy_fcgi:trace1] [pid 659:tid 139984526898944] util_script.c(656): [client 10.42.1.210:48154] Status line from script 'index.php': 500 Internal Server Error
[Wed Aug 03 09:04:08.421903 2022] [proxy_fcgi:trace4] [pid 659:tid 139984526898944] util_script.c(575): [client 10.42.1.210:48154] X-Powered-By: PHP/7.2.24
[Wed Aug 03 09:04:08.421907 2022] [proxy_fcgi:trace4] [pid 659:tid 139984526898944] util_script.c(575): [client 10.42.1.210:48154] Content-type: text/html; charset=UTF-8
[Wed Aug 03 09:04:08.421922 2022] [proxy:debug] [pid 659:tid 139984526898944] proxy_util.c(2368): AH00943: FCGI: has released connection for (php-fpm)
[Wed Aug 03 09:04:08.421935 2022] [headers:trace2] [pid 659:tid 139984526898944] mod_headers.c(875): AH01502: headers: ap_headers_output_filter()
[Wed Aug 03 09:04:08.421964 2022] [http:trace3] [pid 659:tid 139984526898944] http_filters.c(1128): [client 10.42.1.210:48154] Response sent with status 500, headers:
[Wed Aug 03 09:04:08.421969 2022] [http:trace5] [pid 659:tid 139984526898944] http_filters.c(1135): [client 10.42.1.210:48154] Date: Wed, 03 Aug 2022 07:04:08 GMT
[Wed Aug 03 09:04:08.421972 2022] [http:trace5] [pid 659:tid 139984526898944] http_filters.c(1138): [client 10.42.1.210:48154] Server: Apache
[Wed Aug 03 09:04:08.421977 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] X-Powered-By: PHP/7.2.24
[Wed Aug 03 09:04:08.421980 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] X-XSS-Protection: 1; mode=block
[Wed Aug 03 09:04:08.421997 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] Content-Length: 0
[Wed Aug 03 09:04:08.422001 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] Connection: close
[Wed Aug 03 09:04:08.422003 2022] [http:trace4] [pid 659:tid 139984526898944] http_filters.c(957): [client 10.42.1.210:48154] Content-Type: text/html; charset=UTF-8
[Wed Aug 03 09:04:09.101582 2022] [http2:trace1] [pid 655:tid 139985181202176] h2_h2.c(588): [client 10.42.1.1:45208] h2_h2, process_conn
[Wed Aug 03 09:04:09.101582 2022] [http2:trace1] [pid 659:tid 139985307027200] h2_h2.c(588): [client 10.42.1.1:45210] h2_h2, process_conn
[Wed Aug 03 09:04:09.101616 2022] [http2:trace1] [pid 655:tid 139985181202176] h2_h2.c(602): [client 10.42.1.1:45208] h2_h2, process_conn, new connection using protocol 'http/1.1', direct=0, tls acceptable=1
[Wed Aug 03 09:04:09.101619 2022] [http2:trace1] [pid 659:tid 139985307027200] h2_h2.c(602): [client 10.42.1.1:45210] h2_h2, process_conn, new connection using protocol 'http/1.1', direct=0, tls acceptable=1
[Wed Aug 03 09:04:09.101622 2022] [http2:trace1] [pid 655:tid 139985181202176] h2_h2.c(661): [client 10.42.1.1:45208] h2_h2, declined
[Wed Aug 03 09:04:09.101624 2022] [http2:trace1] [pid 659:tid 139985307027200] h2_h2.c(661): [client 10.42.1.1:45210] h2_h2, declined
I'll be really very happy about a hint.
Thanks!
Please Log in to join the conversation.
- holch
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 11658
- Thank you received: 2742
1 year 8 months ago #230922
by holch
I answer at the LimeSurvey forum in my spare time, I'm not a LimeSurvey GmbH employee.
No support via private message.
Replied by holch on topic 302 error on /admin, / and index pages
Hi Jimmi,
Most members of the forum are users, experts in Limesurvey. This here looks like a server configuration issue. So it might take a while until someone who is knowledgable in these things will show up here. But maybe you are lucky and @jelo shows up. I think he is the most knowledgebale one in the forum regarding these server related things.
Especially as you seem to have a very specific setup, probably very different to what most others run here:
Most members of the forum are users, experts in Limesurvey. This here looks like a server configuration issue. So it might take a while until someone who is knowledgable in these things will show up here. But maybe you are lucky and @jelo shows up. I think he is the most knowledgebale one in the forum regarding these server related things.
Especially as you seem to have a very specific setup, probably very different to what most others run here:
k3s cluster on a rocky 8.5 container with php8 and postgres crunchy op
I answer at the LimeSurvey forum in my spare time, I'm not a LimeSurvey GmbH employee.
No support via private message.
Please Log in to join the conversation.
- jimmi4u
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 24
- Thank you received: 0
1 year 8 months ago #230927
by jimmi4u
Replied by jimmi4u on topic 302 error on /admin, / and index pages
Hi holch,
thanks for your answer! I know it's a specific setup and it is fun setting it up, but this 302 is driving me crazy
So what I did is going back to php8.0, cause the issue seems not to be php-fpm or fcgi related. I guess you are right about that it might be an issue with the configuration, but the documentation covers only the basic stuff and there are no other sources to look for.
I did a fresh install of LS with modified php-fpm conf for redis and LS's precheck complies about it and didn't let me continue. Everything else was green. Actually I don't believe it's a redis issue because the server is availible in the cluster and LS is working with the right config.php settings and I have the keys inside redis..... So I'm out of clues..
btw. how can I connect to @jelo? Seems to be my last chance
Thanks a lot in advance!
jim
thanks for your answer! I know it's a specific setup and it is fun setting it up, but this 302 is driving me crazy
So what I did is going back to php8.0, cause the issue seems not to be php-fpm or fcgi related. I guess you are right about that it might be an issue with the configuration, but the documentation covers only the basic stuff and there are no other sources to look for.
I did a fresh install of LS with modified php-fpm conf for redis and LS's precheck complies about it and didn't let me continue. Everything else was green. Actually I don't believe it's a redis issue because the server is availible in the cluster and LS is working with the right config.php settings and I have the keys inside redis..... So I'm out of clues..
btw. how can I connect to @jelo? Seems to be my last chance
Thanks a lot in advance!
jim
Please Log in to join the conversation.
- jimmi4u
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 24
- Thank you received: 0
1 year 8 months ago - 1 year 8 months ago #230928
by jimmi4u
Replied by jimmi4u on topic 302 error on /admin, / and index pages
Found an interesting topic regarding YII:
forum.yiiframework.com/t/https-302-redir...osting-form/43651/12
I'm investigating...
I'm investigating...
Last edit: 1 year 8 months ago by jimmi4u.
Please Log in to join the conversation.
- jelo
- Offline
- Platinum Member
Less
More
- Posts: 5033
- Thank you received: 1257
1 year 8 months ago #230930
by jelo
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
Replied by jelo on topic 302 error on /admin, / and index pages
You might post the config.php file your of LimeSurvey installation (with some parts removed for security reasons).
Where is the php session data saved in your LimeSurvey setup?
Did you install the LimeSurvey via the webinstaller or otherwise?
The issue looks like an issue related to redirection or session data.
Is the /admin/ URL changed into /index.php?r=admin/authentication/sa/login when you enter the URL to reach the admin login screen?
Try to enter "/index.php?r=admin/authentication/sa/login" to reach the login screen instead of /admin
Checking the URL redirection might be worth a few minutes.
Check if you override parts of the htaccess inside the LimeSurvey directory with your virtual hosts settings.
Perhaps remove parts there and let the htaccess file do the magic first.
The default URL format is set in application/config/config.php,
'urlFormat' => 'get',
or
'urlFormat' => 'path',
Consult
manual.limesurvey.org/Optional_settings#URL_settings
for more infos.
Where is the session data saved in your LimeSurvey setup?
Check your php session handler via phpinfo.
Where is the php session data saved in your LimeSurvey setup?
Did you install the LimeSurvey via the webinstaller or otherwise?
The issue looks like an issue related to redirection or session data.
Is the /admin/ URL changed into /index.php?r=admin/authentication/sa/login when you enter the URL to reach the admin login screen?
Try to enter "/index.php?r=admin/authentication/sa/login" to reach the login screen instead of /admin
Checking the URL redirection might be worth a few minutes.
Check if you override parts of the htaccess inside the LimeSurvey directory with your virtual hosts settings.
Perhaps remove parts there and let the htaccess file do the magic first.
The default URL format is set in application/config/config.php,
'urlFormat' => 'get',
or
'urlFormat' => 'path',
Consult
manual.limesurvey.org/Optional_settings#URL_settings
for more infos.
Where is the session data saved in your LimeSurvey setup?
Check your php session handler via phpinfo.
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
Please Log in to join the conversation.
- jimmi4u
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 24
- Thank you received: 0
1 year 8 months ago - 1 year 8 months ago #230932
by jimmi4u
Replied by jimmi4u on topic 302 error on /admin, / and index pages
Hi Jelo and thank you very much for your answer!
I thought it might be userfull to adding some extra info of my setup.
config.php:cat > @@APPDIR@@/application/config/config.php << EOF<?phpif (!defined('BASEPATH')) {exit('No direct script access allowed');}return array('components' => array('db' => array('connectionString' => 'pgsql:host=$,'emulatePrepare' => true,'username' => '$(cat /secret/pg-secret/user)','password' => '$(cat /secret/pg-secret/password)','charset' => 'utf8','tablePrefix' => 'lime_',),'session' => array('sessionName' => 'limesurvey', ),'urlManager' => array('urlFormat' => 'path','rules' => array(// You can add your own rules here),'showScriptName' => true,), 'assetManager' => array('basePath' => '@@APPDIR@@/tmp/assets',),'request'=>array('csrfCookie'=>;(object)array('domain'=>'mysurvey.server','path' => '/',)),'cache' => array('class' => 'CRedisCache','hostname' => '$(cat /secret/redis-secret/host)','port' => 6379,'database' => 0,'password' => '$(cat /secret/redis-secret/password)','options' => STREAM_CLIENT_CONNECT,)),'config'=>array('debug' => ${DEBUG:-2},'debugsql' => ${DEBUG:-1}, // Set this to 1 to enanble sql logging, only active when debug = 2'updatable' => false,'uploaddir' => '@@APPDIR@@/upload','tempdir' => '@@APPDIR@@/tmp','usertemplaterootdir'=>'@@APPDIR@@/upload/templates'),);
apache config:
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php-fpm/www.sock|fcgi://127.0.0.1:9000/var/www/LIMESURVEY
ProxyPreserveHost on
Alias /upload "/var/www/LIMESURVEY/upload"
Alias /tmp "/var/www/LIMESURVEY/tmp"
Alias /third_party "/var/www/LIMESURVEY/third_party"
Alias /scripts "/var/www/LIMESURVEY/scripts"
Alias /styles "/var/www/LIMESURVEY/styles"
Alias /styles-public "/var/www/LIMESURVEY/styles-public"
Alias /installer "/var/www/LIMESURVEY/installer"
Alias /templates "/var/www/LIMESURVEY/templates"
Alias /images "/var/www/LIMESURVEY/images"
Alias /themes "/var/www/LIMESURVEY/themes"
Alias /assets "/var/www/LIMESURVEY/assets"
<Proxy unix:/run/php-fpm/www.sock>
Require all granted
</Proxy>
<Proxy fcgi://127.0.0.1:9000>
Require all granted
</Proxy>
<Directory /var/www/LIMESURVEY>
AllowOverride All
Require all granted
</Directory>
<Directory ~ ^/var/www/LIMESURVEY/application/(config|logs)>
Require all denied
</Directory>
ServerAdmin serveradmin@myserver
ServerName mysurvey.server
DocumentRoot /var/www/LIMESURVEY
LogLevel trace5
RewriteEngine on
# RewriteOptions inherit
# RewriteRule ^/$ /index.php [R,L]
RewriteRule ^/login$ mysurvey.server/index.php?r=admin/authentication/sa/login [NC,R,L]
ErrorLog /var/log/httpd/mysurvey-error_log
CustomLog /var/log/httpd/myserver-access_log combined
.htaccess is left untouched.
the index.php?r=admin/authentication/sa/login doesn't achieve anything. I'm landing on the survey page and not in the login area...
request and respond header:
Respond_header:
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 05:19:04 GMT
location: mysurvey.server/index.php/admin/index
server: Apache
set-cookie: YII_CSRF_TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; SameSite=Lax
set-cookie: YII_CSRF_TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; SameSite=Lax
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: PHP/8.0.22
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
Request Header:
POST /index.php/admin/authentication/sa/login HTTP/2
Host: mysurvey.server
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 222
Origin: mysurvey.server
Connection: keep-alive
Referer: mysurvey.server/index.php/admin/authentication/sa/login
Cookie: _gcl_au=1.1.1030608996.1659514808; _ga_7ZV6JMX8Q2=GS1.1.1659514807.1.1.1659514928.0; _ga=GA1.1.783072166.1659514808; ZNPCQ003-32313900=b5d03b69; AAAA03802d6ade=AQAAAAAAAABKSmhIZ+uxqHYJVfN0qf6X; YII_CSRF_TOKEN=S1J1UTNjbWU4djNsUE9MQ2xMYnBTamhoS2gxYWJCVUx8sPNOM-QSVTLr0lWD1NgV4np3cDA1NagBkSIv5n2mhw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
DNT: 1
Sec-GPC: 1
TE: trailers
php-fpm www.conf :
php_value[session.save_handler] = redis
php_value[session.save_path] = 'tcp://redis-standalone:6379?database=0&auth=somepass'
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
interesting is that I have a long wait time of more then 100ms when I login with the get index and post login from the admin site... (see screenshots)
I installed it initially via webinstaller without troubles, but when I now rename the config.php the webinstaller won't let me further because LS has no clue about the redis server .. (see screenshot)
redis is up and running and I can connect to it from the LS pod via redis-cli and there are keys regarding to LS too: f.e:
"a:2:{i:0;a:2:{i:0;a:19:{i:0;O:8:\"CUrlRule\":16:{s:9:\"urlSuffix\";N;s:13:\"caseSensitive\";N;s:13:\"defaultParams\";a:0:{}s:10:\"matchValue\";N;s:4:\"verb\";N;s:11:\"parsingOnly\";b:0;s:5:\"route\";s:51:\"survey/index/sid/<_sid>/lang/<_lang>/token/<_token>\";s:10:\"references\";a:3:{s:4:\"_sid\";s:6:\"<_sid>\";s:5:\"_lang\";s:7:\"<_lang>\";s:6:\"_token\";s:8:\"<_token>\";}s:12:\"routePattern\";s:90:\"/^survey\\/index\\/sid\\/(?P<_sid>\\d+)\\/lang\\/(?P<_lang>\\w+[-\\w]+)\\/token\\/(?P<_token>\\w+)$/u\";s:7:\"pattern\";s:68:\"/^(?P<_sid>\\d+)\\/lang\\-(?P<_lang>\\w+[-\\w]+)\\/tk\\-(?P<_token>\\w+)\\//u\";s:8:\"template\";s:31:\"<_sid>/lang-<_lang>/tk-<_token>\";s:6:\"params\";a:0:{}s:6:\"append\";b:1;s:11:\"hasHostInfo\";b:0;s:14:\"........
thanks for your help!
jim
EDIT 1: when changing from urlFormat' => 'path', to urlFormat' => 'get' the index.php?r=admin/authentication/sa/login redirects me to the admin site but the login attempt ends up also with a 302...
EDIT 2: my header settings:
Spec: │
│ Headers: │
│ Browser Xss Filter: true │
│ Content Type Nosniff: true │
│ Force STS Header: true │
│ Frame Deny: true │
│ Ssl Proxy Headers: │
│ X - Forwarded - Proto: https │
│ Ssl Redirect: true │
│ Ssl Temporary Redirect: true │
│ Sts Include Subdomains: true │
│ Sts Preload: true │
│ Sts Seconds: 315360000
I thought it might be userfull to adding some extra info of my setup.
config.php:cat > @@APPDIR@@/application/config/config.php << EOF<?phpif (!defined('BASEPATH')) {exit('No direct script access allowed');}return array('components' => array('db' => array('connectionString' => 'pgsql:host=$,'emulatePrepare' => true,'username' => '$(cat /secret/pg-secret/user)','password' => '$(cat /secret/pg-secret/password)','charset' => 'utf8','tablePrefix' => 'lime_',),'session' => array('sessionName' => 'limesurvey', ),'urlManager' => array('urlFormat' => 'path','rules' => array(// You can add your own rules here),'showScriptName' => true,), 'assetManager' => array('basePath' => '@@APPDIR@@/tmp/assets',),'request'=>array('csrfCookie'=>;(object)array('domain'=>'mysurvey.server','path' => '/',)),'cache' => array('class' => 'CRedisCache','hostname' => '$(cat /secret/redis-secret/host)','port' => 6379,'database' => 0,'password' => '$(cat /secret/redis-secret/password)','options' => STREAM_CLIENT_CONNECT,)),'config'=>array('debug' => ${DEBUG:-2},'debugsql' => ${DEBUG:-1}, // Set this to 1 to enanble sql logging, only active when debug = 2'updatable' => false,'uploaddir' => '@@APPDIR@@/upload','tempdir' => '@@APPDIR@@/tmp','usertemplaterootdir'=>'@@APPDIR@@/upload/templates'),);
apache config:
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php-fpm/www.sock|fcgi://127.0.0.1:9000/var/www/LIMESURVEY
ProxyPreserveHost on
Alias /upload "/var/www/LIMESURVEY/upload"
Alias /tmp "/var/www/LIMESURVEY/tmp"
Alias /third_party "/var/www/LIMESURVEY/third_party"
Alias /scripts "/var/www/LIMESURVEY/scripts"
Alias /styles "/var/www/LIMESURVEY/styles"
Alias /styles-public "/var/www/LIMESURVEY/styles-public"
Alias /installer "/var/www/LIMESURVEY/installer"
Alias /templates "/var/www/LIMESURVEY/templates"
Alias /images "/var/www/LIMESURVEY/images"
Alias /themes "/var/www/LIMESURVEY/themes"
Alias /assets "/var/www/LIMESURVEY/assets"
<Proxy unix:/run/php-fpm/www.sock>
Require all granted
</Proxy>
<Proxy fcgi://127.0.0.1:9000>
Require all granted
</Proxy>
<Directory /var/www/LIMESURVEY>
AllowOverride All
Require all granted
</Directory>
<Directory ~ ^/var/www/LIMESURVEY/application/(config|logs)>
Require all denied
</Directory>
ServerAdmin serveradmin@myserver
ServerName mysurvey.server
DocumentRoot /var/www/LIMESURVEY
LogLevel trace5
RewriteEngine on
# RewriteOptions inherit
# RewriteRule ^/$ /index.php [R,L]
RewriteRule ^/login$ mysurvey.server/index.php?r=admin/authentication/sa/login [NC,R,L]
ErrorLog /var/log/httpd/mysurvey-error_log
CustomLog /var/log/httpd/myserver-access_log combined
.htaccess is left untouched.
the index.php?r=admin/authentication/sa/login doesn't achieve anything. I'm landing on the survey page and not in the login area...
request and respond header:
Respond_header:
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 05:19:04 GMT
location: mysurvey.server/index.php/admin/index
server: Apache
set-cookie: YII_CSRF_TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; SameSite=Lax
set-cookie: YII_CSRF_TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; SameSite=Lax
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: PHP/8.0.22
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
Request Header:
POST /index.php/admin/authentication/sa/login HTTP/2
Host: mysurvey.server
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 222
Origin: mysurvey.server
Connection: keep-alive
Referer: mysurvey.server/index.php/admin/authentication/sa/login
Cookie: _gcl_au=1.1.1030608996.1659514808; _ga_7ZV6JMX8Q2=GS1.1.1659514807.1.1.1659514928.0; _ga=GA1.1.783072166.1659514808; ZNPCQ003-32313900=b5d03b69; AAAA03802d6ade=AQAAAAAAAABKSmhIZ+uxqHYJVfN0qf6X; YII_CSRF_TOKEN=S1J1UTNjbWU4djNsUE9MQ2xMYnBTamhoS2gxYWJCVUx8sPNOM-QSVTLr0lWD1NgV4np3cDA1NagBkSIv5n2mhw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
DNT: 1
Sec-GPC: 1
TE: trailers
php-fpm www.conf :
php_value[session.save_handler] = redis
php_value[session.save_path] = 'tcp://redis-standalone:6379?database=0&auth=somepass'
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
interesting is that I have a long wait time of more then 100ms when I login with the get index and post login from the admin site... (see screenshots)
I installed it initially via webinstaller without troubles, but when I now rename the config.php the webinstaller won't let me further because LS has no clue about the redis server .. (see screenshot)
redis is up and running and I can connect to it from the LS pod via redis-cli and there are keys regarding to LS too: f.e:
"a:2:{i:0;a:2:{i:0;a:19:{i:0;O:8:\"CUrlRule\":16:{s:9:\"urlSuffix\";N;s:13:\"caseSensitive\";N;s:13:\"defaultParams\";a:0:{}s:10:\"matchValue\";N;s:4:\"verb\";N;s:11:\"parsingOnly\";b:0;s:5:\"route\";s:51:\"survey/index/sid/<_sid>/lang/<_lang>/token/<_token>\";s:10:\"references\";a:3:{s:4:\"_sid\";s:6:\"<_sid>\";s:5:\"_lang\";s:7:\"<_lang>\";s:6:\"_token\";s:8:\"<_token>\";}s:12:\"routePattern\";s:90:\"/^survey\\/index\\/sid\\/(?P<_sid>\\d+)\\/lang\\/(?P<_lang>\\w+[-\\w]+)\\/token\\/(?P<_token>\\w+)$/u\";s:7:\"pattern\";s:68:\"/^(?P<_sid>\\d+)\\/lang\\-(?P<_lang>\\w+[-\\w]+)\\/tk\\-(?P<_token>\\w+)\\//u\";s:8:\"template\";s:31:\"<_sid>/lang-<_lang>/tk-<_token>\";s:6:\"params\";a:0:{}s:6:\"append\";b:1;s:11:\"hasHostInfo\";b:0;s:14:\"........
thanks for your help!
jim
EDIT 1: when changing from urlFormat' => 'path', to urlFormat' => 'get' the index.php?r=admin/authentication/sa/login redirects me to the admin site but the login attempt ends up also with a 302...
EDIT 2: my header settings:
Spec: │
│ Headers: │
│ Browser Xss Filter: true │
│ Content Type Nosniff: true │
│ Force STS Header: true │
│ Frame Deny: true │
│ Ssl Proxy Headers: │
│ X - Forwarded - Proto: https │
│ Ssl Redirect: true │
│ Ssl Temporary Redirect: true │
│ Sts Include Subdomains: true │
│ Sts Preload: true │
│ Sts Seconds: 315360000
Attachments:
Last edit: 1 year 8 months ago by jimmi4u.
Please Log in to join the conversation.
- jelo
- Offline
- Platinum Member
Less
More
- Posts: 5033
- Thank you received: 1257
1 year 8 months ago #230934
by jelo
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
Replied by jelo on topic 302 error on /admin, / and index pages
I don't use LimeSurvey in a comparable environment. I don't use redis, so my debugging skills will not help you that much.
config.php
Change path in 'urlFormat' => 'path', to 'get" for a try.
Cache Redisdatabase.
Is 'database'=>0, correct?
Could it be a higher number?
config.php
Change path in 'urlFormat' => 'path', to 'get" for a try.
Cache Redisdatabase.
Is 'database'=>0, correct?
Could it be a higher number?
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
Please Log in to join the conversation.
- jimmi4u
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 24
- Thank you received: 0
1 year 8 months ago #230942
by jimmi4u
Replied by jimmi4u on topic 302 error on /admin, / and index pages
Hi jelo,
i tried it with "get" and got also a 302
database 0 is correct, LS is writing some data to it.... so I don't think it is a redis issue.
do you have some other suggestions? I'll try it nginx maybe a bit later.
i tried it with "get" and got also a 302
database 0 is correct, LS is writing some data to it.... so I don't think it is a redis issue.
do you have some other suggestions? I'll try it nginx maybe a bit later.
Please Log in to join the conversation.
- jimmi4u
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 24
- Thank you received: 0
1 year 8 months ago #230986
by jimmi4u
Replied by jimmi4u on topic 302 error on /admin, / and index pages
Problem solved! Thanks for the hints! the problem was within the php-fpm redis module.
Please Log in to join the conversation.