After published, can't edit and logout

i’m traing find solution for sessions problem. After publish I can’t edit pages, i can’t logout too.
I try change chmod to 777 for site/sessions and files but it doesn’t work.
In localhost everything works fine. How can I do this?

Exception: undefined

session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in file: /domains/.../public_html/kirby/vendor/getkirby/toolkit/lib/s.php on line: 64

Which Kirby version?


The path for the toolkit looks wrong for Kirby 3. Are you running different version concurrently on the server?

That is a path to the toolkit for Kirby 2

Possible, it’s because in parent (domain) folder i have kirby 2 too?

Probably. In any case something get’s mixed up here badly.

You should probably run Kirby 3 on it’s own domain, not by calling a subfolder.

Ok, i try and come back with answer

I usually see this error message if I try to log into Kirby 2 while a Kirby 3 session is still active (on localhost, if not using virtual hosts). So keeping your 2 Kirby installation separate should fix the issue.

1 Like

I run website on test subdomain. Alert doesn’t show now, but i can’t save edits and logout. What wrong now can be?

I see fun face in right top corner, but changes are don’t saved

Its server log

Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

Hm, have you cleared all sessions? Cleared the browser cache and all session data in the browser?

That error message means that there are too many redirects happing for some reason, but that is an issue you have to solve on the server level.

I checked console while i try saving changes and i got this code:

app.js:1 PATCH 403 (Forbidden)


Kirby on server without any else installations of kirby, while saving changes, shows error with API

Exception: undefined
The JSON response from the API could not be parsed. Please check your API connection.

It seems to be some session problem, so the user is not authenticated when the PATCH request is made or PATCH requests are not allowed.

Do other requests, like creating new pages etc. work?

Please also see the troubleshooting docs:

Creating new pages works fine, but problem is with publish. When I try, I have a error:
The JSON response from the API could not be parsed. Please check your API connection.

I tried with php_value opcache.revalidate_freq 0 in httaccess, but doesn’t work.

Now console shows this message after login panel:

Failed to load resource: the server responded with a status of 404 (Not Found)



  code: 404
  exception: "Exception"
  file: "kirby/src/Http/Router.php"
  line: 145
  message: "No route found for path: "auth/logout" and request method: "GET""
  route: null
  status: "error"
  __proto__: Object

I can’t find solution :frowning: it’s possible, because i do it on trial licence?


Have you also checked the other points mentioned in the troubleshooting guide I linked to?

Also, have you tried to install a fresh Starterkit to see if you can reproduce your issue there?

I try install starterkit - still does’t work
I turn off mod_security on domain
i add to htaccess:

php_value opcache.revalidate_freq 0
<IfModule mod_expires.c>
ExpiresActive off

I clean media, cache and sessions folders

really i don’t know what more can i do. Still i can’t logout, edit and publish pages. I can create drafts, thats all. I have a problem with PATHS. when i try edit page title i get:
No route found for path: "site/title" and request method: "GET"

Looks like the PATCH request doesn’t work.

This is the site/title route:

        'pattern' => 'site/title',
        'method'  => 'PATCH',
        'action'  => function () {
            return $this->site()->changeTitle($this->requestBody('title'));

As you can see, the expected method for this route is a PATCH request, not a GET request.

Have you contacted your provider to find out if PATCH requests are disabled?

Do you mean

Yes, HTTP has different request methods: GET, POST, PATCH, DELETE etc.

Sometimes, Hosting providers do not support all of them, at least we had an issue here on the forum where PATCH wasn’t supported.

Ok, if someone have a the same problem with PATCH, add this to httaccess file:

<Limit PATCH>
order allow,deny
allow from all