Permanent panel logout on https connection on Uberspace


#1

Hello,
I managed to setup lets encrypt on my uberspace server (very easy) and now I’ve the following issue with the panel. I get kicked out randomly when trying to login to the panel. Sometimes I get in and can move around a bit and then get kicked out. Sometimes I end up directly on the login form again. Possibly this is caused by htaccess, it’s mostly the standard htaccess from kirbys basekit with this additions/changes:

RewriteBase /

# redirect to https
# https://wiki.uberspace.de/webserver:htaccess#https_erzwingen
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{ENV:HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

There is no error regarding redirection or so in my error log, I tried to setup a user for @lukasbestle and the Server throws the following issue:

 [Sun Dec 27 17:47:31 2015] [warn] [client 87.144.228.118] mod_fcgid: stderr: PHP Fatal error:  Call to a member function direction() on null in /var/www/virtual/user/html/domain.de/panel/app/src/panel.php on line 353, referer: https://domain.de/panel/users/add

So, I’m stucked…


#2

That pretty much looks like an incomplete installation of Kirby and doesn’t seem to be caused by your RewriteRules. Try recursively cloning a Kirby starterkit directly on the server and changing the .htaccess in that installation. That should work.


#3

Same result, installed it in a subfolder, changed the .htaccess accordingly and added the subfolder in the config.php now I’m not even able to create the initial user. :unamused:


Can't Login Into Panel
#4

Sounds like a file owner/permission problem … Do you get any error messages in your server logs?


#5

Hi, no nothing. I removed the second installation again. @lukasbestle I checked also my main installation, all submodules and the main repository are up to date with origin/master besides the changes I made to .htaccess etc. I should mention that everything works fine if I remove the redirect to https from my .htaccess and work only on http.


#6

What I just saw: You use the RewriteEngine On directive twice now after you added the rewriting code. I don’t know how that could cause your issue, but please remove it anyway.


#7

No Change :frowning: is there an error reporting I could enable in kirby? As there is nothing in the log file.


#8

So, tested it again. Made a backup of my installation, installed Kirbys starter kit from scratch directly on the server in root.

HTTPS: I’m not even able to complete the setup.
HTTP: everything works fine.

If I add the redirect rules

RewriteCond %{HTTPS} !=on
RewriteCond %{ENV:HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

same old problem. :expressionless:


#9

I tested this with a fresh starter kit on Uberspace (although not with a let’s encrypt certificate, but with the uberspace wildcard one), and I encountered the same problem. If I set the rewrite base, I can create the initial user, but no chance to log in with that user. I’m constantly redirected to the login form.


#10

Okay, same but different, are you able to trace the issue?


#11

I just tested it as well on Uberspace with Kirby 2.2.3 using a StartSSL certificate. It works for me (even using TLS) when just setting the RewriteBase (make sure to clear your browser cache when testing this again!).

I’m having the same problem with the Uberspace HTTPS enforcement rules enabled though, even if I’m already using TLS. I have also tried to disable the rule for the Panel, but even that didn’t work:

RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{ENV:HTTPS} !=on
RewriteCond %{REQUEST_URI} !^/panel
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301]

To be honest I don’t know at all why it doesn’t. Could you please contact Uberspace support? Maybe they know why that might happen.


#12

When I remove all .htaccess settings, and just set the RewriteBase, it works, thus not enforcing https though.


#13

Yep, same for me. No idea why.


#14

You guys should tweet this topic to uberspace (@ubernauten) on Twitter. They respond within minutes. And since they are at the 32c3 they are probably awake :slight_smile:


#15

Way ahead of you :wink: Already did…


#16

No response or no solution?


#17

No #32C3 seems to keep them busy. :frowning:


#18

Too bad, they were really fast with enabling error logs this afternoon, but the logs don’t want to tell anything :open_mouth:


#19

Yeah, I still don’t have a clue. Maybe @bastianallgeier has an idea till the uberspace people react?


#20

Uberspace contacted me, but while they where looking at the problem I found the solution myself. I’m serving multiple URIs and have dedicated folders for each of them in my html/ like:

html/URI1 ←Kirby is in here
html/URI2 
.htaccess

Turns out, you’ve to set the RewriteBase / also in the html/.htacces as well as in the Kirby .htaccess.

Enforcement of https needs to take place in Kirby .htaccess.

This seems to work for me right now, I still had some awkward logouts but I’m blaming caching.
Let me know your thoughts.

Edit: Well, it’s not yet perfect. Still having awkward logouts.