Bad login results in 500 internal server error
Moderator: General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Apprentice
- Posts: 5
- Joined: Mon Dec 12, 2011 12:10 pm
Bad login results in 500 internal server error
Hello,
One of our website running on J! 1.7.3 seems to be working fine with both .htaccess and SEF enabled.
We came accross a very strange issue when providing an empty or bad combination of username/password and clicking login (by the way, we use the core login to handle or logins)
In both cases, joomla returns an http "500 internal server error" on http://www.domain.com even though this is the main url to access the site (our login module is placed on the main page) Following a few hours of investigations, I figured out this might be linked to my .htaccess file (posted below)
I tried to comment FollowSymLinks but didn't seem to work (instantly anyway) ..
I'm not a .htaccess guru.. could anyone advise? hope this post will help a lot of other people who seem to have similar issues.
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
# Options -MultiViews
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)
RewriteBase /
########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section
One of our website running on J! 1.7.3 seems to be working fine with both .htaccess and SEF enabled.
We came accross a very strange issue when providing an empty or bad combination of username/password and clicking login (by the way, we use the core login to handle or logins)
In both cases, joomla returns an http "500 internal server error" on http://www.domain.com even though this is the main url to access the site (our login module is placed on the main page) Following a few hours of investigations, I figured out this might be linked to my .htaccess file (posted below)
I tried to comment FollowSymLinks but didn't seem to work (instantly anyway) ..
I'm not a .htaccess guru.. could anyone advise? hope this post will help a lot of other people who seem to have similar issues.
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
# Options -MultiViews
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)
RewriteBase /
########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section
-
- Joomla! Apprentice
- Posts: 5
- Joined: Mon Dec 12, 2011 12:10 pm
Re: Bad login results in 500 internal server error
Dear all,
Maybe I ough to mention this apparently important information: my website is using godaddy. Could this have an impact on the content of the .htaccess?
Maybe I ough to mention this apparently important information: my website is using godaddy. Could this have an impact on the content of the .htaccess?
-
- Joomla! Apprentice
- Posts: 5
- Joined: Mon Dec 12, 2011 12:10 pm
Re: Bad login results in 500 internal server error
Hi, thanks for your feedback.
Yes SEF and mod_rewrite is enabled on backend
I tried commenting out Options +FollowSymLinks but we didn't notice any difference
I tired through Firebug to anaylize the code of the login module. the module apparently sets a token that is passed through when cliking on login. When deleting this piece of code, I receive the bad login error.. but when leaving the code unchanged, as it should, I get a 500 back.
Any ideas?
Yes SEF and mod_rewrite is enabled on backend
I tried commenting out Options +FollowSymLinks but we didn't notice any difference
I tired through Firebug to anaylize the code of the login module. the module apparently sets a token that is passed through when cliking on login. When deleting this piece of code, I receive the bad login error.. but when leaving the code unchanged, as it should, I get a 500 back.
Any ideas?
-
- Joomla! Apprentice
- Posts: 5
- Joined: Mon Dec 12, 2011 12:10 pm
Re: Bad login results in 500 internal server error
I tried various .thaccess files, including the one mentioned in another post:
http://forum.joomla.org/viewtopic.php?f=618&t=594932
But still I still get the internal server error when providing an empty or wrong login on the front end.
Could this be linked to permissions? Been stuck for days on this issues, thanks for any feedback
http://forum.joomla.org/viewtopic.php?f=618&t=594932
But still I still get the internal server error when providing an empty or wrong login on the front end.
Could this be linked to permissions? Been stuck for days on this issues, thanks for any feedback
-
- Joomla! Fledgling
- Posts: 1
- Joined: Thu Dec 29, 2011 5:31 am
Re: Bad login results in 500 internal server error
I have the same problem. To me it looks like on failure it is simply trying to go somewhere "bad" (such as somewhere restricted by an .htaccess file, perhaps).
Is there a way to set the page Joomla directs to on failure?
Thanks,
T
Is there a way to set the page Joomla directs to on failure?
Thanks,
T
- sanjayidhatiya
- Joomla! Apprentice
- Posts: 14
- Joined: Thu Sep 08, 2011 12:12 pm
Re: Bad login results in 500 internal server error
hey friends i have a same problem with login on live ....it will worked perfectly on my localhost but in live it will give me 500 error page .....anybody can solve it ?????
-
- Joomla! Fledgling
- Posts: 1
- Joined: Fri Feb 10, 2012 9:29 am
Re: Bad login results in 500 internal server error
I got the Solution!
Steps:
1. Check the log and temp folders permission. Set it to 755 if not set.
2. Open configuration.php
Now you need to change the values of the variable
$log_path = 'XXXXXXXXXXXXX';
$tmp_path = 'XXXXXXXXXXXXX';
To absolute path of these folders on your server. In my case i am using cPanel. So values would be
$log_path = /home/****/public_html/log
$tmp_path = /home/****/public_html/tmp
Steps:
1. Check the log and temp folders permission. Set it to 755 if not set.
2. Open configuration.php
Now you need to change the values of the variable
$log_path = 'XXXXXXXXXXXXX';
$tmp_path = 'XXXXXXXXXXXXX';
To absolute path of these folders on your server. In my case i am using cPanel. So values would be
$log_path = /home/****/public_html/log
$tmp_path = /home/****/public_html/tmp
- sanjayidhatiya
- Joomla! Apprentice
- Posts: 14
- Joined: Thu Sep 08, 2011 12:12 pm
Re: Bad login results in 500 internal server error
great worked fine ...........
-
- Joomla! Apprentice
- Posts: 16
- Joined: Tue May 29, 2012 4:34 pm
Re: Bad login results in 500 internal server error
I had similar problem.netelite wrote:I got the Solution!
Steps:
1. Check the log and temp folders permission. Set it to 755 if not set.
2. Open configuration.php
Now you need to change the values of the variable
$log_path = 'XXXXXXXXXXXXX';
$tmp_path = 'XXXXXXXXXXXXX';
To absolute path of these folders on your server. In my case i am using cPanel. So values would be
$log_path = /home/****/public_html/log
$tmp_path = /home/****/public_html/tmp
Dunno why u change permissions - it's 0444 and what i had to do is: your step #2 - changing paths.
Then I did just what http://duckprince.[URL banned].com/2012/02/ ... rator.html says - rewrite password in database - no need to contact hosting company, no need to change security settings
(dunno much bout permissions and security issues but I've found some info about changing permissions to 0644 in this case - maybe it works 2).
I'm wonder if it can stay the way it is without further problems.
cheers
-
- Joomla! Apprentice
- Posts: 6
- Joined: Wed Apr 13, 2011 5:59 pm
Re: Bad login results in 500 internal server error
worked great for me also, thanks so much!
-
- Joomla! Apprentice
- Posts: 43
- Joined: Fri Sep 18, 2009 1:06 am
Re: Bad login results in 500 internal server error
for me, it works only if i chmod
(folder) tmp 777
(folder) logs 777
(file) /logs/error.php 777
nothing less.
(folder) tmp 777
(folder) logs 777
(file) /logs/error.php 777
nothing less.
-
- Joomla! Fledgling
- Posts: 1
- Joined: Fri Oct 26, 2012 6:26 am
Re: Bad login results in 500 internal server error
I had the same problem and resolved the issue only when changed access to "777", "755" did not work for me
- pe7er
- Joomla! Master
- Posts: 24986
- Joined: Thu Aug 18, 2005 8:55 pm
- Location: Nijmegen, Netherlands
- Contact:
Re: Bad login results in 500 internal server error
Note that 777 is not safe, see http://docs.joomla.org/Security_Checkli ... or_defaced
Kind Regards,
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
-
- Joomla! Apprentice
- Posts: 31
- Joined: Tue Jan 10, 2012 10:26 am
Re: Bad login results in 500 internal server error
last time i had this server error problem, i notice in the error_log it says memory allocation limit reached, so i just allocated more memory in my php.ini from 45MB to 55MB and it worked just fine.
-
- Joomla! Fledgling
- Posts: 1
- Joined: Mon Jun 27, 2011 10:40 am
Re: Bad login results in 500 internal server error
Thanks for the input. Please also note that for me worked fine only when I put the same path (/web/htdocs....logs & /web/htdocs...tmp) used in configuration.php also in the joomla admin panel (Global Configuration --->System and ----> Server)
-
- Joomla! Fledgling
- Posts: 1
- Joined: Thu May 16, 2013 1:00 pm
- Location: Malaysia
- Contact:
Re: Bad login results in 500 internal server error
i was about to launch sister website by using joomla.. will it be SEO Friendly using Joomla ?
-
- Joomla! Apprentice
- Posts: 11
- Joined: Tue May 21, 2013 7:18 pm
Re: Bad login results in 500 internal server error
if you are having error 500 check your htaccess
-
- Joomla! Apprentice
- Posts: 8
- Joined: Thu Feb 14, 2013 7:05 am
Re: Bad login results in 500 internal server error
Temporarily change logs folder permission to 777.
Submit blank or bad Login (goes to error message).
Change folder permission back to 755.
Submit blank or bad Login (goes to error message).
Change folder permission back to 755.
-
- Joomla! Fledgling
- Posts: 1
- Joined: Mon Sep 29, 2014 11:30 am
- Contact:
Re: Bad login results in 500 internal server error
I've been experiencing the same problem, thanks @kevincchen, setting it to 777 did help.
-
- Joomla! Apprentice
- Posts: 9
- Joined: Sat Oct 11, 2014 12:36 pm
- Contact:
Re: Bad login results in 500 internal server error
Thanks Netelite that was very helpful