Page 1 of 1

Domain vs. IP Login Difficulties

Posted: Thu Nov 15, 2018 5:37 am
by DRsite
My client needed to get a new server (hardware - VPS). The hosting company did the initial move from the still functioning server. On the new server the Joomla site was set up using UserDir (e.g., http://IP.V.4/~user/...) This works until there is a reference to an full URL. I edited my local 'hosts' file to provide (temporary) definition of the client's domain to the new server's IP address. The idea being I can use http://example.com/ instead of the IP address version.

I can access the site fine; however, I cannot log into the administrator area. The login page is re-displayed. There is no error in the Apache error log, the access log shows a POST request (on login) with a return code of 303, then a request for the login page (/administrator/index.php) with a 200 status code. I cannot find any log anywhere in the directory structure that indicates what happened or what error may have been encountered. At any time I can use the IP URL to successfully log in.

I have not been able to find any report of this kind of error, either here or anyplace else. I have worked through pretty much every case I can think of, including hand inspection of the configuration of Joomla and Apache (vhosts file).

tldr;
- http://10.192.168.0/~user/administrator login works.
- http://example.com/administrator login does not.

1) How do I find what is happening (where is this action logged)?
2) What is going wrong?
3) How do I fix it? (this is the most important, but I would really like to know where logs are stored).

A few other notes.
The log_path and tmp_path directories are world writeable. I have confirmed this from other accounts on the server. When looking at a phpinfo() dump, the two URLs indicate that the DOCUMENT_ROOT is different. When using the IP method, DOC ROOT is the system one (/use/local/apache/...); while the domain version indicates the accounts public_html directory. Other differences relate to time and account (system vs. domain).

I have cleared cache.

When I log in using the IP URL, the system configuration looks normal.

All the various login/authentication plugins are enabled (by database inspection).

The same problem happens when I use an .htaccess file or not.

Thank you for reading and assisting.

Re: Domain vs. IP Login Difficulties

Posted: Thu Nov 15, 2018 7:23 am
by toivo
If the host is still in the process of setting up the site, the issues could be easily resolved through a real domain name and the configuration of a proper virtual host. An SSL certificate is also needed.

DRsite wrote:The log_path and tmp_path directories are world writeable.
This anomaly needs to be fixed.

DRsite wrote:When looking at a phpinfo() dump, the two URLs indicate that the DOCUMENT_ROOT is different.
Another issue.

Suggest your client finds a better host.

Re: Domain vs. IP Login Difficulties

Posted: Thu Nov 15, 2018 5:21 pm
by DRsite
Thanks for the quick reply. You mentioned that an certificate is needed. There is one on the production site and it will be transferred. I am trying to get everything working prior to encrypting all communications - it makes debugging easier. Is there something particular in Joomla that
1) requires a cert
2) does a reverse DNS
3) bases operation of DOCUMNET_ROOT during login?

I will be fixing log_path and tmp_path. I just wanted to eliminate that as a possibility.

Does the login sub-system log what happens (accesses, denials, etc)? If so, where?

Thanks

Re: Domain vs. IP Login Difficulties

Posted: Thu Nov 15, 2018 5:37 pm
by Webdongle
If the other site is up and running ... use Akeeba https://docs.joomla.org/Copying_a_Joomla_website . When you have your Domain name associated with the new Host then you can reproduce the site as easily as installing Joomla. You can practice on localhost) restoring the site using the backup jpa file.

Re: Domain vs. IP Login Difficulties

Posted: Thu Nov 15, 2018 6:03 pm
by toivo
DRsite wrote:Is there something particular in Joomla that
1) requires a cert
Joomla caters for both situations, a site with SSL certificate and one without.
DRsite wrote:Does the login sub-system log what happens (accesses, denials, etc)?
Joomla 3.9 introduced the User Actions Log feature. Examples of reports, followed by time (3 minutes ago, 1 day ago etc), name and IP address (unless disabled by Privacy):
  • User johnsmith tried to login to admin
  • User johnsmith logged in to admin
  • User johnsmith logged out from admin
  • User joeblogg tried to login to site
  • User joeblogg logged in to site
  • User joeblogg logged out from site
You can also find extensions from JED, like the popular Admin Tools, which blocks and keeps a record of attempted breaches of security and sends you an email as they occur. The SSL access and error logs in the web server can also provide information, outside the scope of Joomla.

Re: Domain vs. IP Login Difficulties

Posted: Mon Nov 19, 2018 6:24 pm
by leolam
With all respect for my peers here on the forum but I do believe that the issue is not related to certificates or not and others as mentioned. The issue is certainly caused by a wrong hostfile entry in the local PC.

The ip/~username works. The "domain does not so it is a hostfile entry problem me believe. SSL no influence to this.

A very good article to set the hostfile properly (on a local PC) is found https://www.liquidweb.com/kb/dns-hosts-file/ ..... As per forum rules I am not allowed to link to our own knowledge base articles on our hosting portal (gws-host.com) where we explain this so I have to link you to another side (sorry for that)!

Leo 8)