Recent Topics
  1. b2evolution CMS Support Forums
  2. b2evolution Development
  3. Bug reports
  4. admin page requires crumb (timeout) even when just refreshed

admin page requires crumb (timeout) even when just refreshed

1 Nov 12, 2015 01:15    

I've modified the code to enable my custom apache configuration: <Location /blog/admin.php> with AuthType basic ...

But now the BackOffice won't work.
It displays :

Un crumb incorrect a été reçu! [loginsalt]

Votre requête a été stoppée pour des raisons de sécurité.

Avez-vous attendu plus de 120 minutes avant de soumettre votre requête?

How could I fix this ?

Best regards,
Michel

PS: the modification

diff --git a/conf/_advanced.php b/conf/_advanced.php
index 6810abf..d0733b5 100644
--- a/conf/_advanced.php
+++ b/conf/_advanced.php
@@ -519,7 +519,8 @@ $emailskins_url = $baseurl.$emailskins_subdir; // You should not need to cha

  • Location of the admin interface dispatcher
    */
    $dispatcher = 'admin.php'; // DEPRECATED
    -$admin_url = $baseurl.$dispatcher;
    +//$admin_url = $baseurl. $dispatcher;
    +$admin_url = 'http://localhost/blog/'.$dispatcher;

    /**

  • Location of the admin skins folder.
Back to top

2 Nov 15, 2015 20:19

@mbr

What version of b2evolution are you using?

Why did you replace $admin_url = $baseurl. $dispatcher; with $admin_url = 'http://localhost/blog/'.$dispatcher; ? There is no need to do it if your $baseurl variable is correctly configured in the _basic_config.php file (http://b2evolution.net/man/basic-config-php).

Does your site work properly without adding the AuthType basic directives?

Back to top

3 Nov 16, 2015 01:14

$admin_url is to be protected by Apache Authentication:

<Location /blog/admin.php>
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
</Location>

Explain me how to achieve this.

Back to top


Form is loading...