Can’t reset password

  • Resolved Jack Tang

    (@kydtf520)


    2 years, 10 months ago

    Hi, I found that I can’t reset my password for my website.
    First, I disabled the litespeed cache plugin and the site’s reset password function works properly.
    The logs are as follows.

    01/24/22 13:09:32.914 [181.139.210.76:33997 1 56W] ?? ------POST HTTP/1.1 (HTTPS) /forgot-password ? act=lostpassword
01/24/22 13:09:32.914 [181.139.210.76:33997 1 56W] HTTP_REFERER: https://www.banzhuti.com/forgot-password
01/24/22 13:09:32.914 [181.139.210.76:33997 1 56W] User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
01/24/22 13:09:32.914 [181.139.210.76:33997 1 56W] Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
01/24/22 13:09:32.914 [181.139.210.76:33997 1 56W] Accept Encoding: gzip, deflate, br
01/24/22 13:09:32.914 [181.139.210.76:33997 1 56W] Cookie: PHPSESSID=dki0vu4584i2e274ndftbr6rqc; Hm_lvt_43aec595bc2c96e02f19e919bb2960fc=1643000971; um_check_nonce=da5e3e9ba3; Hm_lpvt_43aec595bc2c96e02f19e919bb2960fc=1643000972
01/24/22 13:09:32.914 [181.139.210.76:33997 1 56W] X-LSCACHE: true
01/24/22 13:09:32.914 [181.139.210.76:33997 1 56W] LSCACHE_VARY_COOKIE: ,wp-postpass_4491e354e1d1a47d893aeaab2a7593fc
01/24/22 13:09:32.937 [181.139.210.76:33997 1 56W] [Core] Bypassed due to debug disable all setting

01/24/22 13:09:54.278 [181.139.210.76:33997 1 xsc] ?? ------GET HTTP/1.1 (HTTPS) /forgot-password ? act=resetpass&key=aGSJmWqrLH5UskY5DZr8&login=yuki
01/24/22 13:09:54.278 [181.139.210.76:33997 1 xsc] User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
01/24/22 13:09:54.278 [181.139.210.76:33997 1 xsc] Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
01/24/22 13:09:54.278 [181.139.210.76:33997 1 xsc] Accept Encoding: gzip, deflate, br
01/24/22 13:09:54.278 [181.139.210.76:33997 1 xsc] Cookie: PHPSESSID=dki0vu4584i2e274ndftbr6rqc; Hm_lvt_43aec595bc2c96e02f19e919bb2960fc=1643000971; um_check_nonce=da5e3e9ba3; Hm_lpvt_43aec595bc2c96e02f19e919bb2960fc=1643000979
01/24/22 13:09:54.278 [181.139.210.76:33997 1 xsc] X-LSCACHE: true
01/24/22 13:09:54.278 [181.139.210.76:33997 1 xsc] LSCACHE_VARY_COOKIE: ,wp-postpass_4491e354e1d1a47d893aeaab2a7593fc
01/24/22 13:09:54.299 [181.139.210.76:33997 1 xsc] [Core] Bypassed due to debug disable all setting

    Then I enabled litespeed cache plugin, the password reset function does not work properly, the logs are as follows.

    01/24/22 13:10:20.868 [181.139.210.76:33997 1 IxT] ?? ------POST HTTP/1.1 (HTTPS) /forgot-password ? act=lostpassword
01/24/22 13:10:20.868 [181.139.210.76:33997 1 IxT] HTTP_REFERER: https://www.abc.com/forgot-password
01/24/22 13:10:20.868 [181.139.210.76:33997 1 IxT] User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
01/24/22 13:10:20.868 [181.139.210.76:33997 1 IxT] Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
01/24/22 13:10:20.868 [181.139.210.76:33997 1 IxT] Accept Encoding: gzip, deflate, br
01/24/22 13:10:20.868 [181.139.210.76:33997 1 IxT] Cookie: PHPSESSID=dki0vu4584i2e274ndftbr6rqc; Hm_lvt_43aec595bc2c96e02f19e919bb2960fc=1643000971; um_check_nonce=da5e3e9ba3; Hm_lpvt_43aec595bc2c96e02f19e919bb2960fc=1643001022
01/24/22 13:10:20.868 [181.139.210.76:33997 1 IxT] X-LSCACHE: true
01/24/22 13:10:20.868 [181.139.210.76:33997 1 IxT] LSCACHE_VARY_COOKIE: ,wp-postpass_4491e354e1d1a47d893aeaab2a7593fc
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] [Router] get_role:
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] [Media] init
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] [Avatar] init
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] [LQIP] init
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] [Optm] init
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] [CDN] init
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] ? Task init
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] [Router] LSCWP_CTRL bypassed empty
01/24/22 13:10:20.894 [181.139.210.76:33997 1 IxT] [GUI] init
01/24/22 13:10:20.900 [181.139.210.76:33997 1 IxT] ?? [Tag] Add --- HTTP.200
01/24/22 13:10:20.900 [181.139.210.76:33997 1 IxT] [Ctrl] X Cache_control init on
01/24/22 13:10:22.629 [181.139.210.76:33997 1 IxT] [Util] external
01/24/22 13:10:22.629 [181.139.210.76:33997 1 IxT] [Util] external
01/24/22 13:10:22.629 [181.139.210.76:33997 1 IxT] [Util] external
01/24/22 13:10:22.641 [181.139.210.76:33997 1 IxT] [Core] Footer hook called
01/24/22 13:10:22.641 [181.139.210.76:33997 1 IxT] [Util] external
01/24/22 13:10:22.641 [181.139.210.76:33997 1 IxT] [Util] external
01/24/22 13:10:22.641 [181.139.210.76:33997 1 IxT] [Util] external
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Core] CHK html bypass: not get method POST
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Ctrl] X Cache_control off - not GET method:POST
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Ctrl] X Cache_control -> no Cache => LiteSpeed\Control::set_nocache()@362 => LiteSpeed\Control->finalize()@655 => LiteSpeed\LSC->send_headers()@492 => WP_Hook->apply_filters(,ARRAY)@303 => WP_Hook->do_action(ARRAY)@327 =>
/home/abc.com/public_html/wp-includes/load.php@470
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Router] get_role:
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Vary] role id: failed, guest
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Router] get_role:
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Router] get_role:
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Vary] no custimzed vary
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] ?? X-LiteSpeed-Cache-Control: no-cache
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Core] CHK html bypass: not get method POST
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Media] bypass: Not frontend HTML type
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] GUI bypassed by no counter
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] [Optm] bypass: Not frontend HTML type
01/24/22 13:10:22.642 [181.139.210.76:33997 1 IxT] End response
--------------------------------------------------------------------------------

01/24/22 13:10:33.442 [181.139.210.76:33997 1 5TF] ?? ------GET HTTP/1.1 (HTTPS) /forgot-password ? act=resetpass&key=D9GEwQ9h3d0AbHaxREO1&login=yuki
01/24/22 13:10:33.442 [181.139.210.76:33997 1 5TF] User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
01/24/22 13:10:33.442 [181.139.210.76:33997 1 5TF] Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
01/24/22 13:10:33.442 [181.139.210.76:33997 1 5TF] Accept Encoding: gzip, deflate, br
01/24/22 13:10:33.442 [181.139.210.76:33997 1 5TF] Cookie: PHPSESSID=dki0vu4584i2e274ndftbr6rqc; Hm_lvt_43aec595bc2c96e02f19e919bb2960fc=1643000971; um_check_nonce=da5e3e9ba3; Hm_lpvt_43aec595bc2c96e02f19e919bb2960fc=1643001026
01/24/22 13:10:33.442 [181.139.210.76:33997 1 5TF] X-LSCACHE: true
01/24/22 13:10:33.442 [181.139.210.76:33997 1 5TF] LSCACHE_VARY_COOKIE: ,wp-postpass_4491e354e1d1a47d893aeaab2a7593fc
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] [Router] get_role:
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] [Media] init
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] [Avatar] init
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] [LQIP] init
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] [Optm] init
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] [CDN] init
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] ? Task init
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] [Router] LSCWP_CTRL bypassed empty
01/24/22 13:10:33.468 [181.139.210.76:33997 1 5TF] [GUI] init
01/24/22 13:10:33.473 [181.139.210.76:33997 1 5TF] ?? [Tag] Add --- HTTP.200
01/24/22 13:10:33.474 [181.139.210.76:33997 1 5TF] [Ctrl] X Cache_control init on
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] ?? [Tag] Add --- HTTP.302
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Core] CHK html bypass: miss footer const
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Ctrl] X Cache_control off - Admin configured URI Do not cache: forgot-password?act
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Ctrl] X Cache_control -> no Cache => LiteSpeed\Control::set_nocache()@362 => LiteSpeed\Control->finalize()@655 => LiteSpeed\LSC->send_headers()@492 => WP_Hook->apply_filters(,ARRAY)@303 => WP_Hook->do_action(ARRAY)@327 =>
/home/abc.com/public_html/wp-includes/load.php@470
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Router] get_role:
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Vary] role id: failed, guest
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Router] get_role:
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Router] get_role:
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Vary] no custimzed vary
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] ?? X-LiteSpeed-Cache-Control: no-cache
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Core] CHK html bypass: miss footer const
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Media] bypass: Not frontend HTML type
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] GUI bypassed by no counter
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] [Optm] bypass: Not frontend HTML type
01/24/22 13:10:33.477 [181.139.210.76:33997 1 5TF] End response
--------------------------------------------------------------------------------

01/24/22 13:10:33.561 [181.139.210.76:33997 1 bvO] ?? ------GET HTTP/1.1 (HTTPS) /forgot-password ? act=lostpassword&error=invalidkey
01/24/22 13:10:33.561 [181.139.210.76:33997 1 bvO] User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
01/24/22 13:10:33.561 [181.139.210.76:33997 1 bvO] Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
01/24/22 13:10:33.561 [181.139.210.76:33997 1 bvO] Accept Encoding: gzip, deflate, br
01/24/22 13:10:33.561 [181.139.210.76:33997 1 bvO] Cookie: PHPSESSID=dki0vu4584i2e274ndftbr6rqc; Hm_lvt_43aec595bc2c96e02f19e919bb2960fc=1643000971; um_check_nonce=da5e3e9ba3; Hm_lpvt_43aec595bc2c96e02f19e919bb2960fc=1643001026
01/24/22 13:10:33.561 [181.139.210.76:33997 1 bvO] X-LSCACHE: true
01/24/22 13:10:33.561 [181.139.210.76:33997 1 bvO] LSCACHE_VARY_COOKIE: ,wp-postpass_4491e354e1d1a47d893aeaab2a7593fc
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] [Router] get_role:
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] [Media] init
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] [Avatar] init
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] [LQIP] init
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] [Optm] init
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] [CDN] init
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] ? Task init
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] [Router] LSCWP_CTRL bypassed empty
01/24/22 13:10:33.587 [181.139.210.76:33997 1 bvO] [GUI] init
01/24/22 13:10:33.592 [181.139.210.76:33997 1 bvO] ?? [Tag] Add --- HTTP.200
01/24/22 13:10:33.593 [181.139.210.76:33997 1 bvO] [Ctrl] X Cache_control init on
01/24/22 13:10:33.595 [181.139.210.76:33997 1 bvO] [Util] external
01/24/22 13:10:33.595 [181.139.210.76:33997 1 bvO] [Util] external
01/24/22 13:10:33.595 [181.139.210.76:33997 1 bvO] [Util] external
01/24/22 13:10:33.607 [181.139.210.76:33997 1 bvO] [Core] Footer hook called
01/24/22 13:10:33.607 [181.139.210.76:33997 1 bvO] [Util] external
01/24/22 13:10:33.607 [181.139.210.76:33997 1 bvO] [Util] external
01/24/22 13:10:33.607 [181.139.210.76:33997 1 bvO] [Util] external
01/24/22 13:10:33.607 [181.139.210.76:33997 1 bvO] [Core] Footer check passed
01/24/22 13:10:33.607 [181.139.210.76:33997 1 bvO] [Ctrl] X Cache_control off - Admin configured URI Do not cache: forgot-password?act
01/24/22 13:10:33.607 [181.139.210.76:33997 1 bvO] [Ctrl] X Cache_control -> no Cache => LiteSpeed\Control::set_nocache()@362 => LiteSpeed\Control->finalize()@655 => LiteSpeed\LSC->send_headers()@492 => WP_Hook->apply_filters(,ARRAY)@303 => WP_Hook->do_action(ARRAY)@327 =>
/home/abc.com/public_html/wp-includes/load.php@470
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] [Router] get_role:
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] [Vary] role id: failed, guest
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] [Router] get_role:
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] [Router] get_role:
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] [Vary] no custimzed vary
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] ?? X-LiteSpeed-Cache-Control: no-cache
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] [Core] Footer check passed
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] [Media] bypass: Not cacheable
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] GUI bypassed by no counter
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] [Optm] bypass: Not cacheable
01/24/22 13:10:33.608 [181.139.210.76:33997 1 bvO] End response

    I’ve set the reset password URL to not cache, but it still doesn’t work.
    Please tell me what is causing the problem, thanks!

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support qtwrk

    (@qtwrk)

    Hi,

    how exactly does it not work ?

    any more specific error message ?

    anything shows up in dev tool console ?

    Best regards,

    Thread Starter Jack Tang

    (@kydtf520)

    Hi,I set the website member reset password URL as abc.com/forgot-password
    I can receive an email with a link to reset password in my mailbox, and after clicking the link, I am prompted with invalidkey and cannot reset the password.
    But after disabling the litespeed cache plugin, the password reset function is normal, and I can reset the password normally by clicking the reset password link in the email.

    Plugin Support qtwrk

    (@qtwrk)

    from log the LSCWP doesn’t cache or optimize the cache from your setting

    if you check and compare the HTML output on both cases , do they show any difference in HTML source ?

    Thread Starter Jack Tang

    (@kydtf520)

    Find out what’s wrong,it was memcached that was causing the problem and I found a solution.
    by including “userlogins” in the “Do Not Cache Groups” in the Object Cache settings.
    Referenced here: https://forum.openlitespeed.org/threads/object-cache-redis-causing-reset-password-link-invalid.4479/
    Then, working properly.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Can’t reset password’ is closed to new replies.