Best slot games to win.Makakuha ng libreng 700pho sa bawat deposito

Resolved

(@zmmccrocklin)

Hello,
I am trying to figure out why I can’t view any plugin details in my admin section for any sites hosted on my server. Everything else works perfectly fine, I can download plugins & update them, but I just can’t connect to any of their details pages. I always get that error. Some details:

I have a LAMP stack & root access to my server.
-CentOS 7.6.1810
-Apache 2.4.6
-MariaDB 5.5.60
-PHP 7.2.13
-Let’s Encrypt Cert
–Note: since I used certbot, my 443 vhost block is in a separate file from my 80 vhost block.
-80 vhost has Rewrite Engine on to force HTTP to HTTPS redirect
-All files on the DocRoot are set to 644, directories set to 755

vhost block structure:

<VirtualHost *:80>

    ServerName www.gracecathedralsa.org
    ServerAlias gracecathedralsa.org
    DocumentRoot /var/www/gracecathedralsa.org/public_html
    ErrorLog /var/www/gracecathedralsa.org/error.log
    CustomLog /var/www/gracecathedralsa.org/requests.log combined
    <Directory /var/www/gracecathedralsa.org/public_html>
        Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
        Require all granted
   </Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =gracecathedralsa.org [OR]
RewriteCond %{SERVER_NAME} =www.gracecathedralsa.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

-------------------------------------

<IfModule mod_ssl.c>
<VirtualHost *:443>

    ServerName www.gracecathedralsa.org
    ServerAlias gracecathedralsa.org
    DocumentRoot /var/www/gracecathedralsa.org/public_html
    ErrorLog /var/www/gracecathedralsa.org/error.log
    CustomLog /var/www/gracecathedralsa.org/requests.log combined
    <Directory /var/www/gracecathedralsa.org/public_html>
        Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
        Require all granted
   </Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/gracecathedralsa.org/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/gracecathedralsa.org/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/gracecathedralsa.org/chain.pem
</VirtualHost>
</IfModule>

If you need any other details let me know. I’m at a loss as to why it’s only the plugin details pages that my server is refusing to serve up.

Thanks in advance!

Viewing 9 replies - 16 through 24 (of 24 total)

← 1 2

Thread Starter zmmccrocklin
(@zmmccrocklin)

6 years, 3 months ago
Just the Permalink rewrite block:
```
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
```
Moderator Steven Stern (sterndata)
(@sterndata)

Volunteer Forum Moderator

6 years, 3 months ago
Your website is sending the X-FRAME-OPTION: deny header, which means no iframes are allowed. The plugin info is displayed in an iframe!

Do, you need to disable blocking iframes.

Change that setting in your apache config file(s).

https://geekflare.com/secure-apache-from-clickjacking-with-x-frame-options/

You probably want X-Frame-Options: sameorigin

Props to Clorith for the assistance!
- This reply was modified 6 years, 3 months ago by Steven Stern (sterndata).
- This reply was modified 6 years, 3 months ago by Steven Stern (sterndata).
Thread Starter zmmccrocklin
(@zmmccrocklin)

6 years, 3 months ago

Thank you both! That was it! It was set in my ssl.conf file. I fixed it to SAMEORIGIN & we’re back in business!
alexlii
(@alexlii)

6 years, 2 months ago
Hello,

I got exactly same issue, and we are using Nginx but not Apache, so where or which file I should set:X-Frame-Options: sameorigin please?

Thanks, and have a nice day!
- This reply was modified 6 years, 2 months ago by alexlii.
alexlii
(@alexlii)

6 years, 2 months ago

Hello,

I read these two posts:
https://geekflare.com/wordpress-x-frame-options-httponly-cookie/
https://geekflare.com/add-x-frame-options-nginx/#comment-65189

so I set “header(‘X-Frame-Options: SAMEORIGIN’);” in Wp-config.php.
and I also set “add_header X-Frame-Options “SAMEORIGIN”;” in nginx.conf.

But, still I can not view details of plugins on any subsite, any suggestion please?

Thanks

Thread Starter zmmccrocklin
(@zmmccrocklin)

6 years, 2 months ago

Where did you add the line in the nginx.conf file?

Make sure you add it inside the correct server block. If you are serving your content over HTTPS make sure it’s inside the 443 block. Otherwise it needs to be inside the 80 block.

alexlii
(@alexlii)

6 years, 2 months ago

and Here is the test screenshot:
https://prntscr.com/mb1bbm at https://tools.geekflare.com/tools/x-frame-options-test

but I also note that

referrer-policy strict-origin-when-cross-origin

Is that the reason please? if yes, how should I resolve please?

By the way,

root@101:~# sudo grep -R “X-Frame-Options” /etc/nginx/
/etc/nginx/nginx.conf: add_header X-Frame-Options SAMEORIGIN;
/etc/nginx/nginx.conf: more_set_headers “X-Frame-Options : SAMEORIGIN”;

does that mean duplicate setting ?

alexlii
(@alexlii)

6 years, 2 months ago

Make sure you add it inside the correct server block. If you are serving your content over HTTPS make sure it’s inside the 443 block. Otherwise it needs to be inside the 80 block.

Ok, I understand now, yes we are using https, I am confused:

root@101:~# sudo grep -R “443” /etc/nginx/
/etc/nginx/sites-available/default: # listen 443 ssl default_server;
/etc/nginx/sites-available/default: # listen [::]:443 ssl default_server;
/etc/nginx/sites-enabled/default: # listen 443 ssl default_server;
/etc/nginx/sites-enabled/default: # listen [::]:443 ssl default_server;
root@101:~#

would you please let me know which I should touch? thanks

alexlii
(@alexlii)

6 years, 1 month ago

Hello,

Here is the screenshot of console :https://prntscr.com/mhh4oq
thanks for your further instructions, thanks.