If O365 Cookie present, redirection to wp-login happens showing ‘TAMPERED WITH’

  • Resolved sebastian225

    (@sebastian225)


    6 years, 8 months ago

    Hi! — First I’d like to see that this is a great plug-in, super easy to setup and has a lot of potential, love it to bits and thanks for sharing it!

    The problem that I’m having is that users are often redirected to ‘TAMPERED WITH’ page after they are authenticated.

    We have site X and site Y and then normal E-mail.

    Not entirely sure when/how this is triggered as it seems a bit random at times but we have links on site X to site Y.

    Let’s assume we’re logged in to O365, login doesn’t show but the plug-in does check for accounts. No page is blacklisted/whitelisted and wordpress accounts are being created by the O365 plug-in.

    Now the redirection occurs when you try to go from site X to site Y and vice versa. You are already logged in, not prompted for O365 credentials as cookie is still present but the users are being redirected to the wp-login page with the ‘TAMPERED WITH’ Error.

    Will keep trying things out to see if there’s something particularly wrong with my WP installation.

    Website X is kind-of customised but website Y is pretty clean except for the theme, no plug-ins that could interfere.

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter sebastian225

    (@sebastian225)

    Update:

    – If I turn the ‘create user account’ setting off, the problem seems to disappear. Tested it repeatedly in every scenario I could imagine and it seems to be gone.

    But now anyone who doesn’t have an account that tries to login is stuck in an infinite loop after authenticating with O365.

    I’ve double checked within Azure and throughout WP and the links are all entered correctly with the / at the end.

    Thread Starter sebastian225

    (@sebastian225)

    Ok, I think I found the culprit!

    It’s the HTTPS.

    This is occuring only when you try to navigate to HTTP and not HTTPS version of the site and you manually type HTTP.

    This was occuring because in the menu I’ve entered the HTTP version of the website.

    Would it be possible to work around this in case people link to the website using the HTTP version of the link?

    In the VPS itself (plesk) I have set to redirect to HTTPS

    Thread Starter sebastian225

    (@sebastian225)

    Final update with solution/issue:

    You know when I said that I had redirect enabled in plesk for HTTP to HTTPS? Well, I went in to try to disable it to see if that’s the problem.

    Turns out I forgot to actually enable that and it was in fact NOT turned on.

    Turning it on seems to have solved it.

    Plugin Author Marco van Wieren

    (@wpo365)

    Sorry that I’ve not reacted any sooner but glad to see you found the solution. Most support issues are actually tracked at github https://github.com/wpo365/wpo365-login/issues or as comments on the website https://www.wpo365.com. And yes, http and https is a common source for the plugin to complain a bit ??

    Plugin Author Marco van Wieren

    (@wpo365)

    Issue resolved.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘If O365 Cookie present, redirection to wp-login happens showing ‘TAMPERED WITH’’ is closed to new replies.