Problem with Permalinks

  • Resolved swiss13

    (@swiss13)


    6 years, 9 months ago

    Hi, after I installed and activated IPGB the Settings -> Permalinks is not working. After a long time it is showing a page with an error message indicating that The Page Isn’t Redirecting Properly and the query part of URL is: options-permalink.php?settings-updated=true&ip-geo-block-auth-nonce=89e002d313.
    If I deactivate the IPGB the link Settings -> Permalinks is working well.
    I can not imagine what is the problem. I will appreciate your advice. Thank you.

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @swiss13,

    Sorry for my late reply.

    After a long time it is showing a page with an error message…

    I’m sorry but it was a normal functionality when you enabled “Prevent Zero-day Exploit” in “Back-end target settings” section.

    The basic concept of “Prevent Zero-day Exploit” is that a login credential of WordPress can not be always safe because of Cross-site request forgery vulnerability. It means admin is not always safe!

    CSRF is one of the popular vulnerability which is sometimes combined with other vulnerabilities and may cause more serious security issues. You can find a lot of vulnerable plugin in here and themes in here.

    So a parameter ip-geo-block-auth-nonce=... at the end of URL includes expiration time (6 hours) and this plugin would validate it.

    That’s why you were blocked after a long time.

    When this issue happens, please click “Dashboard” link on the message panel:

    Sorry, your request cannot be accepted

    And give another try what you want to do.

    You can find the documentation in FAQ.

    Thank you for your kind understanding.

    • This reply was modified 6 years, 9 months ago by tokkonopapa.
    Thread Starter swiss13

    (@swiss13)

    Hi, Thank you for your reply. The issue that you describe in your answer is not my issue.
    My problem is that when the IPGB is enabled, when I click on Settings -> Permalinks then it loads for a long time and it redirects to blank page with the following message:

    The page isn’t redirecting properly
    Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
    This problem can sometimes be caused by disabling or refusing to accept cookies.

    There is no Dashboard link.
    I use “WP Hide” plugin. Could this plugin make any problem with yours?

    I will appreciate your response. Thank you.

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @swiss13,

    Sorry for my misunderstanding.

    My problem is that when the IPGB is enabled, when I click on Settings -> Permalinks then it loads for a long time and it redirects to blank page with the following message:

    There seems to be a redirection loop.

    I use “WP Hide” plugin. Could this plugin make any problem with yours?

    It could be possible.

    I’ll check it!

    Thread Starter swiss13

    (@swiss13)

    Thank you very much for your response. I will appreciate if you check it.

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @swiss13,

    I’ve almost found the cause, but am considering how to fix it. One of the reason is in my plugin, but the other reason is in “WP Hide” plugin.

    Please forgive me to take another couple of days.

    Thank you for your patience.

    Thread Starter swiss13

    (@swiss13)

    Thank you very much. I will be waiting for the solution.

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @swiss13,

    I’m sorry to have kept you waiting.

    I found that this issue would be caused by multiple redirection when:

    1. IPGB add a specific query like ip-geo-block-auth-nonce=... when logged-in user clicks a link which goes to admin area, in order to distinguish inbound/outbound request.
    2. When WP hide receives a request to “Permalink” and it is NOT just equal to options-permalink.php?settings-update=true, it will redirect to options-permalink.php?settings-update=true.
    3. When IPGB fetches 2. redirection, it will add ip-geo-block-auth-nonce=... again if HTTP referrer includes ip-geo-block-auth-nonce=....
    4. Then WP hide re-processes 2. again.

    Firefox Network

    IMO, the best way to resolve this issue, WP hide changes just one line in its code like this.

    So I’ll ask the author to do this.

    At the same time I will add some codes to avoid 3. when WP hide is active.

    By the way, I found another issue and one useful thing with the combination of IPGB and WP hide.

    The issue is “Human friendly error page” of IPGB would not work properly when you select “404 not found” as “Response code” on IPGB settings page. I’ll also fix this issue in the next release.

    The useful thing is “Referrer suppressor” of IPGB helps to avoid leaking the name of admin area, especially when administrator carelessly clicks the author’s URL on “Comments” page.

    Comments page

    Anyway, please update IPGB at the next release.

    Thanks for your reporting!

    • This reply was modified 6 years, 9 months ago by tokkonopapa.
    Thread Starter swiss13

    (@swiss13)

    Hi, you did a great job. Thank you very very much.
    I hope the author of WP Hide will make the appropriate code modification.
    5 STARS from me!

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @swiss13,

    I asked the author of WP Hide at their forum to change their code.

    I do not know if they will hear my asking. But at least, I believe that version 3.0.12.1 fixed this issue.

    Thank you so much for your cooperation and 5 starts!!

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Problem with Permalinks’ is closed to new replies.