Unauthorized post-new.php Results in Apache 500 Error?

  • I am baffled by this. I was experiencing some odd 500 errors when people attempted to login when I went to move from a shared hosting site to a DigitalOcean droplet. I tried everything, and nothing jumped out at me, so I decided to go all the way back to the beginning.

    I spun up the droplet, installed PhpMyAdmin, yada yada, but I did not import anything into the site. I removed the two default plugins I never use. I updated and did a “dist-upgrade” on the system.

    Everything looks like it is working correctly, except I noticed some odd 500 errors, already, in the Apache logs. They are probably spammer bots of some type, but that isn’t the odd part.

    I can recreate the error by creating a normal subscriber user and then attempting to go directly to the post-new.php page. An error comes up stating the user does not have permission to post, which is fine, but the logs say 500? Shouldn’t it be 403 or some other error? I don’t understand how this should map.

    By posting as an admin, all is well, but I’m concerned there is something I’m overlooking or something is incorrect to begin with. Should this really be error 500?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Moderator James Huff

    (@macmanx)

    It probably should be a 403, yes. Do you have access to your server error log? That will be separate from the access log.

    Thread Starter IAmMarchHare

    (@iammarchhare)

    /var/www/apache2/error.log doesn’t seem to contain a whole lot except a lot of shutdowns and restarts until this morning when I was working on the .htaccess file that caused some errors for a brief time. I even turned on WP debug, which has a few deprecated and notice lines.

    In the midst of it all, I changed the main URL, and the old one redirects to the new one. These errors seem like they are hammering on the old URL even though to go to the login page they should be automatically redirected. I’m beginning to think these errors are quite different than the ones I saw before, which turned out to probably be a corrupt user database.

    Moderator James Huff

    (@macmanx)

    Hm, and they’re still 500 errors?

    If so, maybe something else is interfering. Try deactivating all plugins. If that resolves the issue, reactivate each one individually until you find the cause.

    If that does not resolve the issue, try switching to the Twenty Fifteen theme to rule-out a theme-specific issue (theme functions can interfere like plugins).

    Thread Starter IAmMarchHare

    (@iammarchhare)

    You’re missing the point. This was a clean install.

    Moderator James Huff

    (@macmanx)

    Hm, ok. Maybe someone over in Digital Ocean’s forums has run into this? Personally, I have never seen what you describe on a clean install, so I’d guess whatever it is will be server-specific.

    Thread Starter IAmMarchHare

    (@iammarchhare)

    Yeah, that is sort of what I’d thought, but I wanted to cover all of the bases. I’m running out of time to do much right now, but I’m seriously considering building my own droplet from the ground up rather than relying upon one of the pre-built one.s

    Moderator James Huff

    (@macmanx)

    That might be better, or at least more fun. ??

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Unauthorized post-new.php Results in Apache 500 Error?’ is closed to new replies.