Yesterday one of the servers at our datacenter which has cPanel/WHM installed had a network card blow out so we had to migrate to a new server.
Since then users are always getting the:
The security token is missing from your request.
The error which doesn't accrue on WHM the only cPanel. Yet I read online to clear browser cookies but It seems that the issue is server-wide not only myself.
Even when reentering the cPanel password it directs to the cpanel url with a token in, then before anything shows go straight back to the login screen, and does it constantly completely disabling cPanel access.
Does anyone have any ideas on a fix? It has stopped many clients being able to log in.
See the video I have attached too - https://vimeo.com/390572869
NOTE : The below steps will not work on latest cPanel version.
Log into WHM using server ‘root’ password
Search for “Tweak Settings” in WHM search bar
Uncheck “Require security tokens for all interfaces”
save “Tweak Settings”
You can do the same from server backend
Log into server via SSH as ‘root’ user
Edit the file /var/cpanel/cpanel.config using vi editor
vi /var/cpanel/cpanel.config
You will see the line “xsrftokens=1”
Change the line xsrftokens=1 to xsrftokens=0
Save the file and exit
5 Run the below command on the server to update tweak settings
Command : /usr/local/cpanel/whostmgr/bin/whostmgr2 –updatetweaksettings
Now Try accessing cPanel/WHM/webmail in the browser and you won’t see any Security token missing errors.
Related
[EDIT 2]: TL;DR - floccus can't use Digest Authorization, which was how my sabre/dav server was set up. See this GitHub issue.
I've set up a sabre/dav server on a Raspberry Pi 4 by following the instructions here. When I navigate to my server URL in my browser, I get to the sabre web interface. I can upload files here, and they appear in my public folder.
Now, I'm trying to set up floccus to sync my bookmarks with the server, but I'm hitting a wall. I put in my server URL and credentials just as if I were connecting through my browser, and I specify the path where the bookmarks file should be stored. I save those settings, then click 'Sync Now', but I end up with an error: E018: Couldn't authenticate with the server. There's a button beside the error to download a debug log, but it's an empty file.
I've tried various ways of setting the path - a file at the root of my public folder (bookmarks.xbel), a file in a directory further down (bookmarks/bookmarks.xbel), both with and without the file created first, and all of these result in the same error.
Has anyone had any luck with this before that might be able to shine a light on what I'm doing wrong here?
[EDIT]: Using #Marcel Klehr's answer, I managed to track down the response being sent by the server when I try to sync:
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
<s:sabredav-version>3.2.2</s:sabredav-version>
<s:exception>Sabre\DAV\Exception\NotAuthenticated</s:exception>
<s:message>No 'Authorization: Digest' header found. Either the client didn't send one, or the server is misconfigured</s:message>
</d:error>
And these are the headers:
Looks like floccus is using Basic Authorization instead of Digest. I can see in this GitHub issue that Digest is not supported by floccus. I'll try reconfiguring the server to use Basic, and see if that fixes it.
[EDIT 2]: Switching to Basic Authorization fixed the issue. I've marked #Marcel's answer as the Accepted answer, since their guidance helped me track down what was wrong.
You can debug network requests of the extension as follows:
Firefox
Go to about:debugging -> This firefox
click on inspect button next to floccus entry
go to the network tab in the inspector tab
trigger a sync by clicking on sync now for the account of your choice.
check the failing network requests
Chrome
Go to chrome://extensions
enable Developer mode
click on dist/html/background.html button in floccus' entry next to "Inspect views: "
go to the network tab in the inspector window
trigger a sync by clicking on sync now for the account of your choice
check the failing network requests
It looks to me that your actual issue isn't with the path itself but with the server (just look at the error).
Have you tried removing the right-most slash?
In other words, replace http://my-public-ip/sabre/server.php/ with http://my-public-ip/sabre/server.php.
I was using cpanel before, but I'm using Plesk Panel / Centos7 now. I moved my sites to Plesk Panel from CPanel. I'm runing file_get_contents() function, but it's not working on Plesk Panel.
Why? I dont know why. What should i do?
my code;
$data = file_get_contents('http://example.com');
this code is not working on Plesk Panel.
Thanks, best regards.
What is error message says?
if error message says, the stream (URL) requested cannot be opened. There are many possible reasons for this:
1. base URL is bad. $pc['pcname']
2. username and/or password are bad
3. username/password do not have permission on the server
4. Your system cannot reach the server (firewall, PHP permissions, ...)
I would use the following strategy to debug:
1. Dump $url and write it down.
2. Use a browser with debug tools (eg Firefox/Firebug) and try to access that URL.
3. Look at the headers returned to see what error the server reports (if any).
4. Think about why that error is returned
I am running a ReadyNAS 102 and installed MySQL, PHP and phpMyAdmin to setup a database for use with OwnCloud. The first install was successful, but after forgetting some login passwords I decided to go for a full reinstall of the above.
Now, when opening phpMyAdmin, I get the following message:
#1045 Cannot log in to the MySQL server
I understand from other sites that I need to access the config.ini.php file to edit the user details manually (and reset the root), however I have no idea how to access this file on the NAS. Is there a command line access for files on the NAS?
https://www.ostraining.com/blog/coding/error-1045-phpmyadmin/
Built-in phpmyadmin on control panel of my domain is old version so I wanted to change it to new one. I uploaded new version of phpmyadmin through ftp (folder: mydomain.com/phpmyadmin). Previously, I changed config.sample.inc.php to config.inc.php and added random string value in field $cfg['blowfish_secret'].
Now, I cannot login in phpmyadmin and I cannot find which username to use(tried 'root',admin etc...). Whatever I enter in login form i receive error message "Cannot log in to the MySQL server".
I know that It is a problem between phpmyadmin and MySQL, and I don't know what to do next?
To upgrade phpmyadmin, you have to conduct 6 steps:
find your version
find your phpmyadmin directory
copy your configuration file
download the newest version of phpmyadmin
put the new files in place
add your config file
Source.
If you have the config file, then you can solve your problem by following the steps. If you no longer have the config file, then you need to create a config file. To do that, read this.
Besides the secret key, you will have to make sure that the root username and password are entered into your config.inc.php, by default the codings are not there, you have to add them in manually, please refer to below URL (last step) for the code. This apply to both linux and windows server.
http://boxtutor.com/how-to-install-phpmyadmin-in-linux-servers/
Whatever I enter in login form i receive error message "Cannot log in to the MySQL server".
Which is almost certainly caused by
I cannot find which username to use(tried 'root',admin etc...).
You'll need to find your username and password to log in. If you're not sure, ask your hosting provider for assistance with this. It's not something we can help you figure out since it's your login information.
Once you find those, you should be able to enter them directly in the phpMyAdmin login box (provided that you haven't changed the auth_type from the default of 'cookie', which is what I use).
I moved a PHP website from win2003sp2 Standard to win7 Enterprise. Nothing changed. The website works correct in win2003. But in win7 when get service status via win32_query_service_status(), return WIN32_ERROR_ACCESS_DENIED.
I can not figure it out.
As link provided by Dan, I know Win2003 is different from later Windows for remote authenticated users. Is it the root cause that I cannot get the service status via my website page?
Quote: Windows Server 2003 and Windows XP: Remote authenticated users are granted the SC_MANAGER_CONNECT, SC_MANAGER_ENUMERATE_SERVICE, SC_MANAGER_QUERY_LOCK_STATUS, and STANDARD_RIGHTS_READ access rights. These access rights are restricted as described in the previous table as of Windows Server 2003 with SP1
The access right are restricted as of win2003sp1. But the Website works correct on win2003sp2. I think it may be not the root cause.
The user that PHP is running as does not have the correct rights to the SCM database. See here for more information: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685981(v=vs.85).aspx
WIN32_ERROR_ACCESS_DENIED error is "The handle to the SCM database does not have the appropriate access rights" mentioned on php.net.
check current user permission to folder that may be help ..
Finally, change the authentication of the folder where win32_query_service_status() located as below solved my problem.
Anonymous Authentication - Disabled
Windows Authentication - Enabled