phpBB cookies causing problems with loading of site... ?

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
User avatar
EA117
Registered User
Posts: 630
Joined: Wed Aug 15, 2018 3:23 am
Contact:

Re: phpBB cookies causing problems with loading of site... ?

Post by EA117 » Mon Jun 24, 2019 8:47 pm

J_M wrote:
Mon Jun 24, 2019 8:09 pm
Something else just popped up. I had been successful logging into phpbb via FF w/ cookies turned off. But now I'm getting :Error code: SSL_ERROR_RX_RECORD_TOO_LONG after adding my username/password. But if I clear out the port number "80:" from the URL I can access the forum and I've been logged in?

If I go back to the earlier discussion and remove the "Force server URL settings" the problem goes away. Is this unrelated to the 403/cookies errors?
That's actually one of the kinds of issues expected if the port information was wrong; i.e. if you specified "https://" as the protocol, but then left the port value as "80". Trying to force the browser to speak TLS/SSL to a non-encrypted HTTP port will easily result in SSL_ERROR_RX_RECORD_TOO_LONG, when TLS tries to negotiate with a server that isn't making any attempt to negotiate.

If you haven't bee using "Force server URL settings" before this week in order to overcome some server limitation, you don't actually want this setting enabled, and should leave it set to "No". Which allows phpBB to default rather than "forcing" a specific setting is best, so long as phpBB is able to detect correct defaults from the server it's running on.

In the future if you're ever required to set "Force server URL settings" to "Yes", you'll need to also ensure all of the fields are either blank (in order to continue defaulting) or are set to correct values (such as port 443 if you're using HTTPS, instead of 80).
J_M wrote:
Mon Jun 24, 2019 8:09 pm
I'm tempted to disable "Cookie secure" through the ACP, any chance this would help the 403/cookie problem.. or better question how much would I break if I tried the disable setting?
Leaving "Cookie secure" enabled is best. Your site is going to force people to use HTTPS anyway, so instructing the browser to only submit the cookie over HTTPS connections is appropriate. Having it enabled prevents using the cookies during whatever brief HTTP-only connection might be made before the browser is being redirected to make an HTTPS connection by the .htaccess rewrite rule.

J_M
Registered User
Posts: 258
Joined: Wed Jul 20, 2005 12:26 pm

Re: phpBB cookies causing problems with loading of site... ?

Post by J_M » Tue Jun 25, 2019 1:27 pm

Looks like they found the problem, seems to be working again,

Thanks everyone for the help

Post Reply

Return to “[3.2.x] Support Forum”