m2pro – redirect error

Hi there,

please advice where and how to change m2pro redirect setting because new members aren’t able to register due to a HTTP405 error. I can assure you that I added the member levels at network admin level and protected-content is set at bestofthebestonly.org (main page) only.

Provider find out that the redirect loop of m2pro direct to a sub domain (aboutme) which is wrong as shown below:

Here is the error that I gound in the Apache Logs:

[Sat Oct 29 07:14:41.531225 2016] [core:error] [pid 29150:tid 139638016366336] [client 192.88.135.4:56938] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use ‘LimitInternalRecursion’ to increase the limit if necessary. Use ‘LogLevel debug’ to get a backtrace., referer: http://bestofthebestonly.org/join/membership-realm/protected-content/?redirect_to=http%3A%2F%2Faboutme.bestofthebestonly.org%2Fto-do-list%2Fthings-to-do%2F

Best Regards,

Robert

  • Adam Czajczyk
    • Support Gorilla

    Hello Robert,

    I hope you’re well today and thank you for your question!

    Let me make sure that we are on the same side here first, shall we please?

    As I understand that, there’s a Membership 2 Pro plugin that’s set to work in a “network-wide” mode, meaning that a single instance of the Membership 2 Pro is able to protect content from across entire network. Is that correct?

    The “aboutme.bestofthebestonly.org/to-do-list/things-to-do/” page is protected so if a logged-out/non-member user visits it, he/she gets redirected to the “Protected Content” page which is the “bestofthebestonly.org/join/membership-realm/protected-content”.

    Can you confirm if I’m right up to this point?

    What should happen theoretically would be that when user visits the “aboutme……” page, he/she gets redirected to Protected Content page and after logging in or signing up, should be redirected back to the “aboutme….” page. Unless there’s so “recurrent/recursive” protection rules setting, any redirect loop shouldn’t be happening here.

    That said, were exactly/at what point that “redirect loop”/HTTP 504 error occurs? What should I do (except paid registration which I’m not able to test) can I do to recreate it on your site in order to see the issue?

    I’m asking this to better understand what’s happening in order to be able to help you. Let me know please.

    Best regards,

    Adam

  • Steven Zimmerman
    • The Incredible Code Injector

    Hello Adam,

    thanks for fast reply. YES I confirm both assumptions you have are ok.

    Now, that said, were exactly/at what point that “redirect loop”/HTTP 504 error occurs? To answer that question:

    If you visit the site bestofthebestonly.org the very first time and wish to signup for the first time at all you would choose provided links to be lead to the signup form (m2pro).

    Then you chose member level ‘explorer – FREE of charge’ an hit the enter button …

    there we go ERROR:

    – some visitor are able to register but NO thank you page appears

    – some visitor get straight away HTTP 405 error

    As you see at that early point no sub domain is in action at all. Does this clarify our request?

    Thanks

    Robert

  • Dimitris
    • Support Star

    Hey there Steven Zimmerman,

    hope you’re doing good and don’t mind me jumping in here! :slight_smile:

    I just went ahead and tried to register a new test user (username: dimitriswpmudev2).

    I was able to complete the BuddyPress registration form, I received my activation link in my inbox and after successfully activating it, I tried to login through bestofthebestonly.org/wp-login.php page but after clicking the Login button I was redirected to another website, http://spam.abuse.net/ :thinking:

    Is there a redirection that you have setted up via M2PRO “Redirect Control” add-on or via another plugin? Please advise! :slight_smile:

    Also, please consider granting us support access to your website so we could more easily inspect your setup and settings. This can be done via our “WPMUDEV Dashboard” plugin and detailed information about it can be found in our manual page here https://premium.wpmudev.org/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Warm regards,

    Dimitris

  • Steven Zimmerman
    • The Incredible Code Injector

    Hello Dimitris,

    thanks for looking into this issue. Due to a sever crash I couldn’t get back to you earlier. However, the redirect error (should be to bestofthebestonly.org) instead as in your case to a spam site or to aboutme.bestof… still exists.

    Support access is granted.

    Looking forward hearing from you were the to change that redirection (cpanel/file manager level; the m2pro ADD-ON option does not work out).

    Thank you

    Robert

  • Predrag Dubajic
    • Support

    Hi Robert,

    I tried having a look at your site but I keep getting ERR_NAME_NOT_RESOLVED error, I even tried using proxy to visit your site from “different” locations but each time I was getting the same error.

    Are you still having issues with your server?

    Can you please check this out and let us know when we can have another look at this?

    Best regards,

    Predrag

  • Steven Zimmerman
    • The Incredible Code Injector

    Hello Predrag,

    thank you for looking at this thread.

    Let me assume you are trying to login in by clicking the link which I posted at the beginning of this conversation … the Apache Logs: [Sat Oct 29 07:14:41.531225 2016] BUT provider fixed Nginx, DNS and related problems with our server already.

    Right? However and unfortunately I do not see that you tried to use the granted support access … (screenshot)

    My latest reply in this thread addresses the issue when Dimitris recognized the existing m2pro problem regards set m2pro USER PERMISSION (don't work).

    Now – dear Predrag – please go ahead and register a new member. You will experience one of the following bugs (based on just one new registration):

    1) You will be able to complete the registration form, you'll received an activation link in your inbox and after successfully activating it, the login to the bestofthebestonly.org site does not work to proceed with payment.

    OR

    2) … after successful activation and LOGIN you'll reach the right website but proceeding to pay works sometimes (thank you page) BUT based on granted permission either navigation pane is missing or despite of granted permission new member will always get CONTENT PROTECTED but that should not be the case because payment went through.

    OR

    3) … if you start to register another user you'll even not be able to finish this process to receive at least the activation message!

    We setup an SQL TRACE (see attachment) which reveals, that it doesn't matter which membership level a registrant takes, the m2pro permission are always the same and ignored.

    This needs to be fixed.

    I do hope this clarifies the current situation we have with m2pro and can be solved once and for all finally.

    Thank you.

    Robert

  • Adam Czajczyk
    • Support Gorilla

    Hello Robert!

    As for no trace of Predrag’s attempts to access the site: the “ERR_NAME_NOT_RESOLVED” error mean that the browser wasn’t able to resolve the domain name and as a result it wasn’t even able to load the site. That means that Predrag wasn’t able to reach the site at all, hence no trace of access.

    As for the issue. I checked the site again and I must say I’m a bit confused now. If I’m not missing anything, it looks like some setup has changed because the entire registration process (which I was now testing again) looks different. First, the homepage is fully protected and second – I wasn’t even given any choice of the membership but instead just a standard BuddyPress registration form. Then I received an activation mail (which worked well) and was able to login but still, no option to select any membership. This is not how it worked when I was checking it previously so could you please shed some more light on this?

    In order to be able to diagnose the issue we need to fully understand it and all your responses here help a lot but the changes on page change the entire “flow”.

    Also, I did a little more research on the 405 error that shows up sometimes and it seems to be related to the NGINX configuration. Can you tell me if there’s any kind of “proxy”/”proxy-like” setup powering your site?

    Best regards,

    Adam

  • Steven Zimmerman
    • The Incredible Code Injector

    Hello Adam,

    sorry, by coincidence we were both at the same time active (while I restored a wrong snapshot).

    Bestofthebestonly.org is setup as you know it to enable you, to proceed with that permission issue.

    WP Hummingbird caused the 405 (nginx and related errors); we deinstalled that plugin entirely from the server which fixed the problem.

    Please let me know the outcome of the major mp2 permission problem and how you could fixed it.

    Thank you.

    Robert

  • Predrag Dubajic
    • Support

    Hi Robert,

    I can access your site front end now as well and I was able to register new account, I didn’t have any issues with completing the registration process itself and activating it from email however I can see that I have no membership assigned to my account.

    I tried to check the backend but unfortunately wordfence keeps blocking me even if I use proxy, could you temporary disable it while we investigate this issue?

    Best regards,

    Predrag

  • Adam Czajczyk
    • Support Gorilla

    Hello Robert!

    I can see that the site now seems to be working as it was before so I guess that wrong snapshot restored explains why I got confused, thanks for letting me know about it :slight_smile:

    Unfortunately, I wasn’t able to access the site as well (being blocked by Sucuri). I’m not sure about Predrag but I’m not able to forward you IP as I don’t get any static IP. It changes and it may change anytime like in a few minutes from now or in a month (there’s no rule). If you are able to unblock by country, Poland would work for me (but not Predrag or most of my other colleagues). It would be better however to find other way to let us go past the blockade (like e.g. temporarily disabling it) because we are a team distributed globally and in order to work on your site we may be accessing it from different locations (and/or different IPs like in my case). Is there anything that can be done in that direction on your end?

    Kind regards,

    Adam

  • Steven Zimmerman
    • The Incredible Code Injector

    Hello developers,

    We respond to your request on behalf of our customer.

    We cannot disable by country the firewall of the server as that will leave the server completely unprotected from any malicious outside traffic that may wish to harm it. We can whitelist any requested IP addresses, however, I do understand that many of the developers are international and on non-static IP addresses and this can pose a problem.

    We will either need to whitelist every IP as it changes or you will need to work to provide a range of IP addresses we can whitelist. Alternatively, you can find a static IP to work from if possible such as a local library or Internet cafe.

    I understand this is not ideal for the developers, but these are the only options given the amount of access you wish the developers to have.

    Best Regards,

    Joshua B

    InMotion Hosting

    888-321-HOST (4678) Available 24/7

  • Adam Czajczyk
    • Support Gorilla

    Hello Robert!

    This is bad news and I admit I’m honestly surprised. Personally, I had a nice hosting account with InMotion in the past and there were no issues like this ever. Maybe your package is better protected then or they just made some changes in their policy.

    I can’t speak on behalf on my colleagues in that case but we can try whitelisting my current IP for now. The problem is that I do not know if it will last for the next 10 minutes or the next month (I hope for the latter) and “finding a static IP” is a no go for me. Usually, the IP “sticks” to me for a couple of weeks so let’s see if that works and in case my access was “terminated” again due to an IP change either me or one of my colleagues will provide you with another one to white list. The current IP is: 83.24.60.191

    Please whitelist it an let’s give it a go, I hope it will last long enough to let me work on this.

    Kind regards,

    Adam

  • Steven Zimmerman
    • The Incredible Code Injector

    Hello Adam,

    Appreciate your positive reply much; thank you. Your IP is whitelisted by now.

    Please register at least two new member:

    a) BotBO Explorer –>to see after successful activation entire navigation bar

    b) Paid level –> choose Bank account 4242 4242 4242 4242 (it’s Sandbox mode)

    any expiry date and pin

    and proceed payment confirmed by THANK YOU page

    you should also see entire Navigation bar

    Note:

    Errors are missing navigation bar / unsuccessful payment

    Best,

    Robert

  • Adam Czajczyk
    • Support Gorilla

    Hello Robert!

    I sorry but that didn’t work. Your response came after I finished my work for yesterday and now when I tried to access the site I was again blocked by Sucuri WebSite Firewall. So, I checked my current IP and it is now different.

    I’m wondering however if there’s another way to go. This block comes from Sucuri and that suggests that you got an account with them. Do you have access to the Sucuri console as their customer? I’m asking this because it seems there’s an option to share “override link” instead of whitelisting IPs. Take a look here please (see point no. 2):

    https://kb.sucuri.net/cloudproxy/Whitelist+and+Blacklist/whitelisting-IP

    If this would be doable it would solve our “access issue” for good I think. Of course I can mark that thread as internal so nobody else than you and support staff would be able to see such link if you shared it or you could even provide me with it via direct message.

    Meanwhile, I’m asking my colleagues if somebody would be able to help us here (having a fixed IP and hopefully having dealt with your site previously).

    Kind regards,

    Adam

  • Steven Zimmerman
    • The Incredible Code Injector

    Hello Adam,

    thank you for your suggestion. I contacted Sucuri and got a very positive reply (I think so) which allows you and your colleagues to access the site.

    I will forward via direct message Sucuri’s response to keep it confidential and please mark that as internal so nobody else than you and WMPU support staff would be able to see and use the link . Please be so kind check your inbox.

    Thank you

    Robert

  • Adam Czajczyk
    • Support Gorilla

    Hello Robert!

    I received your message, thank you. A really good news it that it seems to be working perfectly so I”m now able to access the site.

    The message that you sent was assigned directly to me so only me and some of the support staff (not even entire staff) can access it. The link has not been posted here and nobody else can check the inbox so I think we are good here.

    As I’m now able to access your site, I’ll be checking the site and contacting you (most likely directly via e-mail) as soon as possible. Please keep an eye on your inbox and I hope we’ll now be able to deal with the problem :slight_smile:

    Best regards,

    Adam

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.