|
TKT
|
March 30, 2017 at 4:18 pm
Hi,
When trying to login to the event app using my iphone6, I received the following error message ‘The server was acting as a gateway or proxy and received an invalid response from the upstream server.’
I saw some older posts here reporting the same error. I tried all those possible solution including one on https://eventespresso.com/wiki/ee4-event-apps/#troubleshooting. I also made sure that the required minimum capabilities apply. None seems to solve the issue for me.
Could you please advise?
|
|
TKT
|
March 30, 2017 at 9:16 pm
FYI, the error on an android is different, which is ‘Connection error. Unable to load data’.
|
|
Josh
|
March 31, 2017 at 7:59 am
Hi there,
The errors that you’re seeing in the app indicate that the URL input into the first field of the app login screen does not match the URL of your website. May I ask, what’s the URL that you input there?
|
|
TKT
|
March 31, 2017 at 8:07 am
Hi Josh,
Thanks for your message. As for the URL, I’ve tried them all – http://www.tickettail.com, http://tickettail.com, http://www.tickettail.com/.
None is working.
Please advise.
|
|
Tony
|
March 31, 2017 at 8:28 am
Looking over your site the JSON API is returning error 500 when testing the andpoints.
Do you have access to the servers error logs? If so take a look and see if there are any fatal errors shown in the log recently.
Or, if you enable WP_DEBUG on the site we should be able to see the error shown then.
|
|
Josh
|
March 31, 2017 at 8:33 am
This URL in a browser returns some JSON data about the event:
http://tickettail.com/wp-json/ee/v4.8.36/events
So we know that at least the JSON API is working on your website. The other things to check is whether the apps are getting blocked by a security setting or plugin. You can install this plugin to log the requests from the apps:
https://wordpress.org/plugins/wp-rest-api-log/
After you activate this plugin, you can try the app again, then go to WordPress > Tools > REST API log to see the request.
It may help to temporarily deactivate any security plugins if installed to check whether they may be blocking the requests from the apps.
|
|
TKT
|
March 31, 2017 at 8:49 am
Here’s what I got from the log
Date: 2017-03-31 21:28:29
Source: WP REST API
Method: GET
Status: 200
Elapsed Time: 680ms
Response Length: 120,427
User:
IP Address: 75.133.216.14
HTTP X Forwarded For: 75.133.216.14
|
|
TKT
|
March 31, 2017 at 8:59 am
Which part of the log should we be looking at?
|
|
Tony
|
March 31, 2017 at 10:16 am
Do you have any security plugins installed on the site?
Do you have any plugins that alter the REST API installed on your site?
(Check your plugin list for ANY plugin that mentioned REST)
Either something is blocking the requests or your server is throwing an error when the apps are making a request (but oddly enough not when the browser makes one).
|
|
TKT
|
March 31, 2017 at 10:31 am
Hi Tony,
For security plugins, I have WP-Spamshield and Wordfence Security installed. I have, however, deactivated for diagnosing this error. I still have the same error nessages.
As for REST API, I checked see only the WP Rest API (Version 2.0-beta15) that seems relevant.
|
|
Josh
|
March 31, 2017 at 11:24 am
If you check your website’s .htaccess file, is there any code between these two .htaccess comments?
# Wordfence WAF
# END Wordfence WAF
|
|
TKT
|
March 31, 2017 at 1:17 pm
No, there are no such comments.
This is what is currently in .htaccess
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteRule ^^oauthcallback/(.*)? /wp-content/plugins/appfbconnect/inc/oauthcallback.html [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
|
|
Josh
|
March 31, 2017 at 2:26 pm
You could try this edit to the .htaccess file:
Add a new line immediately before the line that has
# BEGIN WordPress
and add this:
# Begin Custom htaccess
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
# End Custom htaccess
If you still can’t log in with the app, you can try deactivating all other plugins installed on the site except for the Event Espresso plugins and the Application Passwords plugin.
|
|
TKT
|
April 3, 2017 at 11:20 am
I tried deactivating all the other plugins, the same error messages still persist.
|
|
Josh
|
April 3, 2017 at 11:36 am
Did you make the edit to the .htaccess file?
|
|
TKT
|
April 3, 2017 at 11:53 am
Yes, I did.
Is it possible the host is blocking calls from the app?
|
|
Josh
|
April 3, 2017 at 1:05 pm
One way to find out would be check the server’s access logs.
|
|
TKT
|
April 4, 2017 at 12:01 am
Ok, I have the logs now. Could you please advise on how to make use of them?
|
|
Josh
|
April 4, 2017 at 7:07 am
You’ll look at the exact times where you tried to use the app and see if anything was logged at those moments. It may help to try the app, then immediately check the access logs.
Also, if the requests from the app are reaching your site, then you can also check what was logged from the WP REST API Log plugin at those same times.
|
|
TKT
|
April 4, 2017 at 10:56 am
I have access to two types of logs (via DirectAdmin)- Web Usage Log and Web Error Log. I reviewed both of them but did not see anything that should represent calls from the app. I’m not too sure though. How would the calls from the app be listed there?
|
|
Josh
|
April 5, 2017 at 7:22 pm
If your logs include IP addresses, then the IP address of your iphone will be included in the request. If your logs include user agent strings, this is what the typical user agent string from the app:
EventEspressoHD\/3 CFNetwork\/808.3 Darwin\/16.3.0
|
|
TKT
|
April 6, 2017 at 11:48 am
Ok, I dont think I see any request from the app in the logs. How am I supposed to proceed next?
|
|
Josh
|
April 6, 2017 at 12:10 pm
You can check with your host to see if they have mod_security rules or a firewall configured to block requests from the app.
|
|
TKT
|
April 7, 2017 at 12:21 pm
Hi, the host would like to know what would be the request URL of the calls?
|
|
Josh
|
April 7, 2017 at 12:44 pm
Some examples include:
/wp-json/ee/v4.8.36/site_info
/wp-json/ee/v4.8.36/events?where%5BDatetime.DTT_EVT_start%5D%5B%5D=%3E&where%5BDatetime.DTT_EVT_start%5D%5B%5D=2017-04-07T23:59:00&order_by%5BEVT_name%5D=ASC&include=Datetime.*,Venue.*&calculate=Datetime.spaces_remaining_considering_tickets,Datetime.registrations_checked_in_count,Datetime.registrations_checked_out_count,Datetime.spots_taken_pending_payment,image_thumbnail,image_large,image_medium&limit=0,50&caps=read_admin
|
|
TKT
|
April 7, 2017 at 9:44 pm
The host adjusted the firewall and now I’m able to see the calls in the logs file. However, I’m still unable to login with exactly the same errors as before.
Here’s what I see in the logs.
for iOS,
27.145.42.51 – event_admin [08/Apr/2017:10:41:03 +0700] “HEAD / HTTP/1.0” 500 322 “-” “EventEspressoHD/3 CFNetwork/808.3 Darwin/16.3.0”
for android,
27.145.42.51 – event_admin [08/Apr/2017:10:43:32 +0700] “HEAD / HTTP/1.0” 500 380 “-” “okhttp/3.2.0”
THis is what’s currently in my htaccess file
# BEGIN WordPress
# Begin Custom htaccess
SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1
# End Custom htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
|
|
Josh
|
April 10, 2017 at 10:01 am
The part in the .htaccess file where you added
# Begin Custom htaccess
SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1
# End Custom htaccess
needs to get moved to the line before
# BEGIN WordPress
because otherwise the next time the rewrite rules get reset, you’ll lose those changes.
Can you check with your host to see if they’ll allow the Authorization header to get passed in the request?
|
|
TKT
|
April 10, 2017 at 3:20 pm
Hi Josh, I modified the htaccess again per your instruction but the errors still persist. I also checked with the host and they confirmed that they allow such modification.
Now, what might be the next step to resolve this?
|
|
Josh
|
April 10, 2017 at 3:36 pm
They confirmed that they allow such modification, but can they confirm that they’ll actually allow the Authorization header to get passed when using Basic Auth?
|
|
TKT
|
April 10, 2017 at 3:50 pm
Yes, they did confirm that too. (Anyway, is there a way we can check if that’s the case?)
What might be the next step to solve this?
|
|
Josh
|
April 10, 2017 at 4:33 pm
You can use the Postman app to send a GET request to the /registrations/ route and include your WordPress username and password in the Basic Auth header.
This is a screenshot that shows an example of the above request in Postman:
https://www.evernote.com/l/AAR1Lix4IyBK5IXi4I8DJ5vuD5rSNWOnr0I
|
|
TKT
|
April 11, 2017 at 9:09 am
In the Postman App, what would be the URL to “Get” for my site?
Is it http://tickettail.com/four/wp-json/ee/v.4.8.36/registrations?
|
|
Josh
|
April 11, 2017 at 9:27 am
No, the /registrations/ route on your site is:
http://tickettail.com/wp-json/ee/v4.8.36/registrations
When I try the above URL in Postman, I get a 500 server error, so it’s looking like a fatal error is being thrown on your site when that route is requested.
|
|
TKT
|
April 11, 2017 at 9:42 am
I got a 500 server error too. What can we make of this and what would you suggest I do?
Thanks,
|
|
Josh
|
April 11, 2017 at 10:04 am
I can suggest that you activate WP_DEBUG and check the debug.log file in the wp-content folder and/or check the server’s error logs for the time when you got the 500 server error.
|
|
TKT
|
April 11, 2017 at 11:33 am
The error I got is
[Tue Apr 11 23:20:35.164030 2017] [core:crit] [pid 2737] (13)Permission denied: [client 50.1.94.249:10823] AH00529: /home/tickettail/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that ‘/home/tickettail/’ is executable
Seems like the path /home/tickettail/.htaccess is incorrect. It should be /home/tickettail/domain/tickettail.com/public_html/.htaccess
So I guess we have to modify so that the URL http://tickettail.com/wp-json/ee/v4.8.36/registrations points to the correct path? Please advise
|
|
Josh
|
April 11, 2017 at 11:52 am
I can advise that you contact your host about the error because that’s a server configuration issue. You’ll note that there’s no issue with the same URL pattern if it’s a request that doesn’t require authorization, like this one:
http://tickettail.com/wp-json/ee/v4.8.36/events/
|
|
TKT
|
April 12, 2017 at 10:31 am
The host insisted they did not alter the configuration at all. I’m not sure what to do now.
Is there a way we can check or change the path called by the URL http://tickettail.com/wp-json/ee/v4.8.36/registrations?
|
|
Josh
|
April 12, 2017 at 11:07 am
The host will need to fix the configuration to allow the Authorization header to be passed when Authentication is required for a GET request. How is it that changing the path called by the URL is going to fix anything?
Did you actually share the “Permission denied:” error message with the host so they can review?
|
|
Josh
|
April 12, 2017 at 11:34 am
You can also share the following information with your host:
http://stackoverflow.com/questions/20627084/permission-denied-var-www-abc-htaccess-pcfg-openfile-unable-to-check-htacces
https://wiki.apache.org/httpd/PcfgOpenfile
|
