miniBB ® 

miniBB

®
Support Forums
  
 | Start | Register | Search | Statistics | File Bank | Manual |
The Other miniBB Support Forums / The Other /  
 

" Sorry, it seems like an intrusion attempt or your server doesn't support HTTP referrers! " error

 
 
Page  Page 1 of 2:  1  2  Next »

Author jcu
Partaker
#1 | Posted: 19 May 2009 13:14 
One more problem on having updated the code of the forum:

When it is entered from a computer by operating system Mac it gives the following mistake

"Sorry, it seems like an intrusion attempt or your server doesn't support HTTP referrers!"

That can be?

Author Team
8-)
#2 | Posted: 20 May 2009 03:51 
This error is related to the miniBB protection algorithm which allows to post only from the original domain (to prevent hacking from external domains or servers). The code is located at the very top of index.php and is executed each time when you post something to forums.

I don't know what kind of Mac OS version are you using and what kind of browsers, but it is obvious that this browser doesn't support HTTP_REFERER variable.

You may check index.php for the code which begins with

/* Allowing to post only from the internal or allowed domain */

and ends with

/* --Allowing to post */

and comment or remove this code, but it will increase a potential risk of hacking your software.

Author jcu
Partaker
#3 | Posted: 20 May 2009 05:47 
Thank you very much for the response. Already he had thought to eliminate this part of the code, but he did not know if it was necessary or not.

Apparently it happens with the browsers Safari and FireFox.

A greeting Juan Carlos

Author Paul
Lead Developer 
#4 | Posted: 20 May 2009 08:54 
I am using the latest version of FireFox and it works great.

If it wouldn't work, we probably would get attacked by the crowd of users :-) But it SHOULD work in every normal browser, HTTP_REFERER is a standard.

Author kolia
Partaker
#5 | Posted: 12 Aug 2009 16:02 
[moved]

Hi guys,

I'am testing a new board, and started getting this error "Sorry, it seems like an intrusion attempt or your server doesn't support HTTP referrers!" it is happening right after i try to log in. I have another forum but older version and it does not happen on that one.

I checked in google and there is also a forum running minibb and having the same problem this one:

https://www.bitblinder.com/forum/index.php?action=vthread&forum=2&topic=67]

mine is here:
http://www.gdebolit.com/forum]www.gdebolit.com/forum

but if I try to make a reply to a post and enter my login info there, then it works.

what can it be? :)

I was using IE, and Firefox latest version.

Author Paul
Lead Developer 
#6 | Posted: 14 Aug 2009 07:02 
The problem may come from the comparison of $_SERVER['HTTP_REFERER'] with the $main_url you have specified in settings.

The most common mistake when setting up the forums (or any other domain) is to keep both 'www' and non-www versions of the same domain pointing to the same website.

If you have set up $main_url for miniBB having 'www' in it, then you might enter your domain without 'www' which is obviously a very different thing, but it will give you an impression you are entering the same site, at the time it is not.

You need to set up .htaccess to redirect from non-www to www-version, if 'www' is set up under $main_url. Or otherwise, if you would like to run the forums from www version, .htaccess must redirect from www to non-www.

As you might know, it's also useful for search engines - they all prefer to avoid duplicate content on different domains.

This is also related to cookies - www and non-www domains are very different things in terms of security.

So, for the forums, you must have only one domain set up. If you don't know what kind of code to put under .htaccess, just reply and I will try to find the proper piece on my HDD.

Author kolia
Partaker
#7 | Posted: 14 Aug 2009 10:03 
Thanks Paul, will give it a try.

Author Sergeusz
Partaker
#8 | Posted: 14 Aug 2009 11:22 
Paul:
you don't know what kind of code to put under .htaccess
It will be nice, if you or somebody else provide the code

Author tom322
Active Member
#9 | Posted: 14 Aug 2009 11:34 
Sergeusz:
It will be nice, if you or somebody else provide the code
Try this:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com$ [NC]
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [R=301,L]

Author kolia
Partaker
#10 | Posted: 14 Aug 2009 13:19 
this is what i have in mine

RewriteEngine On
RewriteRule ^index\.html$ ./index.php?mdrw=on
RewriteRule ^manual\.html$ ./index.php?action=manual&mdrw=on
RewriteRule ^([0-9]+)_([0-9]+)_([-0-9]+)\.html$ ./index.php?action=vthread&forum=$1&topic=$2&page=$3&mdrw=on
RewriteRule ^([0-9]+)_([-0-9]+)\.html$ ./index.php?action=vtopic&forum=$1&page=$2&mdrw=on

Author tom322
Active Member
#11 | Posted: 14 Aug 2009 14:55 
Then try this instead:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com$ [NC]
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [R=301,L]
RewriteRule ^index\.html$ ./index.php?mdrw=on
RewriteRule ^manual\.html$ ./index.php?action=manual&mdrw=on
RewriteRule ^([0-9]+)_([0-9]+)_([-0-9]+)\.html$ ./index.php?action=vthread&forum=$1&topic=$2&page=$3&mdrw=on
RewriteRule ^([0-9]+)_([-0-9]+)\.html$ ./index.php?action=vtopic&forum=$1&page=$2&mdrw=on

Author siberiatravel
Partaker
#12 | Posted: 13 Nov 2010 02:12 
if my forum
http://www.youdomain.net/forum/
That I should make:

RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com$ [NC]
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [R=301,L]

Author Paul
Lead Developer 
#13 | Posted: 15 Nov 2010 04:33 
siberiatravel
Sorry, we didn't understand the nature of your question.

Author thew78
Guest
#14 | Posted: 7 Dec 2010 01:47 
Im having the same problem, how can i solve this?

Author Paul
Lead Developer 
#15 | Posted: 7 Dec 2010 03:14 
thew78: the solution is above, just scroll up or down this page.

Page  Page 1 of 2:  1  2  Next » 
The Other miniBB Support Forums / The Other /
 " Sorry, it seems like an intrusion attempt or your server doesn't support HTTP referrers! " error
 Share Topic's Link

Your Reply Click this icon to move up to the quoted message


  ?
Post as a Guest, leaving the Password field blank. You could also enter a Guest name, if it's not taken by a member yet. Sign-in and post at once, or just sign-in, bypassing the message's text.


Before posting, make sure your message is compliant with forum rules; otherwise it could be locked or removed with no explanation.

 

 
 
miniBB Support Forums Powered by Forum Software miniBB ® Home  Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contact Us
Try the Captcha add-on: protect your miniBB-forums from the automated spam and flood.


  ⇑