36
I would like to add to this forum post something similar I have been trying to solve for quite some time. All my sites are running 2.2.4 (I'll install test 2.0.14). From one secure network none of the users can login. Exactly the same thing. Logged in, and then brought to home page. I even tried to set http_referer off in xoops/xoopssecurity.php
if ($ref == '') {
return false; // HTTP_REFERER absent
}
$pref = parse_url($ref);
if ( $pref['host'] != $_SERVER['HTTP_HOST'] ) {
return false; // HTTP_REFERER wrong
}
I have set first part return false to true. In 2.2.4 there is some additional code, I'll try to disable referrer checking completely... as much as I don't want to do that.
Still, there is something else going as I have never had, nor anybody else had any problems to register on xoops.org or other allowed to access (gmail, yahoomail etc. are not allowed) websites and I have used quite a few others.
I'm just curious is it something related to 2.2.4 only and what am I risking off by disabling this referring completely...
Thx.