Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Back-End Access - Urgent

We are having sweeping issues accessing our /scp from anywhere other than our main location.

We are having three issues:
1. When staff login, they are immediately redirected to login.php without any error.
2. When staff login, they are redirected to a blank-white login.php with "Valid CSRF Token Required".
3. We can only access /scp from an internal IP (even though it is located on our external site). Connecting from a satellite location on a VPN fails. Connecting over a 4G MiFi fails. I can inexplicably connect over 3G from my phone without error, though.

This error has nearly crippled one of our Departments. I have spent many hours looking through error logs, our MySQL database, our settings, and these forums. It is imperative that we fix this issue ASAP.

OS: CentOS 5.9 (Final)
MySQL: 5.5.31 Community Server
PHP: 5.3.26


  • Try turning off 'bind login to ip'.. By default it locks the staff login to an ip for 24hrs I think.
  • Grizly;43557 said:
    Try turning off 'bind login to ip'.. By default it locks the staff login to an ip for 24hrs I think.
    We have already done so.

    My boss has green-lighted upgrading to the 1.7.1-RC1 for now. The Authentication Loop is a listed bug fix.
  • Ooh, I might get onto that myself then.. I've experienced it myself a few times!
  • Forewarning, I just got done migrating us around 2:45 and we have already experienced the "Authentication Required" loop at one of our satellite locations.

    Fixed one of our automated email issues, though. The additions to the back-end UI are very nice too.

    Broke our Thank You page for some reason. The page displays #XXXXXX instead of the appropriate ticket number. The ticket number is passed through the email and into the system though. So not sure what that is about.

    We are going to be doing some tests with our VPN in the coming days to see if there is some flawed setting causing some of these issues.
  • We found out that some of the staff at satellite facilities were exclusively using the email links to access the backend rather than /scp

    We removed the links from the emails generated and instructed them to use the other way.

    As of yet, we have had no issues. The changes has just been made today; if the success continues, I will try to remember to post that it is working.
Sign In or Register to comment.