Magento无法访问扩展程序 - >重定向到管理员登录

I have set up my new server with Nginx, Php-Fpm and APC. Also I am using an external Varnish Cache and MySQL Database.

Since I am working with that setup one of my extensions stopped working. If I try to access it in the backend Magento logs me out and I am redirected to the magento admin login.

Here is my Nginx conf:

1.) nginx.conf

user              nginx;
worker_processes  1;
error_log         /var/log/nginx/error.log;
pid               /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request "'
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    autoindex off;
    map $scheme $fastcgi_https { ## Detect when HTTPS is used
        default off;
        https on;
    }

    keepalive_timeout  10;


    gzip  on;
    gzip_comp_level 2;
    gzip_proxied any;
    gzip_types      text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    # Load config files from the /etc/nginx/conf.d directory
    include /etc/nginx/conf.d/*.conf;

2.) domain.conf

server {
    listen 8080;
    server_name domain.de;
    rewrite / $scheme://www.$host$request_uri permanent; ## Forcibly prepend a www
}

server {
    listen 8080 default;
# SSL directives might go here
    server_name www.domain.de *.domain.de; ## Domain is here twice so server_name_in_redirect will favour the www
    root /var/www/html;

    location / {
        index index.html index.php; ## Allow a static html file to be shown first
        try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
        expires 30d; ## Assume all files are cachable
    }

    ## These locations would be hidden by .htaccess normally
   # location ^~ /app/                { deny all; }
   # location ^~ /includes/           { deny all; }
   # location ^~ /lib/                { deny all; }
   # location ^~ /media/downloadable/ { deny all; }
   # location ^~ /pkginfo/            { deny all; }
   # location ^~ /report/config.xml   { deny all; }
   # location ^~ /var/                { deny all; }

    location /var/export/ { ## Allow admins only to view export folder
        auth_basic           "Restricted"; ## Message shown in login window
        auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
        autoindex            on;
    }

    location  /. { ## Disable .htaccess and other hidden files
        return 404;
    }

    location @handler { ## Magento uses a common front handler
        rewrite / /index.php;
    }

    location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
        rewrite ^(.*.php)/ $1 last;
    }
location ~ .php$ { ## Execute PHP scripts
        if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss

        expires        off; ## Do not cache dynamic content
        fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_param  HTTPS $fastcgi_https;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        fastcgi_param  MAGE_RUN_CODE default;
        fastcgi_param  MAGE_RUN_TYPE store;
        include        fastcgi_params; ## See /etc/nginx/fastcgi_params
    }
}

The nginx error log tells me:

2013/05/27 21:07:01 [error] 18489#0: *4 access forbidden by rule, client: 54.xxx.x.xx, server: www.domain.de, request: "POST /app/etc/local.xml HTTP/1.1", host: "www.domain.de"

Seems to me I have restricted the access somewhere. I already changed this:

## These locations would be hidden by .htaccess normally
   # location ^~ /app/                { deny all; }
   # location ^~ /includes/           { deny all; }
   # location ^~ /lib/                { deny all; }
   # location ^~ /media/downloadable/ { deny all; }
   # location ^~ /pkginfo/            { deny all; }
   # location ^~ /report/config.xml   { deny all; }
   # location ^~ /var/                { deny all; }

I am breaking my head over this. Does somebody has a tip for me where to look?

Thanks in advance!

EDIT 1:

Seems to me there is a mix up somewhere. If I delete listen: 8080; it works! Varnish Server (on :80) hands out an error message every twice attempt to enter the page (setup is ELB - Varnish - Nginx, normally), but basically I can access the extension. Is it possible that Varnish redirect it somehow?

This is the default.vcl

#
 backend default {
     .host = "xx.xxx.xxx.xx";
     .port = "8080"; # We will then configure apache to listen to port 8080
 }

acl trusted {
    "127.0.0.1";
    "127.0.1.1";
    "xx.xxx.xxx.xx";
    # Add other ips that are allowed to purge cache
}

#
# http://www.varnish-cache.org/docs/2.1/tutorial/vcl.html#vcl-recv
# @param req    Request object
sub vcl_recv {
    if (req.http.x-forwarded-for) {
        set req.http.X-Forwarded-For = req.http.X-Forwarded-For+","+client.ip;
    }
    else {
        set req.http.X-Forwarded-For = client.ip;
    }

    if (req.request == "PURGE") {
        # Allow requests from trusted IPs to purge the cache
        if (!client.ip ~ trusted) {
           error 405 "Not allowed.";
        }
        ban("req.url ~ " + req.url);
        error 200 "Ok"; #We don't go to backend
        #return(lookup); # @see vcl_hit
    }

    if (req.request != "GET" &&
       req.request != "HEAD" &&
       req.request != "PUT" &&
       req.request != "POST" &&
       req.request != "TRACE" &&
       req.request != "OPTIONS" &&
       req.request != "DELETE") {
         /* Non-RFC2616 or CONNECT which is weird. */
         return (pipe);
    }

     # Cache only GET or HEAD requests
     if (req.request != "GET" && req.request != "HEAD") {
         /* We only deal with GET and HEAD by default */
         return (pass);
     }

    # parse accept encoding rulesets to normalize
if (req.http.Accept-Encoding) {
        if (req.http.Accept-Encoding ~ "gzip") {
            set req.http.Accept-Encoding = "gzip";
        } elsif (req.http.Accept-Encoding ~ "deflate") {
            set req.http.Accept-Encoding = "deflate";
        } else {
            # unkown algorithm
            remove req.http.Accept-Encoding;
        }
    }

     # Rules for static files
     if (req.url ~ "\.(jpeg|jpg|png|gif|ico|swf|js|css|gz|rar|txt|bzip|pdf)(\?.*|)$") {
        set req.http.staticmarker = "1";
        unset req.http.Cookie;

        return (lookup);
    }

    # Don't cache pages for Magento Admin
    # change this rule if you use custom url in admin
    if (req.url ~ "^/(index.php/)?admin") {
        return(pass);
    }

    # Don't cache checkout/customer pages, product compare
    if (req.url ~ "^/(index.php/)?(checkout|customer|catalog/product_compare|wishlist)") {
        return(pass);
    }

    # Don't cache till session end
    if (req.http.cookie ~ "nocache_stable") {
        return(pass);
    }

    # Unique identifier witch tell Varnish use cache or not
    if (req.http.cookie ~ "nocache") {
        return(pass);
    }

    # Remove cookie
    unset req.http.Cookie;
    set req.http.magicmarker = "1"; #Instruct varnish to remove cache headers received from backend
    return(lookup);
 }

sub vcl_pipe {
#     # Note that only the first request to the backend will have
#     # X-Forwarded-For set.  If you use X-Forwarded-For and want to
#     # have it set for all requests, make sure to have:
#     # set req.http.connection = "close";
#     # here.  It is not set by default as it might break some broken web
#     # applications, like IIS with NTLM authentication.
     return (pipe);
}

#sub vcl_pass {
#     return (pass);
#}

#sub vcl_hash {
#     set req.hash += req.url;
#     if (req.http.host) {
#         set req.hash += req.http.host;
#     } else {
#         set req.hash += server.ip;
#     }
#     return (hash);
# }

# Called after a cache lookup if the req. document was found in the cache.
sub vcl_hit {
    if (req.request == "PURGE") {
        ban_url(req.url);
        error 200 "Purged";
    }

    if (!(obj.ttl > 0s)) {
        return (pass);
    }
    return (deliver);
}

# Called after a cache lookup and odc was not found in cache.
sub vcl_miss {
    if (req.request == "PURGE"){
        error 200 "Not in cache";
    }
    return (fetch);
}

# Called after document was retreived from backend
# @var req      Request object.
# @var beresp   Backend response (contains HTTP headers from backend)
sub vcl_fetch {
    set req.grace = 30s;

    # Current response should not be cached
    if(beresp.http.Set-Cookie ~ "nocache=1") {
        return (deliver);
    }

    # Flag set when we want to delete cache headers received from backend
    if (req.http.magicmarker){
        unset beresp.http.magicmarker;
        unset beresp.http.Cache-Control;
        unset beresp.http.Expires;
        unset beresp.http.Pragma;
        unset beresp.http.Cache;
        unset beresp.http.Server;
        unset beresp.http.Set-Cookie;
        unset beresp.http.Age;

        # default ttl for pages
        set beresp.ttl = 1d;
    }
    if (req.http.staticmarker) {
        set beresp.ttl = 30d; # static file cache expires in 30 days
        unset beresp.http.staticmarker;
        unset beresp.http.ETag; # Removes Etag in case we have multiple frontends
    }

    return (deliver);
}

# Called after a cached document is delivered to the client.
sub vcl_deliver {
    if (obj.hits > 0) {
        set resp.http.X-Cache = "HIT ("+obj.hits+")";
    } else {
        set resp.http.X-Cache = "MISS";
        #    set resp.http.X-Cache-Hash = obj.http.hash;
    }
    return (deliver);
}

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

dsgdhtr_43654 2013-05-28 12:28

关注

Yes indeed the varnish default.vcl file did the mistake! I can't exactly say that was wrong, but I exchanged it with a provided one.

# default backend definition.  Set this to point to your content server.
backend default {
  .host = "127.0.0.1";
  .port = "8080";
}

# admin backend with longer timeout values. Set this to the same IP & port as your default server.
backend admin {
  .host = "127.0.0.1";
  .port = "8080";
  .first_byte_timeout = 18000s;
  .between_bytes_timeout = 18000s;
}

# add your Magento server IP to allow purges from the backend
acl purge {
  "localhost";
  "127.0.0.1";
}

import std;

sub vcl_recv {
    if (req.restarts == 0) {
        if (req.http.x-forwarded-for) {
            set req.http.X-Forwarded-For =
            req.http.X-Forwarded-For + ", " + client.ip;
        } else {
            set req.http.X-Forwarded-For = client.ip;
        }
    }

    if (req.request != "GET" &&
        req.request != "HEAD" &&
        req.request != "PUT" &&
        req.request != "POST" &&
        req.request != "TRACE" &&
        req.request != "OPTIONS" &&
        req.request != "DELETE" &&
        req.request != "PURGE") {
        /* Non-RFC2616 or CONNECT which is weird. */
        return (pipe);
    }

    # purge request
    if (req.request == "PURGE") {
        if (!client.ip ~ purge) {
            error 405 "Not allowed.";
        }
        ban("obj.http.X-Purge-Host ~ " + req.http.X-Purge-Host + " && obj.http.X-Purge-URL ~ " + req.http.X-Purge-Regex + " && obj.http.Content-Type ~ " + req.http.X-Purge-Content-Type);
        error 200 "Purged.";
    }

    # switch to admin backend configuration
    if (req.http.cookie ~ "adminhtml=") {
        set req.backend = admin;
    }

    # we only deal with GET and HEAD by default
    if (req.request != "GET" && req.request != "HEAD") {
        return (pass);
    }

    # normalize url in case of leading HTTP scheme and domain
    set req.url = regsub(req.url, "^http[s]?://[^/]+", "");

    # collect all cookies
    std.collect(req.http.Cookie);

    # static files are always cacheable. remove SSL flag and cookie
    if (req.url ~ "^/(media|js|skin)/.*\.(png|jpg|jpeg|gif|css|js|swf|ico)$") {
        unset req.http.Https;
        unset req.http.Cookie;
    }

    # not cacheable by default
    if (req.http.Authorization || req.http.Https) {
        return (pass);
    }

    # do not cache any page from index files
    if (req.url ~ "^/(index)") {
        return (pass);
    }

    # as soon as we have a NO_CACHE cookie pass request
    if (req.http.cookie ~ "NO_CACHE=") {
        return (pass);
    }

    # remove Google gclid parameters
    set req.url = regsuball(req.url,"\?gclid=[^&]+$",""); # strips when QS = "?gclid=AAA"
    set req.url = regsuball(req.url,"\?gclid=[^&]+&","?"); # strips when QS = "?gclid=AAA&foo=bar"
    set req.url = regsuball(req.url,"&gclid=[^&]+",""); # strips when QS = "?foo=bar&gclid=AAA" or QS = "?foo=bar&gclid=AAA&bar=baz"

    return (lookup);
}

# sub vcl_pipe {
#     # Note that only the first request to the backend will have
#     # X-Forwarded-For set.  If you use X-Forwarded-For and want to
#     # have it set for all requests, make sure to have:
#     # set bereq.http.connection = "close";
#     # here.  It is not set by default as it might break some broken web
#     # applications, like IIS with NTLM authentication.
#     return (pipe);
# }
#
# sub vcl_pass {
#     return (pass);
# }
#
sub vcl_hash {
    hash_data(req.url);
    if (req.http.host) {
        hash_data(req.http.host);
    } else {
        hash_data(server.ip);
    }

    if (req.http.cookie ~ "PAGECACHE_ENV=") {
        set req.http.pageCacheEnv = regsub(
            req.http.cookie,
            "(.*)PAGECACHE-env=([^&]*)(.*)",
            "\2"
        );
        hash_data(req.http.pageCacheEnv);
        remove req.http.pageCacheEnv;
    }

    if (!(req.url ~ "^/(media|js|skin)/.*\.(png|jpg|jpeg|gif|css|js|swf|ico)$")) {
        call design_exception;
    }
    return (hash);
}
#
# sub vcl_hit {
#     return (deliver);
# }
#
# sub vcl_miss {
#     return (fetch);
# }

sub vcl_fetch {
    if (beresp.status == 500) {
       set beresp.saintmode = 10s;
       return (restart);
    }
    set beresp.grace = 5m;

    # enable ESI feature if needed
    if (beresp.http.X-Cache-DoEsi == "1") {
        set beresp.do_esi = true;
    }

    # add ban-lurker tags to object
    set beresp.http.X-Purge-URL = req.url;
    set beresp.http.X-Purge-Host = req.http.host;

    if (beresp.status == 200 || beresp.status == 301 || beresp.status == 404) {
        if (beresp.http.Content-Type ~ "text/html" || beresp.http.Content-Type ~ "text/xml") {
            if ((beresp.http.Set-Cookie ~ "NO_CACHE=") || (beresp.ttl < 1s)) {
                set beresp.ttl = 0s;
                return (hit_for_pass);
            }

            # marker for vcl_deliver to reset Age:
            set beresp.http.magicmarker = "1";

            # Don't cache cookies
            unset beresp.http.set-cookie;
        } else {
            # set default TTL value for static content
            set beresp.ttl = 4h;
        }
        return (deliver);
    }

    return (hit_for_pass);
}

sub vcl_deliver {
    # debug info
    if (resp.http.X-Cache-Debug) {
        if (obj.hits > 0) {
            set resp.http.X-Cache = "HIT";
            set resp.http.X-Cache-Hits = obj.hits;
        } else {
           set resp.http.X-Cache = "MISS";
        }
        set resp.http.X-Cache-Expires = resp.http.Expires;
    } else {
        # remove Varnish/proxy header
        remove resp.http.X-Varnish;
        remove resp.http.Via;
        remove resp.http.Age;
        remove resp.http.X-Purge-URL;
        remove resp.http.X-Purge-Host;
    }

    if (resp.http.magicmarker) {
        # Remove the magic marker
        unset resp.http.magicmarker;

        set resp.http.Cache-Control = "no-store, no-cache, must-revalidate, post-check=0, pre-check=0";
        set resp.http.Pragma = "no-cache";
        set resp.http.Expires = "Mon, 31 Mar 2008 10:00:00 GMT";
        set resp.http.Age = "0";
    }
}

# sub vcl_error {
#     set obj.http.Content-Type = "text/html; charset=utf-8";
#     set obj.http.Retry-After = "5";
#     synthetic {"
# <?xml version="1.0" encoding="utf-8"?>
# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
#  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
# <html>
#   <head>
#     <title>"} + obj.status + " " + obj.response + {"</title>
#   </head>
#   <body>
#     <h1>Error "} + obj.status + " " + obj.response + {"</h1>
#     <p>"} + obj.response + {"</p>
#     <h3>Guru Meditation:</h3>
#     <p>XID: "} + req.xid + {"</p>
#     <hr>
#     <p>Varnish cache server</p>
#   </body>
# </html>
# "};
#     return (deliver);
# }
#
# sub vcl_init {
#   return (ok);
# }
#
# sub vcl_fini {
#   return (ok);
# }

sub design_exception {
}

报告相同问题？

关注问题

Magento“$ this-> loadLayout（）”在AJAX中消耗很长时间 php
2016-03-21 07:49

回答 1 已采纳 I have solved the issue by changing the code as fallows. $this->getLayout()->createBlock('p
Magento“编辑捆绑 - >更新购物车”添加新捆绑而不是更新当前捆绑 php
2014-04-03 03:10

回答 1 已采纳 I had the same issue as you, plus another minor issue with the button. After a whole lot of searc
Magento index.php 301将http重定向到https http https php
2016-09-26 09:36

回答 1 已采纳 if(!$_SERVER['HTTPS'] || strtolower($_SERVER['HTTPS']) != 'on' ){ header("HTTP/1.1 301 Moved P
Auth0:这是一个扩展，增加了使用Auth0登录到Magento应用程序的功能
2021-05-01 15:42

这是一个扩展，增加了使用Auth0登录到Magento应用程序的功能要求 PHP> = 5.6.0 兼容性 Magento> = 2.0 发行版 v0.1.0 第一版，用户可以使用Auth0作为身份验证服务器登录magento v0.1.1 删除了自定义属性的使用，...
Magento $ collection-> join - Multiple mysql php sql
2014-09-25 14:03

回答 1 已采纳 Oh, this was much more simple than I was expecting, I managed to work it out with the following:
在目录 - >管理类别 - >显示设置中创建新属性字段 php
2015-10-31 03:29

回答 1 已采纳 You can add a dropdown in manage categories section. Please do the following :- app/etc/modules/M
访问Download.php上的$ item-> getNumberOfDownloadsUsed（）函数 php
2017-11-16 12:18

回答 1 已采纳 You are doing it wrong, you can not get any object like this $this->getOrderItem() without set/
magento-force-store-code:允许在主页上的URL中强制使用商店代码
2021-04-29 13:37

Magento-强制存储代码扩展概述激活Magento后台的“将商店代码添加到Urls”，即使没有商店代码，也可以使用您的主要URL。此扩展名仅在主页上检查商店代码是否在...将“ app”文件夹移到您的Magento应用程序的根目录
**关闭**如何使用自定义表格像Sales-> Orders创建magento管理员自定义页面 mysql php
2014-12-03 03:39

回答 2 已采纳 Follow the following steps to create module in admin panel with your custom table. Create module
如何在Magento的其他目录/页面中访问$ this-> getChildHtml（）等方法？ php
2013-11-06 21:09

回答 1 已采纳 You need to make layout update and include block topSearch into block containing top.phtml. Look i
Magento将PHP-FPM组分开给管理员 nginx php
2014-10-28 02:53

回答 3 已采纳 Yes, it's possible. In this example, we specify a default pool, pool 1. If the URL is /admin, we
mage-mod-301-redirect-optimiseweb:通过将URL数据上传到CSV文件中，为404页设置批量301重定向。无需更改HTACCESS或DB！
2021-05-19 14:29

针对Magento的Optimize Web的批量重定向扩展程序允许您将所有重定向数据上传为CSV文件。该模块完全基于CSV文件（不涉及数据库）。将其视为将301重定向添加到.htaccess文件的替代方法。安装使用modgit安装： ...
使用magento2 Composer安装 - php扩展：ext-mcrypt *和ext-intl *缺失 php
2016-10-28 06:07

回答 1 已采纳 Try these command in your shell sudo apt-get install php7.0-gd sudo apt-get install php7.0-ext-m
Magento2 面试宝典-灵魂60问
2023-04-06 14:35

金哥铁码的博客 Magento 2是一种流行的开源电子商务平台，它提供了一个完整的解决方案，使商家能够轻松地创建和管理他们的在线商店。块是Magento 2中的一个重要概念，它是一个PHP类，用于生成动态内容并在页面上显示。模板是Magento...
LimeSoda_TrailingSlashes:将产品，类别和CMS页面URL重定向到其对应的URL，而不用斜杠结尾
2021-05-14 09:27

LimeSoda_TrailingSlashes 将产品，类别和CMS页面URL重定向到其对应的URL，而不用斜杠结尾。事实版本：0.2.0 ...如果您对此扩展程序有任何疑问，请在打开一个问题。贡献任何贡献都受到高度赞赏。贡
Greyfenix_WishlistShare:修复了从共享愿望清单电子邮件添加所有购物车的 Magento 错误
2021-07-12 12:58

GreyFenix_WishlistShare 修复了从共享愿望清单电子邮件添加所有购物车的 Magento 错误背景我在新版本的 Magento（EE 1.14 和 CE 1.9）上发现...因此，通过添加此扩展程序，Magento 错误将得到修复！安装。这个扩
opencart
2017-09-06 17:35

g_maimai_123的博客 Opencart主要是做外贸电商的，跨境电商之类的，使用的是PHP语言。 OpenCart基于PHP+MYSQL开发，支持无限分类、无限产品、多主题、多种币种、多语言、购买评论、产品点评、搜索引擎...（同类型的B2C开源程序国内有Ecsh
magento mysql 优化_magento性能优化
2021-01-27 07:29

weixin_39793708的博客 magento性能优化14个快速加载web页面的技巧:减少HTTP请求数使用CDN增加过期头信息gzip压缩传输内容将css样式表放在页首将js文件放在页尾不使用css表达式尽量少用内联式的css和js,将其放置在外部资源文件中减少DNS...
【转载】如何分享Magento的几个MULTI-STORES的Magento的购物车之间
2016-07-26 14:55

cian6520的博客如果你有多个门店配置你的Magento，你想对所有的多单店车这篇文章是你所需要的。所有的多门店将不会单独的网站，他们都将拥有一个购物车（多店之间共享内容的车）。也是你的客户将有单一账户的所有多店。 1.共享...
magento性能优化
2017-07-19 14:27

木子耗2009的博客 magento性能优化 14个快速加载web页面的技巧: 减少HTTP请求数使用CDN 增加过期头信息 gzip压缩传输内容将css样式表放在页首将js文件放在页尾不使用css表达式尽量少用内联式的css和js,将其放置...
没有解决我的问题, 去提问

悬赏问题

¥15 树莓派与pix飞控通信
¥15 自动转发微信群信息到另外一个微信群
¥15 outlook无法配置成功
¥30 这是哪个作者做的宝宝起名网站
¥60 版本过低apk如何修改可以兼容新的安卓系统
¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
¥50 有数据，怎么建立模型求影响全要素生产率的因素
¥50 有数据，怎么用matlab求全要素生产率
¥15 TI的insta-spin例程
¥15 完成下列问题完成下列问题

码龄粉丝数原力等级 --

Magento无法访问扩展程序 - >重定向到管理员登录

1条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

Magento无法访问扩展程序 - >重定向到管理员登录

1条回答 默认 最新

悬赏问题

1条回答默认最新