Locked out of Moodle, can't log in (SSL issue?)

Locked out of Moodle, can't log in (SSL issue?)

ved Rebecca O'Connell -
Antal besvarelser: 6

I've been trying to log in to Moodle, and I keep getting booted back to the login page over and over again. We did have loginhttps ("Use HTTPS for login") set to true, and I'm pretty sure our certificate was bad, so I assumed that changing loginhttps to 0 in the database would allow me to log in. It didn't. I have exactly the same problem I did before even though it appears to be using http now instead of https.

When I check the error log the only messages I see are about too many login attempts. I tried loggin in again on a different computer, but it still just sends be back to the login page.

Does any one know why this might be or what I might try next?

Thank you,

Rebecca

Gennemsnitsbedømmelse: -
I svar til Rebecca O'Connell

Re: Locked out of Moodle, can't log in (SSL issue?)

ved Ken Task -
Billede af Particularly helpful Moodlers

You've not mentioned version of Moodle (nor OS, remotely hosted, etc.), but the following will work for 1.9 and 2.x.

Does your config.php file have http or https?

Are you using DB for sessions or files?

If  files, there is a sessions folder in your moodledata folder.  It is safe to remove all files contained there in.  Attempt to login again.

If using DB, switch to 'files'.  Could be the DB is overtaxed or some other DB issue.  Switching to files should create a 'sessions' folder in the moodledata folder.

Can do that via config.php file:

$CFG->dbsessions=0;

One might also have to turn on debugging via config file.  See the config-dist.php file for the lines that will turn on debug.  Add them to your existing config.php file.  Once resolved, those lines can be commented out by adding // in front of them.  Commenting out leaves them there but doesn't execute them.  Thus, if you have need of debug in the future and cannot login to turn debug on, one simply removes the comment (//).

'spirit of sharing', Ken

Gennemsnitsbedømmelse:Useful (1)
I svar til Ken Task

Re: Locked out of Moodle, can't log in (SSL issue?)

ved Rebecca O'Connell -

Ken,

Thank you for your suggestions. We are using 2.3.6 currently. I did have a sessions folder in Moodledata, which I deleted. I also made the change to config that you suggested. This had no visible effect. 

When I set the debugging variables you suggested, I got the following error messages:

$CFG->eaccelerator is set to true but the required functions are not available. You need to have either eaccelerator or turckmmcache extensions installed, compiled with the shmem keys option enabled.
    • line 60 of /lib/eaccelerator.class.php: call to debugging()
    • line 1361 of /lib/setuplib.php: call to eaccelerator->eaccelerator()
    • line 609 of /lib/setup.php: call to init_eaccelerator()
    • line 532 of /config.php: call to require_once()
    • line 27 of /login/index.php: call to require()
Error initialising eaccelerator cache
    • line 610 of /lib/setup.php: call to debugging()
    • line 532 of /config.php: call to require_once()
    • line 27 of /login/index.php: call to require()

 Do you think this is related?

My config file has http for wwwroot and https for httpswwwroot. 

Thank you,

Rebecca

Gennemsnitsbedømmelse: -
I svar til Rebecca O'Connell

Re: Locked out of Moodle, can't log in (SSL issue?)

ved Ken Task -
Billede af Particularly helpful Moodlers

Sessions folder ... uhhh, did you delete the folder or did you delete the contents of the folder? (said to remove the contents of the folder ... all the files contained therein ... not the folder).  It should be re-created, but it's always safe to play it safe.  Does the sessions folder exist?

Are you sure you are running 2.3.x?  Those config items related to are found in mdl_config table of a 1.9.x.

First item:

$CFG->eaccelerator is set to true but the required functions are not available. You need to have either eaccelerator or turckmmcache extensions installed, compiled with the shmem keys option enabled.

The first line says there is an issue with eaccelerator which leads to the others ... config.php (which must be read every access) and login.php.  Think that is the issue.  Notice I said think ... don't run eaccelerator but apc in php.

Here's an old thread (talking about older versions of Moodle, but one will see almost exactly the same error message):

https://moodle.org/mod/forum/discuss.php?d=71293

Not sure one needs eaccelerator any more - *if running 2.3->*.  Beginning version 2.3 Moodle has caching of it's own (MUC).  Besides that, have read where eaccelerator is a problem with Moodle.

Is this server remotely hosted and you have no options/choices for using/not using eaccelerator?

Can you access, directly, the phpinfo page?

http://yoursite//admin/phpinfo.php

That might prompt you to login as an admin user but hopefully will redirect to show information about your php config.

The only other way is to have ssh terminal session into the server and as root user issue:

php -i

php -m

'spirit of sharing', Ken

Gennemsnitsbedømmelse: -
I svar til Ken Task

D'oh! (Problem solved)

ved Rebecca O'Connell -

Because it not not colored or boldfaced in our theme (which I will be fixing immediately), I didn't notice that I actually was getting an "Invalid login, please try again" error. I looked that phrase up and found this post.

The moodle installation I've been trying to fix is a copy of the production server that we've been using to test upgrades and new features. It uses an exact (and recently updated) copy of the production server's database, but a different config file. When we added password salt to the production configuration, we didn't copy over the salt to the development server's config file.

We're definitely running 2.3. I tried adding the config $CFG->dbsessions=0; variable after deleting the contents of sessions didn't work. Weirdly, I can't find a $CFG->eaccelerator rule in the config.php file, and I'm pretty sure we're actually running APC as well. php-m shows apc but not anything like eaccelerator. If you have any ideas about why we're getting this error I would still be fascinated to hear them.

Thank you for your help.

Rebecca

 

Gennemsnitsbedømmelse: -
I svar til Rebecca O'Connell

Re: D'oh! (Problem solved)

ved Ken Task -
Billede af Particularly helpful Moodlers

Hmmm ... might have saved some time IF one had disclosed at the very beginning that this was a clone of your existing production site. :|

Yes, https may not work as the certs are different.

So are you saying you can now login?  The problem is resolved?

'we didn't copy over the salt to the development server's config file'

If the dev server was installed first, it created a different salt.  If you then later came back and imported the DB from the production site to the clone/dev site, then all the users ... including admin ... have passwords that have been salted by the old value ... not the new.  No one can login really.

See: http://docs.moodle.org/24/en/Password_salting

for how to add the salt line from the config.php file of the production server to the clone/dev box.

If you copied over the config.php file to the dev/clone all one had to do is edit and change locations/etc.  Salt line stays and should match what was in the DB as imported.

Are there any other details that we are leaving out? ;)

Still kinda a strange error!

'spirit of sharing', Ken

Gennemsnitsbedømmelse: -
I svar til Ken Task

Re: D'oh! (Problem solved)

ved Rebecca O'Connell -

Ken,

Yes, I can log in now. All I had to do was copy the password salt from the production config file to the dev config file. So the weird eaccelerator thing is probably a totally unrelated thing that happened to come to light while I was searching for a solution to this. 

This is a clone has officially been added to my personal list of relevant information now.

Rebecca

Gennemsnitsbedømmelse: -