AJAX 403 errors after 3.6 to 3.11.6 upgrade

AJAX 403 errors after 3.6 to 3.11.6 upgrade

by Thomas Wiley -
Number of replies: 6

Hello,

I recently upgraded my Moodle instance to 3.11.6 from 3.6. All went well and showed success. I now have an undefined popup on screen and 403 (forbidden) error showing in the Chrome Dev Tools whenever I try to enroll users or add/delete resources. Definitely seems like some configuration issue but I'm using the same PHP and Apache versions/configs.

For example, when I try to enroll a user in a course, I get the undefined popup (twice) and the following (decoded) URL showing a 403 error in the dev tools:

https://myurl.com/moodle/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies&cachekey=1651456176&args=[{"index":0,"methodname":"core_output_load_template_with_dependencies","args":{"component":"core","template":"form_autocomplete_selection","themename":"boost","lang":"en"}}

The apache "user" is the owner/group for all files/folders and 755 is the mode for all files/folders.

It doesn't seem to be an access issue, at least on the service-nologin.php file. If I open that URL in the browser, I don't get a 403 error, just a json response about coding error detected; expected since no args were sent. 

Nothing showing in the server or PHP error logs except when I paste the full (encoded) URL and get the 403 error page n the browser and it shows 403 in the logs.

Server OS: RHEL 6.10
PHP version: 7.3.25
Apache version: 2.2.15

Any guidance would be greatly appreciated!

Thanks,
Tom

Average of ratings: -
In reply to Thomas Wiley

Re: AJAX 403 errors after 3.6 to 3.11.6 upgrade

by Ken Task -
Picture of Particularly helpful Moodlers

Before anything Moodle related ... is this accurate?

Server OS: RHEL 6.10

https://access.redhat.com/discussions/4768501

and here's a chart for PHP (min/max) and MySQL (min/max) requirements you might want to consult:

http://www.syndrega.ch/blog/#php-and-dbms-compatibility-of-major-moodle-releases

'SoS', Ken


Average of ratings: -
In reply to Ken Task

Re: AJAX 403 errors after 3.6 to 3.11.6 upgrade

by Thomas Wiley -
Hello Ken,

Yes, it's RedHat 6.10 and I understand it has reached EOL. We are migrating our data center to AWS and I was assigned to keep this LMS running for the next couple of months. We had SCORM issues which I know are fixed in newer versions, so I upgraded Moodle.

I did review the Moodle requirements chart you referenced - thanks. I do meet the minimums. MySQL is 5.7.36, which I hadn't listed initially.
Average of ratings: -
In reply to Thomas Wiley

Re: AJAX 403 errors after 3.6 to 3.11.6 upgrade

by Ken Task -
Picture of Particularly helpful Moodlers

What were the SCORM issues?

If I have found your moodle server ... curl test show:

x-powered-by: PHP/7.2.34
nginx/1.20.1 ? thought you said apache?

Got something like mod_security installed?   Tripping a rule on false positive?   Something similar reported some time ago ...

https://moodle.org/mod/forum/discuss.php?d=396181

Got an .htaccess file

You performed a hyperjump upgrade as what user on your system?   root?
Check reset file and directory permissions if you did upgrade as root, did any change slip in on ya?

Cron job running ok?

You could purge caches on server ... manually ... in moodledata/

one could manually remove the contents of /cache/ /localcache/ /muc/ and /sessions/

those should all be rebuilt either via task in overall cron job or as site is used.

Comment: I, for one, have never been 'fond' of hyperjumps ... there are many, many, many changes from 3.6.x (which might have been a .0) to 3.11.6 which is already behind ... 3.11.7+ (Build: 20220512) is latest.

And, of course, turn on debugging all the way to developer to see if we cannot get some more info.

Also ... if I found correct site, languages ... has your moodle prompted for any updates to language packs?

'SoS', Ken


Average of ratings: -
In reply to Ken Task

Re: AJAX 403 errors after 3.6 to 3.11.6 upgrade

by Thomas Wiley -
Thanks Ken. I had changed my base URL to what I thought was a generic one. We have an IP whitelist in the apache config. We work on military training, unclassified, but they want it locked down. I'm in the process of copying everything over to another volume in my server to do more troubleshooting to not further break things.

I had set up another instance of Moodle on the same server using the same version of Moodle and it works properly, which I think tells me apache and php are configured correctly.
Average of ratings: -
In reply to Thomas Wiley

Re: AJAX 403 errors after 3.6 to 3.11.6 upgrade

by Visvanath Ratnaweera -
Picture of Particularly helpful Moodlers Picture of Translators
Have you tried the simple things first: https://docs.moodle.org/311/en/Developer_tools#Purge_all_caches on both Moodle sites? And also clearing the browser cache? Use different browsers for the two sites.

How did you handle additional plugins during the upgrade? What are the plugins in use?

What is the theme? If not Boost, try changing to Boost for comparison. A new round of purge/delete caches may be necessary after the change.

Average of ratings: -
In reply to Visvanath Ratnaweera

Re: AJAX 403 errors after 3.6 to 3.11.6 upgrade

by Thomas Wiley -
Thank you both. I have finally solved the issue. It seems the culprit was the .htaccess file had some very elaborate rewrite rules that were affecting the ajax calls.
Average of ratings: -