Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Web Setup Wizard 401 Unauthorised due to PHP's session.referer_check value being set

‎01-31-2017 03:44 PM
‎01-31-2017 03:44 PM

Web Setup Wizard 401 Unauthorised due to PHP's session.referer_check value being set

Hi community,

 

I noticed when locking down my server that php.ini's session.referer_check cannot be set to anything other than nothing (which is the same as commenting the line out) otherwise the Magento Admin > System > Web Setup Wizard returns 401 Unauthorised.

 

Could someone/a few someones please confirm this behavior? I believe the referer isn't set at one step of the way and thus it fails.

 

Note: This is a different issue to all of the doc root "pub" threads of similar symptoms. I've scoured the web to diagnose this one but nobody seems to have answered it anywhere so after my testing I have determined session.referer_check being set to be the root cause.

Labels:
0 Kudos
Reply
5 REPLIES 5
‎02-08-2017 06:13 PM
‎02-08-2017 06:13 PM

Re: Web Setup Wizard 401 Unauthorised due to PHP's session.referer_check value being set

Hi @magentomatt,,

 


As I asked in your other topic, were you able to find a solution?

 

 

Best regards,

Gabriel

Welcome to the Magento Forums. Remember to introduce yourself and read the Magento Forums Guidelines.
0 Kudos
Reply
‎02-10-2017 09:04 PM
‎02-10-2017 09:04 PM

Re: Web Setup Wizard 401 Unauthorised due to PHP's session.referer_check value being set

Hi Gabriel,

 

My post was the solution to the problem, i just wanted someone here to confirm whether PHP's session.referer_check value causes the "unlogin" when attempting to access the Web Setup Wizard from the Magento Admin. Nobody as yet appears to be interested in helping, but that's okay!

0 Kudos
Reply
‎02-05-2018 02:22 PM
‎02-05-2018 02:22 PM

Re: Web Setup Wizard 401 Unauthorised due to PHP's session.referer_check value being set

Solution for me was:
Base URLs (Secure)
-> Use Secure URLs on Storefront -> Yes
-> Use Secure URLs in Admin -> Yes
-> Enable HTTP Strict Transport Security (HSTS) -> Yes
-> Upgrade Insecure Requests -> Yes
php bin/magento cache:clean
https://yadi.sk/i/iPJi4k7X3S86Za
I SOLVE THIS.

Reply
‎03-13-2018 10:47 AM
‎03-13-2018 10:47 AM

Re: Web Setup Wizard 401 Unauthorised due to PHP's session.referer_check value being set

I solved problem , thank you very much.

0 Kudos
Reply
‎05-30-2018 03:16 AM
‎05-30-2018 03:16 AM

Re: Web Setup Wizard 401 Unauthorised due to PHP's session.referer_check value being set

same issue

my magento version is 2.2.3

ill try all the solution

 

but my problem is not solved

0 Kudos
Reply