Products

Solutions

Resources

Partners

Community

Blog

About

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Secured pages stopped working for random usersSecured pages stopped working for random users
Previous
 
Next
New Post
12/12/2014 12:24 PM
 

I've tried to Google this and the nature of the problem makes things really hard to pin down.  I have an existing site that has been secured via SSL for some time now.  The cert is active and in good standing.  About a month ago I started having issues with random users.  I am unable to determine anything in common with the users who were experiencing this issue, but random users would get a 404 when directed to the login page.  We have a custom login page using the stock login module.  

If the login page is set to secured, random users get 404, if turned off they can get in just fine.  Its on multiple browsers and from multiple ISPs.  Additionally any other page secured generates the same 404, so it isn't just the login module.  I have Smith cart installed on multiple pages and they are secured.  Those too are 404 for these users. Again its not all users and not all ISP's.  If I attempt to login with any of the same users from my computer/house I'm able to log in.  

This site is on DNN 7.2.2.  I have looked at the login pages via Chrome console, and firebug and see nothing in the console.  SSL detects no issues, not even non https content on the page (i've fixed any skin references to http js content and anything else non ssl).  I'm extremely frustrated with this as I have been working on it for weeks looking everywhere and have come up with nothing.  Any help would be greatly appreciated

 
New Post
12/15/2014 5:37 PM
 
perhaps it's the poodle issue (http://www.troyhunt.com/2014/10/every...) i.e., your host has disabled one of the vulnerable ssl versions and you have some users with old clients (eg. Internet explorer 6) that no longer work,

Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US
 
New Post
12/15/2014 6:37 PM
 
Cathal - thanks for the reply. I forgot I posted here about this. After days of troubleshooting, I figured out what the problem was. It was only Chrome browser (updated version) and SSL enabled pages. The issue was called Winshock. Apparently MS released a botched update (kb2992611) and depending on your server and update procedures, getting it fixed is like finding a pot of gold at the end of a rainbow.

We found that if you visited the pages with tls 1.2 disabled, it would load fine. If visiting it without disabling 1.2 it would generate 404. Here is a link to the MS article discussing this. All I can say to everyone else if they are experiencing this is good luck. I still have no clue what I did to fix it. The new update kb3018238 never appeared in the list of installed updates. Then after one final last ditch reboot it did. Tested it again and voila it worked. Hopefully this helps someone else if they fall down this rabbit hole.

https://social.technet.microsoft.com/...
 
New Post
12/17/2014 6:18 AM
 
thanks for the update, glad it's fixed

Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US
 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Secured pages stopped working for random usersSecured pages stopped working for random users


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out