I am trying to implement a Password Reset function. The site is hosted on WP Engine (in case that turns out to be relevant). I developed the site on a staging server and everything works fine. You can see the successful behavior by going to:
hidden link
...and using username "captavolunteer" (no quotes) to request a password reset. The function successfully executes and lands the user back on hidden link
The bug occurred after I ported everything to the live server. (I've checked all the relevant paths to make sure everything is identical, although it's possible I missed something.) Here's what happens; go to:
hidden link
...and use the same username (captavolunteer) to request a password reset. The operation hangs up on this page:
hidden link
(...which we never see when it executes successfully on staging.)
In Chrome, the error message is:
"This site can’t be reachedThe webpage at hidden link might be temporarily down or it may have moved permanently to a new web address.
ERR_HTTP2_PROTOCOL_ERROR"
In Firefox the error message is:
"Secure Connection Failed
An error occurred during a connection to capta.org.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem."
So if I'm reading it correctly, it seems to be some issue with the data getting transmitted via Toolset behind the scenes triggering a security flag, but I'm not sure. Any ideas? Thanks in advance!
Thank you for the reply. Two notes: 1) Unlike the issue reported in https://stackoverflow.com/questions/58215104/whats-the-neterr-http2-protocol-error-about, we get this error in other web browsers besides Chrome (note that in my original post I provided the error messages from both Chrome and Firefox. I just checked in Opera and get the same (ERR_HTTP2_PROTOCOL_ERROR).
2) Reading through https://stackoverflow.com/questions/58215104/whats-the-neterr-http2-protocol-error-about, I wasn't able to find what server settings they're recommending changing to alleviate the error. Also, I'm not aware of what Toolset does behind the scenes when that Password Reset is triggered, so I'm not sure what's happening or where it's breaking down.
With the above in mind, can you be more specific on what on the server might need to be changed to allow the function to work as intended?
I've checked with server expert people but the indication is most probably the issue is from your WP Engine hosting. The SSL certificates are also OK.
Maybe you should also delete cache as well.
=> hidden link
Can you please do a favor and check with WP Hosting authority and if they give green signal that everything is OK from their end, you should try to check the issue on a different servers - do you see the same issue?
If none of the options helps and once you get green signal from WP Engine, I will require access details. Can you please check the above options fist and inform me with your findings.
The Views developer looked into this and identified the cause as a custom security measure which WP Engine applies on log-in pages (seemingly only on the production servers), and he's proposed a change in our code to allow for this.
Could you please download the following patch: hidden link
Unzip it and replace the file of the same name at /wp-content/plugins/wp-views/embedded/inc/
Please test that and let Minesh know if it works. If so we can include the change in the production version of Views. We are about to release an update to Views and it is probably too late to include this change, so you would need to re-apply a patch (possibly an updated one) after the next release.
In any case, please let us know if this patch works.
Thank you for working around the SFTP issue with the File Manager plugin and installing the hotfix. It looks like that resolved the issue, so I'm marking this ticket as resolved!
It sounds like you installed the same file that Nigel had provided earlier. I did install it and it didn't seem to fix things at the time, so I'm not sure why that is, but I'm glad we got it working.
My understanding is that I'll need to re-install the hotfix when I update views until it gets integrated into a future update. I'll get back in touch if I have any issues then.
I closed this ticket prematurely. The hotfix solved the issue when it occurs at hidden link, but it occurs again at hidden link
Another one of our users reported this bug. Here's what they wrote:
"I set up a test user for myself (colleengc). I clicked on the “Help I forgot my password” and I received a lovely email to reset. I clicked on that link to reset the password. When I enter my new password twice and click next I get a site can’t be reached:"
"This site can’t be reached
The webpage at hidden link might be temporarily down or it may have moved permanently to a new web address.
ERR_HTTP2_PROTOCOL_ERROR"
So it looks like the same issue, but this time generated after submitting the new password at hidden link
Can you have the team look at it and write a hotfix for that juncture as well. I've already removed your admin acess, so if you want you can post the hotfix here and I'll try to install it. If I still have issues after that I'll reestablish your access.
Thanks!
David Lake
New threads created by Minesh and linked to this one are listed below:
