« Upgrading ZFS pool from 512/512e drives to AF 4K drives | Main | The Events Calendar Wordpress full ical/ics export »
April 28, 2015

vTiger non-standard port forward ssl/https 'illegal request'

Using vTiger, if you change the port Apache uses for SSL from 443 to a non-standard port such as 999, it will error out with 'Illegal Request' based on an incorrect referrer.

To modify the validation vTiger uses, edit line 209 of includes/http/Request.php to add a check for SERVER_PORT.

Before:
protected function validateReferer() {
$user= vglobal('current_user');
// Referer check if present
if (isset($_SERVER['HTTP_REFERER'])) && $user) {//Check for user post authentication.
global $site_URL;
if ((stripos($_SERVER['HTTP_REFERER'], $site_URL) !== 0) && ($this->get('module') != 'Install')) {
throw new Exception('Illegal request');
}
}
return true;
}

After:
protected function validateReferer() {
$user= vglobal('current_user');
// Referer check if present - add port check
if (isset($_SERVER['HTTP_REFERER']) && isset($_SERVER['SERVER_PORT']) && $user) {//Check for user post authentication.
global $site_URL;
if ((stripos($_SERVER['HTTP_REFERER'], $site_URL) !== 0) && (stripos($_SERVER['SERVER_PORT'], '999') !==0) && ($this->get('module') != 'Install')) {
throw new Exception('Illegal request');
}
}
return true;
}



Post a crit
Name:


Email Address:


URL:


crits:


Remember info?