matomo-for-wordpress icon indicating copy to clipboard operation
matomo-for-wordpress copied to clipboard

Published 20 hours ago verified publisher icon matomo-org

403 forbidden error when trying to access the dashboard

Open tac-design opened this issue 4 years ago • 7 comments
trafficstars

Hello

When trying to access the dashboard from my WordPress website I see a 403 forbidden error. This seems to have started a couple of days ago. The widget on my WordPress dashboard is still visible but seems to suggest that data hasn't been captured since the issue began.

Tried on multiple browsers/configs and see the same result on all.

The site at https://SITENAME/wp-content/plugins/matomo/app/index.php?idSite=1 has experienced a network protocol violation that cannot be repaired.

The rest of the site is working correctly.

Have tried disabling the security plugin Wordfence but the issue persists.

Matomo

  • Matomo Plugin Version: 4.2.0
  • Config exists and is writable.: Yes ("$ABSPATH/wp-content/uploads/matomo/config/config.ini.php" )
  • JS Tracker exists and is writable.: Yes ("$ABSPATH/wp-content/uploads/matomo/matomo.js" )
  • Plugin directories: Yes ([{"pluginsPathAbsolute":"$ABSPATH/wp-content/plugins/matomo/plugins","webrootDirRelativeToMatomo":"../"}])
  • Tmp directory writable: Yes ($ABSPATH/wp-content/cache/matomo)
  • Matomo Version: 4.2.1
  • Matomo Blog idSite: 1
  • Matomo Install Version: 1.3.1 (Install date: 2020-10-28 07:52:46)
  • Upgrades outstanding: No
  • Upgrade in progress: No

Endpoints

  • Matomo JavaScript Tracker URL: ($site_url/wp-content/uploads/matomo/matomo.js)
  • Matomo JavaScript Tracker - WP Rest API: ($site_url/wp-json/matomo/v1/hit/)
  • Matomo HTTP Tracking API: ($site_url/wp-content/plugins/matomo/app/matomo.php)
  • Matomo HTTP Tracking API - WP Rest API: ($site_url/wp-json/matomo/v1/hit/)

Crons

  • Server time: 2021-04-02 07:38:43
  • Blog time: 2021-04-02 08:38:43 (Below dates are shown in blog timezone)
  • Sync users & sites: Next run: 2021-04-03 08:03:53 (23 hours 25 min) ( Last started: 2021-04-02 08:03:54 (-34 min 49s). Last ended: 2021-04-02 08:03:54 (-34 min 49s). Interval: daily)
  • Archive: Next run: 2021-04-02 09:03:53 (25 min 10s) ( Last started: 2021-04-02 08:03:54 (-34 min 49s). Last ended: 2021-04-02 08:03:55 (-34 min 48s). Interval: hourly)
  • Update GeoIP DB: Next run: 2021-05-02 08:03:53 (29 days 23 hours) ( Last started: 2021-04-02 08:03:55 (-34 min 48s). Last ended: 2021-04-02 08:03:56 (-34 min 47s). Interval: matomo_monthly)

Mandatory checks

  • PHP version >= : ok
  • PDO extension: ok
  • PDO\MYSQL extension: ok
  • MYSQLI extension: ok
  • Other required extensions: ok
  • Required functions: ok
  • Required PHP configuration (php.ini): ok
  • Directories with write access: ok
  • Directories with write access for Tag Manager: ok

Optional checks

  • Tracker status: ok
  • Memory limit: ok
  • Time zone: ok
  • Open URL: ok
  • PageSpeed disabled: ok
  • GD > 2.x + Freetype (graphics): ok
  • Other extensions: ok
  • Other functions: ok
  • Filesystem: ok
  • Last Successful Archiving Completion: ok
  • Database abilities: ok
  • Max Packet Size: ok
  • Geolocation: ok
  • Update over HTTPS: ok
  • Writable JavaScript Tracker ("/matomo.js"): ok
  • Supports Async Archiving: Yes
  • Location provider ID: geoip2php
  • Location provider available: Yes
  • Location provider working: Yes
  • Warning Proxy header: HTTP_X_REAL_IP (A proxy header is set which means you maybe need to configure a proxy header in the Advanced settings to make location reporting work. If the location in your reports is detected correctly, you can ignore this warning. Learn more: https://matomo.org/faq/wordpress/how-do-i-fix-the-proxy-header-warning-in-the-matomo-for-wordpress-system-report/)
  • Warning Proxy header: HTTP_X_FORWARDED_FOR (A proxy header is set which means you maybe need to configure a proxy header in the Advanced settings to make location reporting work. If the location in your reports is detected correctly, you can ignore this warning. Learn more: https://matomo.org/faq/wordpress/how-do-i-fix-the-proxy-header-warning-in-the-matomo-for-wordpress-system-report/)
  • Warning Proxy header: HTTP_CF_CONNECTING_IP (A proxy header is set which means you maybe need to configure a proxy header in the Advanced settings to make location reporting work. If the location in your reports is detected correctly, you can ignore this warning. Learn more: https://matomo.org/faq/wordpress/how-do-i-fix-the-proxy-header-warning-in-the-matomo-for-wordpress-system-report/)
  • Had visit in last 5 days: Yes

Matomo Settings

  • Track mode: default
  • Track codeposition: footer
  • Track api endpoint: default
  • Track js endpoint: default
  • Version history: 4.2.0, 4.1.3, 4.1.2, 4.1.1, 4.1.0
  • Core version: 4.2.1
  • Last tracking settings update: 1604082887
  • Last settings update: 1604760998
  • Show get started page: 0
  • Track content: visible
  • Track search: Yes
  • Track 404: Yes
  • Mail history: 2021-03-29 08:53:23, 2021-03-29 08:53:22, 2021-03-22 08:53:11

Logs

  • None:

WordPress

  • Home URL: $site_url
  • Site URL: $site_url
  • WordPress Version: 5.7
  • Number of blogs: 1
  • Multisite Enabled: No
  • Network Enabled: No
  • WP_DEBUG: No
  • WP_DEBUG_DISPLAY: Yes
  • WP_DEBUG_LOG: No
  • DISABLE_WP_CRON: -
  • FORCE_SSL_ADMIN: Yes
  • WP_CACHE: Yes
  • CONCATENATE_SCRIPTS: -
  • COMPRESS_SCRIPTS: -
  • COMPRESS_CSS: -
  • ENFORCE_GZIP: -
  • WP_LOCAL_DEV: -
  • DIEONDBERROR: -
  • WPLANG: -
  • ALTERNATE_WP_CRON: -
  • WP_CRON_LOCK_TIMEOUT: 60
  • WP_DISABLE_FATAL_ERROR_HANDLER: -
  • MATOMO_SUPPORT_ASYNC_ARCHIVING: -
  • MATOMO_TRIGGER_BROWSER_ARCHIVING: -
  • MATOMO_ENABLE_TAG_MANAGER: -
  • MATOMO_SUPPRESS_DB_ERRORS: -
  • MATOMO_ENABLE_AUTO_UPGRADE: -
  • MATOMO_DEBUG: -
  • MATOMO_SAFE_MODE: -
  • MATOMO_GLOBAL_UPLOAD_DIR: -
  • MATOMO_LOGIN_REDIRECT: -
  • Permalink Structure: /journal/%postname%/
  • Possibly uses symlink: No
  • Compatible content directory: Yes

WordPress Plugins

MU Plugins

  • ManageWP - Worker Loader:

Plugins

  • Autoptimize: 2.8.1
  • Category Editor: 3.8.3
  • Code Snippets: 2.14.1
  • Custom Product Tabs for WooCommerce: 1.7.7
  • Disable Comments: 2.1.0
  • Facebook for WooCommerce: 2.3.5
  • HTTP Headers: 1.18.1
  • Imagify: 1.9.14
  • Insert Headers and Footers: 1.5.0
  • Mailchimp for WooCommerce: 2.5.1
  • MailHawk: 1.0.15
  • MalCare Security - Free Malware Scanner, Protection & Security for WordPress: 4.53 (Network enabled)
  • ManageWP - Worker: 4.9.8 (Network enabled)
  • Matomo Analytics - Ethical Stats. Powerful Insights.: 4.2.0
  • Nested Pages: 3.1.13
  • Open Graph and Twitter Card Tags: 3.1.1
  • Perfmatters: 1.6.8
  • Product Feed PRO for WooCommerce: 9.9.2
  • Redirection: 5.0.1
  • Regenerate Thumbnails: 3.1.5
  • Size Chart for WooCommerce: 1.0.2
  • The SEO Framework: 4.1.3
  • Use Any Font: 6.0.5
  • WooCommerce: 5.1.0
  • WooCommerce Brands: 1.6.18
  • WooCommerce Google Analytics Integration: 1.5.1
  • WooCommerce PayPal Checkout Gateway: 2.1.1
  • WooCommerce Product SKU Generator: 2.4.5
  • Wordfence Security: 7.5.2 (Network enabled)
  • WP Rocket: 3.8.7
  • WP Sitemap Page: 1.6.4
  • Yet Another Related Posts Plugin (YARPP): 5.15.3
  • Active Plugins: 32 (worker autodescription autoptimize categorytinymce code-snippets disable-comments facebook-for-woocommerce http-headers imagify insert-headers-and-footers mailchimp-for-woocommerce mailhawk malcare-security matomo perfmatters redirection regenerate-thumbnails size-chart-for-woocommerce use-any-font wonderm00ns-simple-facebook-open-graph-tags woo-product-feed-pro woocommerce-brands woocommerce-gateway-paypal-express-checkout woocommerce-google-analytics-integration woocommerce-product-sku-generator woocommerce wordfence wp-nested-pages wp-rocket wp-sitemap-page yet-another-related-posts-plugin yikes-inc-easy-custom-woocommerce-product-tabs)
  • Theme: block-shop (block-shop)

Server

  • Server Info: Apache/2.4.25 (Debian)
  • PHP OS: Linux
  • PHP Version: 7.4.16
  • PHP SAPI: fpm-fcgi
  • PHP Binary Name: php-fpm7.4
  • PHP Error Reporting: 0 After bootstrap: 0
  • PHP Found Binary: php -q
  • Timezone: UTC
  • WP timezone: Europe/London
  • Locale: en_GB
  • User Locale: en_GB
  • Memory Limit: 512M (At least 128MB recommended. Depending on your traffic 256MB or more may be needed.)
  • WP Memory Limit: 40M
  • WP Max Memory Limit: 512M
  • Timezone version: 0.system
  • Time: 1617349123
  • Max Execution Time: 60
  • Max Post Size: 10M
  • Max Upload Size: 10485760
  • Max Input Vars: 2500
  • Disabled PHP functions: Yes (pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,)
  • zlib.output_compression is off: Yes
  • Curl Version: 7.52.1, OpenSSL/1.0.2u
  • Suhosin installed: No

Database

  • MySQL Version: 5.6.51
  • Mysqli Connect: Yes
  • Force MySQL over Mysqli: No
  • DB Prefix: wp_
  • DB CHARSET: utf8
  • DB COLLATE:
  • SHOW ERRORS: No
  • SUPPRESS ERRORS: No
  • Uses Socket: No
  • Uses IPv6: No
  • Matomo tables found: 116
  • Matomo users found: 2
  • Matomo sites found: 1
  • Required permissions: OK

Browser

  • Browser: (Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.105 Safari/537.36)
  • Language: en-gb,en-us,en

tac-design avatar Apr 02 '21 07:04 tac-design

Hi @tac-design I've tried to reproduce this with a similar setup but couldn't reproduce it so far. Any chance you can try to access this from a different device to see if the same issue happens there too? For example on a phone or so?

Does it maybe help to try what they suggest in https://ostechnix.com/how-to-fix-network-protocol-error-on-mozilla-firefox/ ? In https://support.mozilla.org/en-US/questions/1248469 they suggest Norton might play up and it needs to be marked as a safe website. Not sure if you're using that software maybe?

If not, maybe you could create a user for us by adding [email protected] with a Matomo Super User role if that's possible? We would be only able to see the Matomo part in your WordPress and nothing else.

tsteur avatar Apr 05 '21 23:04 tsteur

Hello. Thanks for getting back to me.

I've tried this on a couple of different browsers, both Firefox and Brave, and devices, OS X and iOS, and the result is the same. I'm not using Norton.

I've created an account for you with the requested access. Please let me know if you need anything else. Thanks!

tac-design avatar Apr 06 '21 05:04 tac-design

Hi @tac-design thanks for this. I just replied by email to the invite and I hope you'll receive my email (it goes to sales)

tsteur avatar Apr 06 '21 21:04 tsteur

Hi @tsteur. I hope you have everything you need to investigate the issue. Please let me know if I can provide anything else.

tac-design avatar Apr 12 '21 16:04 tac-design

@tac-design thanks for this. I just replied and wondering if it's maybe related to cloudflare.

tsteur avatar Apr 12 '21 22:04 tsteur

I had same kind of problem, due to Referrer-Policy tag Could you check it with https://securityheaders.com/

viba1 avatar Jun 06 '21 09:06 viba1

Hi @tac-design @viba1

Do you still encounter this issue with our latest plugin release?

Kind regards

Mat

mattmary avatar Sep 13 '22 01:09 mattmary

Hello @tac-design @viba1

Without any answer, I'll close this issue. Feel free to open a new one if you still need support. Kind regards

Mat

mattmary avatar Nov 18 '22 02:11 mattmary