[ERROR] 403: Invalid Signature

[FuckingToasters]

Hello, i added valid smtp details, and sent a test mail, which worked as expted but then i noticed, that the option Use built in SMTP server was on and i were not sure, if it uses the smtp details set by me or another smtp servre so i disabled the option (because i want to use my smtp details) which then couldn't send mails anymore.

[FuckingToasters]

with the smtp opton enabled, i tried registering anohter account for testing, which results in following errror:

[lastsamurai26]

check the .env file -> the passwort doesn't have " " otherwise it doesn't work

"password" -> wrong
password -> right

[FuckingToasters]

check the .env file -> the passwort doesn't have " " otherwise it doesn't work

"password" -> wrong password -> right

it had indeed quotes around the password in the .env. i now removed them but sadly the issue is the same when sending test mail

[FuckingToasters]

@lastsamurai26 Hi, i now also installed matomo (where i can view details about site visitors etc.) to add this on the vbucksgenerator.zip site, i need to add some javascript code isnide html tags. where can i do that?

[lastsamurai26]

check the .env file -> the passwort doesn't have " " otherwise it doesn't work
"password" -> wrong password -> right

it had indeed quotes around the password in the .env. i now removed them but sadly the issue is the same when sending test mail

Please check the Mailserver settings or the logs can be found in storage/logs

@lastsamurai26 Hi, i now also installed matomo (where i can view details about site visitors etc.) to add this on the vbucksgenerator.zip site, i need to add some javascript code isnide html tags. where can i do that?

can be done via Advanced Config

[FuckingToasters]

check the .env file -> the passwort doesn't have " " otherwise it doesn't work
"password" -> wrong password -> right

it had indeed quotes around the password in the .env. i now removed them but sadly the issue is the same when sending test mail

Please check the Mailserver settings or the logs can be found in storage/logs

@lastsamurai26 Hi, i now also installed matomo (where i can view details about site visitors etc.) to add this on the vbucksgenerator.zip site, i need to add some javascript code isnide html tags. where can i do that?

can be done via Advanced Config

in logs folder is laravel.log but the issues inside that file were from earlier. there is no mail error log shown.

[FuckingToasters]

@lastsamurai26 when i use the inbuilt one and try to verify a account, i get this issue every single time. how can i solve this?

[FuckingToasters]

How i fixed the SMTP Error:

1. Updated Email deliver from stackzilla.vbucksgenerator.zip to stackzilla@vbucksgenetrator.zip
2. In Brevo.com added the vbucksgenerator.zip domain with their TXT Records

How i solved the 403: Invalid Signature:

1. I disabled the force all links to be https option (so that the verify link it sends uses http://
   

Note: While this is a working solution, it's not a good solution as user's Browsers might redirect it to https so for now i keep the issue open.

Regards,
FuckingToasters

[JulianPrieber]

Still can't reproduce. I set up a docker instance behind a reverse proxy with "Force links HTTPS" enabled.

[eugeneyaacobi]

I'm having the same issue it seems. It started about 3 or 4 days ago. Running in a docker container with Traefik as a reverse proxy. the traefik config is as follows:

      - 'traefik.http.routers.yr.entrypoints=https'
      - 'traefik.http.routers.yr.middlewares=head'
      - 'traefik.http.middlewares.head.headers.customrequestheaders.X-Forwarded-Proto=https'
      - "traefik.http.middlewares.head.headers.customResponseHeaders.X-Robots-Tag=none"
      - "traefik.http.middlewares.head.headers.customResponseHeaders.Strict-Transport-Security=max-age=63072000"
      - "traefik.http.middlewares.head.headers.stsSeconds=31536000"
      - "traefik.http.middlewares.head.headers.accesscontrolalloworiginlist=*"
      - 'traefik.http.routers.yr.tls=true'
      - 'traefik.http.routers.yr.tls.certresolver=letsencrypt'
      - 'traefik.http.services.yr.loadbalancer.server.port=80'  

Running latest docker container image and 4.3.1
Debug mode doesn't show anything helpful.

Is there anyway I can better debug CSRF or the Laravel session security to try and see why a 403 might be thrown.

[FuckingToasters]

I'm having the same issue it seems. It started about 3 or 4 days ago. Running in a docker container with Traefik as a reverse proxy. the traefik config is as follows:

      - 'traefik.http.routers.yr.entrypoints=https'
      - 'traefik.http.routers.yr.middlewares=head'
      - 'traefik.http.middlewares.head.headers.customrequestheaders.X-Forwarded-Proto=https'
      - "traefik.http.middlewares.head.headers.customResponseHeaders.X-Robots-Tag=none"
      - "traefik.http.middlewares.head.headers.customResponseHeaders.Strict-Transport-Security=max-age=63072000"
      - "traefik.http.middlewares.head.headers.stsSeconds=31536000"
      - "traefik.http.middlewares.head.headers.accesscontrolalloworiginlist=*"
      - 'traefik.http.routers.yr.tls=true'
      - 'traefik.http.routers.yr.tls.certresolver=letsencrypt'
      - 'traefik.http.services.yr.loadbalancer.server.port=80'  

Running latest docker container image and 4.3.1 Debug mode doesn't show anything helpful.

Is there anyway I can better debug CSRF or the Laravel session security to try and see why a 403 might be thrown.

The thing is that it send the https verify link when you have the https option enabled so disabling the option fixes the error but it also causes the unlimited loading error when adding a link if the option is disabled.

So to solve this the developers would need to make it so it send verification links which dont use https and for other website links use https.

[lastsamurai26]

In order for the verification to run with Traefik, a TCP route must be built.
We are currently in the process of fixing this problem.

[FuckingToasters]

In order for the verification to run with Traefik, a TCP route must be built. We are currently in the process of fixing this problem.

While @eugeneyaacobi seem to use traefik, i use nginx proxy manager yet we both have had the same issue, i completly reinstalled linkstack and reconfigured it and check if things work as epxcpted today by creating an test account.

[FuckingToasters]

In order for the verification to run with Traefik, a TCP route must be built. We are currently in the process of fixing this problem.

While @eugeneyaacobi seem to use traefik, i use nginx proxy manager yet we both have had the same issue, i completly reinstalled linkstack and reconfigured it and check if things work as epxcpted today by creating an test account.

I tested it with a test account after reinstalling, sadly the issue is being the same.

I assume changing the mail verify code to send http links even when force https is enabled while keeping everything esle https would solve this issue.

[FuckingToasters]

Issue Solved

I solved the issue by updating the nginx proxy host to use https scheme and port 443 (before i had it set to http and port 80)

Thanks for all the help i got here and in the discord server <3

Regards,
FuckingToasters