Troubleshoot Redirect Loops
Problem
SupportPal is stuck in a redirect loop.Possible Cause(s)
-
mod_security is running on your server and falsely detecting the AES encrypted SupportPal session cookie
as a threat
Jump to Resolution -
The
Enable SSLsetting has been enabled in SupportPal butHTTPS(port 443) is not configured in your web server.
Jump to Resolution
Disable mod_security Rules
The rules used in mod_security are very generic in nature, this can subsequently lead to false positives. In versions prior to RC1 of CRS 3.0, the redirect is default behaviour when a rule has been violated. From CRS 3.0 RC1 onwards the default behaviour was changed to a 403 Forbidden status specifically because it was causing redirect loops. The mod_security team are also aware of cookies causing false positives and are looking for a a fix.
We recommend that you upgrade to the latest version of CRS 3.0 and if you're still experiencing issues
implement exceptions
. For example, the below exception will bypass a given rule if a cookie named supportpal is present:
SecRuleUpdateTargetById <rule_number> !REQUEST_COOKIES:supportpal
Please replace <rule_number> with the number that is triggering a false positive.
Disable SSL
See Manually Disabling SSL Mode for information on how to regain access to SupportPal.