403 Forbidden when trying to do anything
ninjonxb opened this issue · 10 comments
I am working on a project for someone where from a rails application I will make posts to a wordpress blog.
She has given me an account on the website that can make posts but does not have full admin access.
I can do the following command without issue:
wp = Rubypress::Client.new(:host => "dulfy.net", :username => "blah", :password => "blah")
This works returning a rubypress client.
I am not doing @dulfy.net for the username
If I try to do
wp,getOptions
I get
"RuntimeError: HTTP-Error: 403 Forbidden"
Apparently she uses XMLRPC for something else and it is enabled and working.
I am not sure if there are other things she needs to do to allow me to post remotely or if I am doing something wrong.
Edit:
I just heard back. She uses a tool called "livewriter" which communicates through XMLRPC. She said that she remembers using all of the default settings.
I tried adding ":use_ssl => true" to the Client.new. After doing that when I do anything I get
"OpenSSL:SSL:SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"
It's almost definitely because you're not an admin user - can you try it once as an admin user to be sure?
Thanks for the reply.
I will see if she would allow that.
Do I need to be full admin where I can make changes to the website? I just want to be able to tell her exactly what I need.
Edit: All I need to do is be able to make posts. I was just doing getOptions since that is the simpler command but posting was failing with the same error.
Yes, I'm pretty sure you have to be an admin user to use the xmlrpc api. I can't find any reference to it in the docs but I've never run the tests with any other permission level...
I was just given admin access on the website.
I am still getting the same error though.
I can't figure out if there is a way I can test this easily from the command line to see if the issue lies with my permissions or something else. (not in rails c)
Open up IRB or the Rails console and start a client, see the README https://github.com/zachfeldman/rubypress
Doing that in the console (Mac) getting the same error: (tried with SSL and without)
2.1.2 :001 > wp = Rubypress::Client.new(:host => "dulfy.net", :username => "myusername", :password => "mypassword", :use_ssl => true)
=> #<Rubypress::Client:0x007fd226e40a48 @port=80, @ssl_port=443, @use_ssl=true, @host="dulfy.net", @path="/xmlrpc.php", @username="myusername", @password="mypassword", @default_post_fields=["post", "terms", "custom_fields"], @debug=false, @http_user=nil, @http_password=nil, @retry_timeouts=false, @cookie=nil>
2.1.2 :002 > wp.getOptions
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/net/http.rb:920:in `connect'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/net/http.rb:920:in `block in connect'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/timeout.rb:91:in `block in timeout'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/timeout.rb:101:in `call'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/timeout.rb:101:in `timeout'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/net/http.rb:920:in `connect'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/net/http.rb:863:in `do_start'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/net/http.rb:858:in `start'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:479:in `do_rpc'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:286:in `call2'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:267:in `call'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/rubypress-1.1.0/lib/rubypress/client.rb:69:in `execute'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/rubypress-1.1.0/lib/rubypress/options.rb:9:in `getOptions'
from (irb):2
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/console.rb:90:in `start'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/console.rb:9:in `start'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/commands_tasks.rb:69:in `console'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/commands_tasks.rb:40:in `run_command!'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands.rb:17:in `<top (required)>'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `require'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `block in require'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:232:in `load_dependency'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `require'
from /Users/jheckman/gitcheckouts/swtor_conquest/swtor_cartel/bin/rails:8:in `<top (required)>'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `load'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `block in load'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:232:in `load_dependency'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `load'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from -e:1:in `<main>'2.1.2 :003 > wp = Rubypress::Client.new(:host => "dulfy.net", :username => "myusername", :password => "mypassword")
=> #<Rubypress::Client:0x007fd226dfa3b8 @port=80, @ssl_port=443, @use_ssl=false, @host="dulfy.net", @path="/xmlrpc.php", @username="myusername", @password="mypassword", @default_post_fields=["post", "terms", "custom_fields"], @debug=false, @http_user=nil, @http_password=nil, @retry_timeouts=false, @cookie=nil>
2.1.2 :004 > wp.getOptions
RuntimeError: HTTP-Error: 403 Forbidden
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:493:in `do_rpc'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:286:in `call2'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:267:in `call'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/rubypress-1.1.0/lib/rubypress/client.rb:69:in `execute'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/rubypress-1.1.0/lib/rubypress/options.rb:9:in `getOptions'
from (irb):4
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/console.rb:90:in `start'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/console.rb:9:in `start'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/commands_tasks.rb:69:in `console'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/commands_tasks.rb:40:in `run_command!'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands.rb:17:in `<top (required)>'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `require'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `block in require'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:232:in `load_dependency'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `require'
from /Users/jheckman/gitcheckouts/swtor_conquest/swtor_cartel/bin/rails:8:in `<top (required)>'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `load'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `block in load'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:232:in `load_dependency'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `load'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
What happens when you don't use SSL?
the 403 error
2.1.2 :003 > wp = Rubypress::Client.new(:host => "dulfy.net", :username => "myusername", :password => "mypassword")
=> #<Rubypress::Client:0x007fd226dfa3b8 @port=80, @ssl_port=443, @use_ssl=false, @host="dulfy.net", @path="/xmlrpc.php", @username="myusername", @password="mypassword", @default_post_fields=["post", "terms", "custom_fields"], @debug=false, @http_user=nil, @http_password=nil, @retry_timeouts=false, @cookie=nil>
2.1.2 :004 > wp.getOptions
RuntimeError: HTTP-Error: 403 Forbidden
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:493:in `do_rpc'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:286:in `call2'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/xmlrpc/client.rb:267:in `call'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/rubypress-1.1.0/lib/rubypress/client.rb:69:in `execute'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/rubypress-1.1.0/lib/rubypress/options.rb:9:in `getOptions'
from (irb):4
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/console.rb:90:in `start'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/console.rb:9:in `start'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/commands_tasks.rb:69:in `console'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands/commands_tasks.rb:40:in `run_command!'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/railties-4.1.5/lib/rails/commands.rb:17:in `<top (required)>'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `require'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `block in require'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:232:in `load_dependency'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:247:in `require'
from /Users/jheckman/gitcheckouts/swtor_conquest/swtor_cartel/bin/rails:8:in `<top (required)>'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `load'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `block in load'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:232:in `load_dependency'
from /Users/jheckman/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.5/lib/active_support/dependencies.rb:241:in `load'
from /Users/jheckman/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
Looking online I saw something about disabling "mod_security's XMLRPC rule" for my user. I am not sure if that is something I need to ask her to do or not (or where it would be).
Yup, it might be a webhost problem. Can you contact the host?
http://www.thiswebhost.com/clients/knowledgebase.php?action=displayarticle&id=573
Either way, this doesn't seem to be an issue with the client itself, rather with your host
Am closing this issue for now as it doesn't seem to be a problem with the library itself.