Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Apache strips out custom header

Discussion in 'General Discussion' started by Jr Sarath, Mar 21, 2018.

  1. Jr Sarath

    Jr Sarath Member

    Joined:
    Oct 13, 2017
    Messages:
    21
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    i have a wordpress site on our server which tries to communicate with a client thru REST APi
    i'm using a JWT authentication plugin for Wordpress along with WP-REST API

    so the problem is i have to add this lines to pass a custom headers to the plugin for a tokenverfication..

    Code:
    [INDENT]RewriteCond %{HTTP:Authorization} ^(.*)
    RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1][/INDENT]
    
    but when i tried to debug, then i got no such header Named Authorization in the Ajax request i made to the script/plugin.

    i used jquery and the following code to perform the ajax

    Code:
    $.ajax({
            type: "POST",
            url: "URLHIDDEN",
            headers: {
                'Authorization': DATA,
            },
            success: function (response) {
                console.log(response);
            }, error: function(e){
                console.log(e);
            }
        });
    In the browser debugging tool it showed that header named "Authorization" do exist..
    But at the server side i got nothing named "Authorization"..
    used php code
    PHP:
    getallheaders();
    to fetch headers..

    So which stands for either apache is striping out the Headers or any other issue, kindly guide me

    SERVER CONFIG

    cPanel : 68
    PHP : 7.1 with CGI
    Apache : mod_mpm_event + mod_cgid + mod_suexec

    Please feel free to ask if need any other info.
    thanks
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Using CGI with Mod_Suexec can lead to stripped headers like you have described. Can you try switching to a different handler (e.g. suPHP) to verify if the issue persists? Additionally, you may need to add an entry like this in the .htaccess file:

    Code:
    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Jr Sarath

    Jr Sarath Member

    Joined:
    Oct 13, 2017
    Messages:
    21
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    its a production server with over 500 accounts..
    kindly let me know more about suPHP handler.. docs link will be perfect and if you then some brief pros and cons
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Jr Sarath

    Jr Sarath Member

    Joined:
    Oct 13, 2017
    Messages:
    21
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Well that a nice clever solution..
    thanks for the help
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice