403 Access denied when using https and CB Login

I see, you'll need to edit your CB Login modules and set them to force HTTPS. This should allow the IF check to pass and prevent the 403.

Hi and thanks again for getting back to me.

I've made the change to the CB Login module so that it's now set to "use HTTPS (encrypted) for login and after login" but there's no change... I still get the 403.

In your last post you said...

"edit your CB Login modules and set them to force HTTPS"

I might be missing something here, but I've only got one CB Login module - singular, but you appear to be mentioning multiple CB modules.

if there are others that have HTTPS options, could you please let me now which ones, as I've looked at the current published CB modules and there doesn't appear to be any HTTPS options with those.

Thanks

Dave

I've just also noticed that if I click on the "Forgot Login" hyperlink under the login button of the CB Login form... that too is getting a 403!

Could it be a folders permission on the server do you think?

Strange.

Okay, just spotted the potential problem here.

My site is in a directory off of the main root, so the URL is in the following format:-

mainwebsite.com/mynewsite/index.php

When trying to login via the CB Login module, the URL of the 403 error page is:-

mainwebsite.com/mynewsite/mynewsite/index.php/component/comprofiler/login

So it's added an extra "mynewsite" directory level, so obviously the rest of the URL after this isn't going to exist... right?

I've now gone back into the CB Login Module and tried all of the following in the "Login Redirection URL" field, but with change in the resulting 403 error.

I've tried:-

1. Leaving the field blank to try and get it to simply stay on the initial page
2. Entering the FULL HTTPS URL to the comprofiler page
3. Using ./index.php/component/comprofiler/login
4. Using ../index.php/component/comprofiler/login

Is there another setting somewhere that you know of that could be adding the extra 'sub-site' directory level?

Dave

Further update...

I've now used the default Joomla login module to log myself into the site and gain access to the GroupJive pages that I want.

And I've noticed that all links that go to any CB page, add the extra sub-site level, whereas any link that goes to a non-CB page (such as normal menu links to content pages) are fine.

Seems likely that something/setting to do with my Community Builder installation is set to add this extra level to all links.

Probably something I did on installation, but I don't know where to look to fix it

Obviously any pointers would be gratefully received.

Dave

CB doesn't add anything like that to the URLs. It simply adds Joomlas live_site, which should be '' (blank) in configuration.php so Joomla can auto construct it. You appear to be using SEF though and if you're using a 3rd party SEF extension it could just be a broken URL rewrite. Disable all SEF and see if your issue persists.

I've now gone back into the CB Login Module and tried all of the following in the "Login Redirection URL" field, but with change in the resulting 403 error.

Login redirects should never be SEF. Always supply URL parameters as raw non-SEF URLs. Example as follows.

index.php?option=com_comprofiler