Get error API DirectAdmin : Security Error: No valid session key

Post Reply
robertg
Junior Member
Posts: 2
Joined: 01 Jul 2020, 08:20

Get error API DirectAdmin : Security Error: No valid session key

Post by robertg »

Since the new versions of DirectAdmin we have problems with using the API for CSF. T We didn't change our scripts and it works for years well.

Debugging DirectAdmin I see the next message:

/CMD_PLUGINS_ADMIN/csf/index.raw
Command::doCommand(/CMD_PLUGINS_ADMIN/csf/index.raw)
Sessions::touch:Command::doCommand:/CMD_PLUGINS_ADMIN/csf/index.raw): no sesssion filename is set.
Command::doCommand(/CMD_PLUGINS_ADMIN/csf/index.raw) : finished
Command::run: finished /CMD_PLUGINS_ADMIN/csf/index.raw

The error that our API script gets back is : Security Error: No valid session key (error of CSF)

I can't find a solution.

I contacted the helpdesk of DirectAdmin already but send me to this forum.

What is the problem and a solution or is it a bug?
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by ForumAdmin »

That means that there is a discrepancy found with the DA session file. If you look in /usr/local/directadmin/plugins/csf/exec/da_csf.cgi for the error you can see that it checks that the key in the session file matches the SESSION_KEY, it checks that the IP in the session file matches REMOTE_ADDR. If either of those are different it fails. It might be possible you would see an issue if you are connecting using an IPv6 instead of an IPv4 IP, but other than that I've no idea why it wouldn't match for your session, we are unable to recreate any issues.

If you are using IPv6 to access csf in DA it would narrow down the possible issue.
robertg
Junior Member
Posts: 2
Joined: 01 Jul 2020, 08:20

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by robertg »

Thank you for the answer. Older versions of CSF haven't this problem. I tested it with the lastest DA and an earlier version of CSF.

I found the next

if (($session{key} eq "") or ($session{ip} eq "") or ($session{ip} ne $ENV{REMOTE_ADDR}) or ($session{key} ne $ENV{SESSION_KEY})) {
print "Security Error: No valid session key";
exit;
}

After deleting this part, it is working again. That is not really the solution because we are running many servers with the same issue.
I am not using IPv6.

How can be there a discrepancy with the DA session file? I don't see the solution yet.
samcuran
Junior Member
Posts: 1
Joined: 13 Jul 2020, 06:35

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by samcuran »

Hi, whether direct admin is similar to cpanel? because i had issue on using API for CSF. Whether i need to check my session file?
and how do i manage discrepancies? acnl hair guide
Last edited by samcuran on 27 Jul 2020, 18:13, edited 1 time in total.
mahmutcanyar
Junior Member
Posts: 3
Joined: 15 Jul 2020, 12:12

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by mahmutcanyar »

Yes, I had the same problem, when we connect with the API, it cannot see the session.

I also fixed the problem in the same way, but when the update comes, it may still be broken. It is not a definitive solution. Who needs to communicate this situation in order to avoid this problem again when the update comes?
robertg wrote: 01 Jul 2020, 10:57 Thank you for the answer. Older versions of CSF haven't this problem. I tested it with the lastest DA and an earlier version of CSF.

I found the next

if (($session{key} eq "") or ($session{ip} eq "") or ($session{ip} ne $ENV{REMOTE_ADDR}) or ($session{key} ne $ENV{SESSION_KEY})) {
print "Security Error: No valid session key";
exit;
}

After deleting this part, it is working again. That is not really the solution because we are running many servers with the same issue.
I am not using IPv6.

How can be there a discrepancy with the DA session file? I don't see the solution yet.
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by ForumAdmin »

If you can provide root access to a server with this specific issue, please log a ticket on our helpdesk so that we can investigate as we are unable to recreate the problem:
https://support.configserver.com
mahmutcanyar
Junior Member
Posts: 3
Joined: 15 Jul 2020, 12:12

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by mahmutcanyar »

I changed the lines as below. File: /usr/local/directadmin/plugins/csf/exec/da_csf.cgi
if (($session{key} eq "") or ($session{ip} eq "") or ($session{ip} ne $ENV{REMOTE_ADDR}) or ($session{key} ne $ENV{SESSION_KEY})) {
&loginfail("Security Error: No valid session key".$session{ip}."===".$ENV{REMOTE_ADDR}."====".$ENV{SESSION_ID});
exit;
}

I displayed the following error.
File: /var/lib/csf/da1596794374.error

To disable DirectAdmin session checks, create a touch file called /var/lib/csf/csf.da.skip

Security Error: No valid session key===156.34.23.101====

Session ID = []
Session File [/usr/local/directadmin/data/sessions/da_sess_]...does not exist




my note: Because the information on the server is valuable, I cannot provide server login information.
gyovaniyunita78
Junior Member
Posts: 1
Joined: 18 Sep 2020, 09:56

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by gyovaniyunita78 »

Hi, whether direct admin is similar to cpanel? because i had issue on using API for CSF. Whether i need to check my session file?
and how do i manage discrepancies? same questions with me acnl hair guide
mahmutcanyar
Junior Member
Posts: 3
Joined: 15 Jul 2020, 12:12

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by mahmutcanyar »

To disable DirectAdmin session checks, create a touch file called /var/lib/csf/csf.da.skip

Create the file as above, the problem is solved.
Black Tiger
Junior Member
Posts: 73
Joined: 17 Feb 2009, 14:14
Contact:

Re: Get error API DirectAdmin : Security Error: No valid session key

Post by Black Tiger »

That is not a solution, that's a workaround.
I don't have this issue with DA and Firefox, but the error does occur with DA and Chrome it seems.
Post Reply