Suddenly logging out of pages
Permalink
Hi - I have an issue where I can log in to C5 fine but on certain pages I'm logged out. I'm logging in as a super user so there shouldn't be any permissions problem. Basically there are certain pages that log me out completely of the edit area so I have to log back in. If I visit the page via the sitemap I can get into the page however. Has anyone come across this or can advise what to do?
Thanks Remo - I don't think its the base_url as the URL isn't changing. Is there a way of setting this just in case?
Hi. This happens to me when i'm anywhere in the dashboard and when i hit the "return to page" -button. Base url is ok, and i turned off the cache with no results. Any suggestions for what i should try next?
I have a client who's reporting this with C5.7, she hits the back arrow to go back to the front end from the dashboard and then she is logged out.
I have a client who's reporting this with C5.7, she hits the back arrow to go back to the front end from the dashboard and then she is logged out.
hi - may not be the same thing but I recently had this happen with a client website that is hosted on a UK based shared hosting platform. The host was using cloudlinux/cpanel and had 'silently' installed unixy varnish which defaulted to on. After I realised what the issue was I was able to switch it off in the control panel.
Sounds like something is interfering with session stickiness, if you can't get to the bottom of it - check the headers that re being returned, ask your host if they've changed anything while you check everything else. You could also switch to db based sessions to test if the issue is filesystem based.
Sounds like something is interfering with session stickiness, if you can't get to the bottom of it - check the headers that re being returned, ask your host if they've changed anything while you check everything else. You could also switch to db based sessions to test if the issue is filesystem based.
Hi
Sorry only just seen this reply. If I log in using my customers login it's fine, it just seems to be her machine. If i had the issue you are talking about, would I notice it when editing the site on all devices, or just one?
How do I check the headers that are being returned?
Dave
Sorry only just seen this reply. If I log in using my customers login it's fine, it just seems to be her machine. If i had the issue you are talking about, would I notice it when editing the site on all devices, or just one?
How do I check the headers that are being returned?
Dave
Did you eventually sort this problem out?
I have the same issue, using version 5.7.5.9.
If I try on the PCs of my firm (all with Windows 10 Pro -and Norton Antivirus, if that matters) I login but I'm bounced out whenever I click anywhere. But if I login from my laptop everything works perfectly, so it's definitely NOt something about the server. Moreover, on my Windows PC I have the same effect using Chrome, Firefox and Microsoft Edge. What's the problem?
I have the same issue, using version 5.7.5.9.
If I try on the PCs of my firm (all with Windows 10 Pro -and Norton Antivirus, if that matters) I login but I'm bounced out whenever I click anywhere. But if I login from my laptop everything works perfectly, so it's definitely NOt something about the server. Moreover, on my Windows PC I have the same effect using Chrome, Firefox and Microsoft Edge. What's the problem?
@bcptatpc
"Moreover, on my Windows PC I have the same effect using Chrome, Firefox and Microsoft Edge. What's the problem?"
Are you referring to a Windows computer that is not at your firm? Does this computer also run Norton Antivirus?
What operating system does your laptop use? What browser do you use on the laptop?
Do any of these computers connect through a VPN or use network hardware that does filtering or proxying?
"Moreover, on my Windows PC I have the same effect using Chrome, Firefox and Microsoft Edge. What's the problem?"
Are you referring to a Windows computer that is not at your firm? Does this computer also run Norton Antivirus?
What operating system does your laptop use? What browser do you use on the laptop?
Do any of these computers connect through a VPN or use network hardware that does filtering or proxying?
Hi MrK!
My laptop is a Mac (no Norton on it) and everything goes fine with all browsers (Safari, Chrome, Firefox), when connected with my office wi-fi.
I tried other Windows PCs from different locations outside my office and again everything is fine. It's only from the Windows PC in my office that I have problems. I really guess it's either the antivirus or the connection with some proxy (I don't know the technical details of our connection in the office, but I can retrieve all the info, if necessary). We never had problems with any other web application so far.
My laptop is a Mac (no Norton on it) and everything goes fine with all browsers (Safari, Chrome, Firefox), when connected with my office wi-fi.
I tried other Windows PCs from different locations outside my office and again everything is fine. It's only from the Windows PC in my office that I have problems. I really guess it's either the antivirus or the connection with some proxy (I don't know the technical details of our connection in the office, but I can retrieve all the info, if necessary). We never had problems with any other web application so far.
Did you check your log (/dashboard/reports/logs)?
If you have messages like this there: Session Invalidated. Session IP "188.62...." did not match provided IP "77.57....". you're having multiple IP addresses or someone else from a different computer with a different ISP is using the same user.
If you have messages like this there: Session Invalidated. Session IP "188.62...." did not match provided IP "77.57....". you're having multiple IP addresses or someone else from a different computer with a different ISP is using the same user.
Bingo!
This is my problem! How can I fix it? Is there a way to make Concrete5 ignore the IP address check and only use cookies to check the session validity?
Thank you so much for the support!!
This is my problem! How can I fix it? Is there a way to make Concrete5 ignore the IP address check and only use cookies to check the session validity?
Thank you so much for the support!!
You can set "concrete.security.session.invalidate_on_ip_mismatch" in your config file.
concrete.php and each . is a nested array
concrete.php and each . is a nested array
This works!!
Maybe not the safest workaround, but at least it works. :)
Thanks a lot, Remo!
Maybe not the safest workaround, but at least it works. :)
Thanks a lot, Remo!
Hello Remo,
can you please give sample for how to use this?
Thanks
can you please give sample for how to use this?
Thanks
The problem for me was with 5.6 installs on Mac OS so not sure if this is for you. The issue was with pretty URL's. First off turn off pretty URL's and then try again. Once you've done the change turn them back on again.
If that doesn't work what I did was go to .htaccess and delete the pretty url code generated from there. This most definately works - sometimes even if you turn it off at the admin there's still some of the old code in the .htaccess
If that doesn't work what I did was go to .htaccess and delete the pretty url code generated from there. This most definately works - sometimes even if you turn it off at the admin there's still some of the old code in the .htaccess
Hi Chassa,
actually my problem was just the proxy service, switching between 2 different IPs.
I fixed it by removing the control over the session IP: less safe, but it works.
Thansk a lot for your help
actually my problem was just the proxy service, switching between 2 different IPs.
I fixed it by removing the control over the session IP: less safe, but it works.
Thansk a lot for your help
1. There's no BASE_URL, you're editing the site likehttp://site.com but when viewing the URL ishttp://www.site.com. Different URL different session.
2. Cache, try to disable (not just clear) the override cache and possibly all other caches too. Just for testing.