Suddenly logging out of pages

Permalink
Hi - I have an issue where I can log in to C5 fine but on certain pages I'm logged out. I'm logging in as a super user so there shouldn't be any permissions problem. Basically there are certain pages that log me out completely of the edit area so I have to log back in. If I visit the page via the sitemap I can get into the page however. Has anyone come across this or can advise what to do?

chassa2556
View Replies: View Best Answer
Remo replied on at Permalink Reply
Remo
Yes, we've had that issue before. The reasons for that:

1. There's no BASE_URL, you're editing the site likehttp://site.com but when viewing the URL ishttp://www.site.com. Different URL different session.

2. Cache, try to disable (not just clear) the override cache and possibly all other caches too. Just for testing.
chassa2556 replied on at Permalink Reply
chassa2556
Thanks Remo - I don't think its the base_url as the URL isn't changing. Is there a way of setting this just in case?
Remo replied on at Permalink Reply
Remo
Sure, open config/site.php and insert this line:

define('BASE_URL', 'http://www.site.com');
gmatik replied on at Permalink Reply
gmatik
Hi. This happens to me when i'm anywhere in the dashboard and when i hit the "return to page" -button. Base url is ok, and i turned off the cache with no results. Any suggestions for what i should try next?
madesimplemedia replied on at Permalink Reply
madesimplemedia
I have a client who's reporting this with C5.7, she hits the back arrow to go back to the front end from the dashboard and then she is logged out.
madesimplemedia replied on at Permalink Reply
madesimplemedia
I have a client who's reporting this with C5.7, she hits the back arrow to go back to the front end from the dashboard and then she is logged out.
AndyJ replied on at Permalink Reply
hi - may not be the same thing but I recently had this happen with a client website that is hosted on a UK based shared hosting platform. The host was using cloudlinux/cpanel and had 'silently' installed unixy varnish which defaulted to on. After I realised what the issue was I was able to switch it off in the control panel.

Sounds like something is interfering with session stickiness, if you can't get to the bottom of it - check the headers that re being returned, ask your host if they've changed anything while you check everything else. You could also switch to db based sessions to test if the issue is filesystem based.
madesimplemedia replied on at Permalink Reply
madesimplemedia
Hi

Sorry only just seen this reply. If I log in using my customers login it's fine, it just seems to be her machine. If i had the issue you are talking about, would I notice it when editing the site on all devices, or just one?

How do I check the headers that are being returned?

Dave
bcptatpc replied on at Permalink Reply
Did you eventually sort this problem out?
I have the same issue, using version 5.7.5.9.
If I try on the PCs of my firm (all with Windows 10 Pro -and Norton Antivirus, if that matters) I login but I'm bounced out whenever I click anywhere. But if I login from my laptop everything works perfectly, so it's definitely NOt something about the server. Moreover, on my Windows PC I have the same effect using Chrome, Firefox and Microsoft Edge. What's the problem?
MrKDilkington replied on at Permalink Reply
MrKDilkington
@bcptatpc

"Moreover, on my Windows PC I have the same effect using Chrome, Firefox and Microsoft Edge. What's the problem?"

Are you referring to a Windows computer that is not at your firm? Does this computer also run Norton Antivirus?

What operating system does your laptop use? What browser do you use on the laptop?

Do any of these computers connect through a VPN or use network hardware that does filtering or proxying?
bcptatpc replied on at Permalink Reply
Hi MrK!
My laptop is a Mac (no Norton on it) and everything goes fine with all browsers (Safari, Chrome, Firefox), when connected with my office wi-fi.
I tried other Windows PCs from different locations outside my office and again everything is fine. It's only from the Windows PC in my office that I have problems. I really guess it's either the antivirus or the connection with some proxy (I don't know the technical details of our connection in the office, but I can retrieve all the info, if necessary). We never had problems with any other web application so far.
Remo replied on at Permalink Best Answer Reply
Remo
Did you check your log (/dashboard/reports/logs)?

If you have messages like this there: Session Invalidated. Session IP "188.62...." did not match provided IP "77.57....". you're having multiple IP addresses or someone else from a different computer with a different ISP is using the same user.
bcptatpc replied on at Permalink Reply
Bingo!
This is my problem! How can I fix it? Is there a way to make Concrete5 ignore the IP address check and only use cookies to check the session validity?
Thank you so much for the support!!
Remo replied on at Permalink Reply
Remo
You can set "concrete.security.session.invalidate_on_ip_mismatch" in your config file.
concrete.php and each . is a nested array
bcptatpc replied on at Permalink Reply
This works!!
Maybe not the safest workaround, but at least it works. :)
Thanks a lot, Remo!
primewaydesign replied on at Permalink Reply
primewaydesign
Hello Remo,

can you please give sample for how to use this?

Thanks
chassa2556 replied on at Permalink Reply
chassa2556
The problem for me was with 5.6 installs on Mac OS so not sure if this is for you. The issue was with pretty URL's. First off turn off pretty URL's and then try again. Once you've done the change turn them back on again.

If that doesn't work what I did was go to .htaccess and delete the pretty url code generated from there. This most definately works - sometimes even if you turn it off at the admin there's still some of the old code in the .htaccess
bcptatpc replied on at Permalink Reply
Hi Chassa,
actually my problem was just the proxy service, switching between 2 different IPs.
I fixed it by removing the control over the session IP: less safe, but it works.
Thansk a lot for your help