Jump to content
thirty bees forum
  • 0

logged out


geofrey

Question

6 answers to this question

Recommended Posts

  • 0
1 hour ago, datakick said:

This is common problem for those that use cloudflare.

It's not only cloudflare or other CDN's, but I do not know the reason for the issue. In the past I never have been logged out automatically, but after I changed the server (same hosting, just service upgrade) I faced the same problem of being logged out automatically and I do not use any CDN.

As the problem was solved with disabling the cookie check I have never searched for the real reason, but if somebody might have some idea it would not be bad to know the reason.

Link to comment
Share on other sites

  • 0
5 minutes ago, undecided said:

It's not only cloudflare or other CDN's, but I do not know the reason for the issue. In the past I never have been logged out automatically, but after I changed the server (same hosting, just service upgrade) I faced the same problem of being logged out automatically and I do not use any CDN.

As the problem was solved with disabling the cookie check I have never searched for the real reason, but if somebody might have some idea it would not be bad to know the reason.

This problem happens when there are proxy servers in front of your store. These proxy servers usually act as a cache or a load balancer. 

When your visitors visit your server, the browser would send request to the proxy server. If proxy can't handle the request itself (usually because it's for dynamic php file), it will make it's own request to your php server. From the perspective of your php server the client IP address is address of proxy server, not IP address of actual visitor (request come from proxy server, not from browser).

Now, as long as there is only one proxy server everything works fine, because the IP address of the client remains the same. However, if there are multiple, load balanced, proxy servers in front of your store, then each request to your php server can actually come from different proxy server with different IP address, and cookie the security enabled by 'Check the cookie's IP address' will take place. Thirtybees will block such requests, and that's correct behaviour.

 

 

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...