Page 1 of 2
Users sometimes logout suddenly
Posted: Mon Jan 11, 2021 9:07 am
by zawin
Hello,
I'm using your wp3all plugin in the webpage svetelektro.com, which have 20 000 registered users. Some users reported me, that are sometimes suddenly logout from the webpage, especially in cases when they opened more forum iframe links from the homepage.
Could you recommend me, what can I check to prevent doing this? Is there some possibility to logging why user logout?
Thank you
Re: Users sometimes logout suddenly
Posted: Mon Jan 11, 2021 2:12 pm
by axew3
Yes i will focus to iframe v6 code in these days, and in short new code will be released,
but at moment i think it is not your real problem.
It is assumed that may they login with remember me option, if they login, so what kind of setting have you into phpBB where:
under security setting:
Allow "Remember Me" logins: YES (this you already did maybe)
and
"Remember Me" login key expiration length (in days):
set to 365 (maybe)
beside this,
sure that when they redirect, they not fall into an http/https switch, like the one described here?
viewtopic.php?f=2&t=563
substantially you'll have to force your site to be https even if a request is for http (or the contrary, depend if wp is under https).
Setup and force phpBB to be always under http or https like wordpress is
Re: Users sometimes logout suddenly
Posted: Tue Feb 02, 2021 7:49 am
by zawin
Hello,
everything is set as you mentioned, but the webpage still sometimes logout me or other users. Could you help me, how to debug this behavior? Where can I put some debug logging to better understand the root cause?
Thank you
Re: Users sometimes logout suddenly
Posted: Tue Feb 02, 2021 7:57 am
by axew3
Re: Users sometimes logout suddenly
Posted: Tue Feb 02, 2021 8:01 am
by zawin
My webpage svetelektro.com is completely under https - forum and wordpress and secure cookie is enabled.
Re: Users sometimes logout suddenly
Posted: Tue Feb 02, 2021 8:10 am
by axew3
so what's the setup of the remember me option in phpBB ACP?
under Security settings
Allow "Remember Me" logins: (set to Yes)
"Remember Me" login key expiration length (in days): (set as, maybe 365)
Are you sure that your server rewrite all requests to be https and the problem isn't really the fact that someone fall into http, after he logged as https, then have an https cookie that is not recognized under http, may due to some link you go to click, and which point to an http url?
p.s have you setup the integration plugin url setting to be https?
it is assumed yes, just resuming possible causes