Sometime i result suddenly logged out/in ... why? (http/https)
Posted: Mon Jul 17, 2017 9:05 pm
an answer to a topic about the behavior:
"sometime i result suddenly logged out!"
there are mainly two reasons for that this can happen:
1) On ACP, under Security settings:
- Remember Me - set to Yes (need to be set to YES)
- Remember Me login key expiration length - set to 0 (need to be set to a number of days)
2) another reason for this problem is the http/https way that an user may login then point to phpBB and wordpress.
phpBB and wordpress need to be both under same protocol, http or https.
Explain:
Solution
If WordPress is setup as https in
WP admin -> General Settings -> WordPress Address (URL))
then also phpBB need to be https, so
in ACP -> Server Configuration -> Server protocol: SET as https:// if your WordPress is https.
Or http:// if not ssl, and WP and phpBB are served under http://
Re-login if necessary.
Done.
more about force http/s:
if you login in phpBB via ssl/https:
than after logged, you point instead to:
so http, not https,
you'll see that you result logged out.
repoint to https: you'll result logged in correctly.
This because cookies, may are not recognized if released as https and you point then to phpBB as http.
You can access phpBB via http, and not https, and maybe after, you have links in wp that points to forum via http and not https. Even worst, maybe an user could login via http in phpBB: so will never be recognized in wp side, because on wp it is forced (as it is in your case) to be https (but phpBB cookie was released as http).
You see in WP side, that if you point to
you're correctly forced to https:
this you need to do also in phpBB, force to redirect any http request, to an https request.
The same behavior you can experience here at axew3.com (http/https) because i've not setup nothing to fix it here via htaccess at date of this post. And this is your problem.
Force phpBB in ACP settings to to rewrite as https any request, if your wordpress is under https.
The other complete solution, is to do this via htaccess, forcing any request to the server to be https:
http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html
OR with examples:
http://www.askapache.com/htaccess/ssl-e ... p-to-https
"sometime i result suddenly logged out!"
there are mainly two reasons for that this can happen:
1) On ACP, under Security settings:
- Remember Me - set to Yes (need to be set to YES)
- Remember Me login key expiration length - set to 0 (need to be set to a number of days)
2) another reason for this problem is the http/https way that an user may login then point to phpBB and wordpress.
phpBB and wordpress need to be both under same protocol, http or https.
Explain:
Solution
If WordPress is setup as https in
WP admin -> General Settings -> WordPress Address (URL))
then also phpBB need to be https, so
in ACP -> Server Configuration -> Server protocol: SET as https:// if your WordPress is https.
Or http:// if not ssl, and WP and phpBB are served under http://
Re-login if necessary.
Done.
more about force http/s:
if you login in phpBB via ssl/https:
Code: Select all
https://www.mysite.com/forum/
Code: Select all
http://www.mysite.com/forum/
you'll see that you result logged out.
repoint to https: you'll result logged in correctly.
This because cookies, may are not recognized if released as https and you point then to phpBB as http.
You can access phpBB via http, and not https, and maybe after, you have links in wp that points to forum via http and not https. Even worst, maybe an user could login via http in phpBB: so will never be recognized in wp side, because on wp it is forced (as it is in your case) to be https (but phpBB cookie was released as http).
You see in WP side, that if you point to
Code: Select all
http://www.mysite.com/
this you need to do also in phpBB, force to redirect any http request, to an https request.
The same behavior you can experience here at axew3.com (http/https) because i've not setup nothing to fix it here via htaccess at date of this post. And this is your problem.
Force phpBB in ACP settings to to rewrite as https any request, if your wordpress is under https.
The other complete solution, is to do this via htaccess, forcing any request to the server to be https:
http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html
OR with examples:
http://www.askapache.com/htaccess/ssl-e ... p-to-https