Sometime i result suddenly logged out/in ... why? (http/https)

Post a reply

This question is a means of preventing automated form submissions by spambots.
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review

If you wish to attach one or more files enter the details below.

Expand view Topic review: Sometime i result suddenly logged out/in ... why? (http/https)

Re: Sometime i result suddenly logged out/in ... why? (http/https)

by xray » Fri Jan 04, 2019 8:21 am

This is great, I got this to work now by not forcing the https. Once I got this done, the ACP seems to resize appropriately now too. I will continue to monitor. Nice job axe.

Well spoke too soon. Looks like I am back to getting logged out again after clicking on different links.

Sometime i result suddenly logged out/in ... why? (http/https)

by axew3 » Mon Jul 17, 2017 9:05 pm

an answer to a topic about the behavior:
"sometime i result suddenly logged out!"

there are mainly two reasons for that this can happen:

1) On ACP, under Security settings:
- Remember Me - set to Yes (need to be set to YES)
- Remember Me login key expiration length - set to 0 (need to be set to a number of days)

2) another reason for this problem is the http/https way that an user may login then point to phpBB and wordpress.
phpBB and wordpress need to be both under same protocol, http or https.

If WordPress is setup as https in
WP admin -> General Settings -> WordPress Address (URL))
then also phpBB need to be https, so
in ACP -> Server Configuration -> Server protocol: SET as https:// if your WordPress is https.
Or http:// if not ssl, and WP and phpBB are served under http://

Re-login if necessary.

more about force http/s:
if you login in phpBB via ssl/https:

Code: Select all
than after logged, you point instead to:

Code: Select all
so http, not https,
you'll see that you result logged out.
repoint to https: you'll result logged in correctly.
This because cookies, may are not recognized if released as https and you point then to phpBB as http.

You can access phpBB via http, and not https, and maybe after, you have links in wp that points to forum via http and not https. Even worst, maybe an user could login via http in phpBB: so will never be recognized in wp side, because on wp it is forced (as it is in your case) to be https (but phpBB cookie was released as http).

You see in WP side, that if you point to

Code: Select all
you're correctly forced to https:
this you need to do also in phpBB, force to redirect any http request, to an https request.

The same behavior you can experience here at (http/https) because i've not setup nothing to fix it here via htaccess at date of this post. And this is your problem.
Force phpBB in ACP settings to to rewrite as https any request, if your wordpress is under https.

The other complete solution, is to do this via htaccess, forcing any request to the server to be https:
OR with examples: ... p-to-https