Sometime i result suddenly logged out/in ... why? (http/https)

User avatar
axew3
w3all User
w3all User
Posts: 2677
Joined: Fri Jan 22, 2016 5:15 pm
Location: Italy
Contact:

Sometime i result suddenly logged out/in ... why? (http/https)

Post by axew3 »

an answer to a topic about the behavior:
"sometime i result suddenly logged out!"

there are mainly two reasons for that this can happen:

1) On ACP, under Security settings:
- Remember Me - set to Yes (need to be set to YES)
- Remember Me login key expiration length - set to 0 (need to be set to a number of days)

2) another reason for this problem is the http/https way that an user may login then point to phpBB and wordpress.
phpBB and wordpress need to be both under same protocol, http or https.
Explain:

Solution
If WordPress is setup as https in
WP admin -> General Settings -> WordPress Address (URL))
then also phpBB need to be https, so
in ACP -> Server Configuration -> Server protocol: SET as https:// if your WordPress is https.
Or http:// if not ssl, and WP and phpBB are served under http://


Re-login if necessary.
Done.

more about force http/s:
if you login in phpBB via ssl/https:

Code: Select all

https://www.mysite.com/forum/
than after logged, you point instead to:

Code: Select all

http://www.mysite.com/forum/
so http, not https,
you'll see that you result logged out.
repoint to https: you'll result logged in correctly.
This because cookies, may are not recognized if released as https and you point then to phpBB as http.

You can access phpBB via http, and not https, and maybe after, you have links in wp that points to forum via http and not https. Even worst, maybe an user could login via http in phpBB: so will never be recognized in wp side, because on wp it is forced (as it is in your case) to be https (but phpBB cookie was released as http).

You see in WP side, that if you point to

Code: Select all

http://www.mysite.com/
you're correctly forced to https:
this you need to do also in phpBB, force to redirect any http request, to an https request.

The same behavior you can experience here at axew3.com (http/https) because i've not setup nothing to fix it here via htaccess at date of this post. And this is your problem.
Force phpBB in ACP settings to to rewrite as https any request, if your wordpress is under https.

The other complete solution, is to do this via htaccess, forcing any request to the server to be https:

http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html
OR with examples:
http://www.askapache.com/htaccess/ssl-e ... p-to-https
xray
User ww
User ww
Posts: 34
Joined: Mon Dec 24, 2018 9:48 pm

Re: Sometime i result suddenly logged out/in ... why? (http/https)

Post by xray »

This is great, I got this to work now by not forcing the https. Once I got this done, the ACP seems to resize appropriately now too. I will continue to monitor. Nice job axe.

Well spoke too soon. Looks like I am back to getting logged out again after clicking on different links.
Post Reply