MyBB Community Forums

Full Version: solved: cookies not setting after ssl activation
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello,

I stumbled into a huge log-in problem.

Description of the issue:
When wanting to log-in it tells me that I logged-in succesfully but right after being redirected automatically to the page where I came from it tell's me that I'm not logged in. When I look at the cookies currently being used it tell's me there are none in use. If I try my other self made login system on another webpage it also doesn't set the temp session cookie. 
So this tells me that the problem is caused on my domain level then rather an internal mybb issue.
All the problems started after using varnishcashe and SSL.

Description of the things I tried to fix this issue:
I searched hours on the web without finding any solution. I tried to edit the settings.php file as described here: https://community.mybb.com/thread-126359.html. but it didn't offer any help to me.
I guess there might be a solution laying in the .htaccess file but not sure of and having very little knowledge of that.

Kind regards,
Zyra
log in with https:// in front of your domain. and cookie secure on

Or watch my Threads.
First of al thanks for the awesomely fast reply Smile

$settings['cookiedomain'] = ".airsoftkrat.be";
$settings['cookiepath'] = "/forum/";
$settings['cookieprefix'] = "";
$settings['bburl'] = "https://www.airsoftkrat.be/forum";

these are my settings, which should be correct.

do you mean with cookiesecure this code?:

$settings['cookiesecureflag'] = "0";
add below code segment after $settings['cookieprefix'] = ""; in the headerinclude template
var cookieSecureFlag = "{$mybb->settings['cookiesecureflag']}";
that should fix referred issue
I followed the topic of Curdyz and deleted the www part .

$settings['bburl'] = "https://www.airsoftkrat.be/forum"; 
to:
$settings['bburl'] = "https://airsoftkrat.be/forum"; 
but that didn't change anything.

m, 

I think I don't understand where to implement that rule of code. I can't acces my templates though I can't even login the admin panel.
If you could mention the ftp file location I could implement it there.
If you can't acces acp, then you need to fix your cookies.

https://docs.mybb.com/1.8/faq/login/

and im pretty sure you have to add
$settings['bburl'] = "https://airsoftkrat.be/forum/";
(2017-03-22, 05:49 PM)Curdyz Wrote: [ -> ]If you can't acces acp, then you need to fix your cookies.

https://docs.mybb.com/1.8/faq/login/

and im pretty sure you have to add
$settings['bburl'] = "https://airsoftkrat.be/forum/";

All these things didn't work
open ~/inc/settings.php file with an advanced editor like notepad++
add $settings['cookiesecureflag'] = "1"; in a new line (anywhere) and save it

if your regular cookie settings are fine then you should be able to login to forum admin panel.
then again you have to do required changes at forum admin panel

at Site Details of Configuration section : select yes for secure cookie flag

And in the headerinclude template add above suggested code.
Still unable to acces the admin section even with implementing the following on ftp level: 

Quote:Posted by .m. - 58 minutes agoopen ~/inc/settings.php file with an advanced editor like notepad++
add $settings['cookiesecureflag'] = "1"; in a new line (anywhere) and save it 
 
It might be because I started using varnishcash server, I will disable that first and let my domain name point to it's previously used IP adres. I am not sure that this will lead to a solution cause I was able to login during couple of hours after enabling varnish cash.

Kind regards



EDIT:

After the above stated actions the domain is pointing again to it's original IP adres, excluding the varnischcash server.

But without any succes.. still unable to login (after validating correctly against the database) with other words still no cookies setting ..

I've also deleted the .htaccess file which was there to force to https... but in order to take action from deleting the .htacces file I'll need to wait a couple of minutes before that takes effect.

EDIT 2:

The deletion of the .htaccess file took action cause it doesn't forces me to the https protocol, but neither that solved the issue that the site isn't setting any cookies , neither on my self made login script on the same domain is the $_SESSION['']; php funtion working. that even doesn't set it's temp cookie.

Any suggestion ? Sad
Actually got fixed by removing the varnishcash server from between, thought you guys might want the solution on this one.

The varnischcash server didn't cash some php scripts and that was why cookies wouldn't set... didn't figure out a way to get around it with varnishcash enabled. but as my server is actualy already pretty fast i didn't break my head on this one.

Ty for the support.

Have a nice day,
Kind regards!