Problem: I keep getting logged out

[Kanon]

Hi,

Ever since yesterday, it has become incredibly hard for me to log in. I have to try around five times to even log in, and even then, I get logged out as soon as I go to another page.

Anyone else having this issue or any idea what's going on?

Edit: found a fix, I just need to check the "remember me" box. Worked perfectly fine without doing that yesterday.

[tainn]

This could be either server-side, client-side, or vBulletin-specific. It is most likely client-side, considering these forums do not really receive frequent changes. Since you say the "remember me" option works, the issue is likely the lifespan of session cookies.

My guess would be a browser update that rolled out stricter default cookie handling. Did you update your browser on the day the issue started?

I would assume the AnimeSuki staff would make an announcement if they made changes to the session timeout or cookie settings via Admin CP, so I would assume it is not vBulletin configuration related. Likewise, I assume there would be some announcement for server-side changes, such as PHP session handling (e.g., session.gc_maxlifetime, session.cookie_lifetime).

[Kanon]

Quote:

Originally Posted by tainn

This could be either server-side, client-side, or vBulletin-specific. It is most likely client-side, considering these forums do not really receive frequent changes. Since you say the "remember me" option works, the issue is likely the lifespan of session cookies.

My guess would be a browser update that rolled out stricter default cookie handling. Did you update your browser on the day the issue started?

I would assume the AnimeSuki staff would make an announcement if they made changes to the session timeout or cookie settings via Admin CP, so I would assume it is not vBulletin configuration related. Likewise, I assume there would be some announcement for server-side changes, such as PHP session handling (e.g., session.gc_maxlifetime, session.cookie_lifetime).

No, no updates. I also put Animsuki into the cookies whitelist, turned off ublock, etc... and it changed nothing. Also tried with a different browser, same result.

I'm using Firefox and the other browser I tried was Chrome (fresh profile). The problem is definitely on the forum's end, although I'm surprised no one else has run into the issue. But I guess if they had, they would have a very hard time posting.

[tainn]

Ha, I now managed to recreate the issue on my side as well. This is definitely either vBulletin configuration related, or a server-side issue.

There is a wide array of possiblities, though. PHP's session handling configuration, server security module changes (e.g. ModSecurity), server resource limitations that could lead to premature session termination, changes in IP address forwarding if behind a proxy (e.g. Cloudflare), session timeout or cookie settings changes in the Admin CP, any sort of recent plugin modifications or installations, misconfigured automated tasks, potential database issues, even.

[relentlessflame]

It seems like the server owner had to make a configuration change recently in response to the forum being inundated with bot traffic, so this may have caused this issue inadvertently. If it's continuing to happen, there might be additional things that need to be changed server-side to bypass this problem. I certainly agree that, in principle, you should not have to use the Remember Me option to stay logged in for a normal session.

[Kanon]

It's still happening as of today. I'm surprised no one else noticed, am I really the only one who has his browser set to clear everything when it closes?