• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

AdminCP short log-in time

Adam Howard

Well-known member
#1
I seem to get logged out of the administrator control panel (AdminCP) fairly easily... ie... My ability to remain logged in for a longer time is not adequate.

So if I have a lot to do, say for example update 8 add-ons and remove 3, I'm just as likely to get logged out in the middle of rebuilding the cache (template).

Thoughts? Possible solutions?
 

xf_phantom

Well-known member
#2
Lifetime is set to 3600 seconds (like in frontend) or 86400 if debug mode is enabled

Sadly it's still not configurable via the config file:/
 

Adam Howard

Well-known member
#3
At the moment, here is my htacess file (both copied and attached)

I don't believe there is anything here to cause an issue as the issue only affects AdminCP.

But here it is just for reference (ya never know)

PHP:
#The top of your .htaccess file
IndexIgnore *
Options +FollowSymLinks -Multiviews -Indexes
#    Mod_security can interfere with uploading of content such as attachments. If you
#    cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#    SecFilterEngine Off
#    SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>
    RewriteEngine On
    
    RedirectMatch 301 ^/forum/?$ /forums/
    RedirectMatch 301 ^/community/?$ /forums/
    RedirectMatch 301 ^/board/?$ /forums/
    RedirectMatch 301 ^/boards/?$ /forums/
    RedirectMatch 301 ^/beta/?$ /forums/
    RedirectMatch 301 ^/forums/members/?$ /forums/
    RewriteCond %{HTTP_HOST} !^www\.sociallyuncensored\.eu$
    RewriteRule ^(.*)$ http://www.sociallyuncensored.eu/?$1 [R=301,L]
    
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?sociallyuncensored.eu [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?sociallyuncensored.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?xenforo.com [NC]
    RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?twitter.com [NC]
    RewriteRule \.(jpg|jpeg|png|gif|svg|css|js|pdf|zip)$ http://www.sociallyuncensored.eu/hotlink.jpg [NC,R,L]
    
    #    If you are having problems with the rewrite rules, remove the "#" from the
    #    line that begins "RewriteBase" below. You will also have to change the path
    #    of the rewrite to reflect the path to your XenForo installation.
    #RewriteBase /xenforo

    #    This line may be needed to enable WebDAV editing with PHP as a CGI.
    #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^.*$ - [NC,L]
    RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
    RewriteRule ^.*$ index.php [NC,L]
    
      #Block mySQL injects
 RewriteCond %{QUERY_STRING} (;|<|>|’|”|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark) [NC,OR]
 
 RewriteCond %{QUERY_STRING} \.\./\.\. [OR]
 
 RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
 RewriteCond %{QUERY_STRING} \.[a-z0-9] [NC,OR]
 RewriteCond %{QUERY_STRING} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC]
 # Note: The final RewriteCond must NOT use the [OR] flag.
</IfModule>

#Deny attempts to view the Htaccess file.
<Files .htaccess>
Order allow,deny
Deny from all
</Files>

<IfModule mod_headers.c>
        # properly handle requests coming from behind proxies
        Header append Vary User-Agent
        <FilesMatch "\.(js|css|xml|gz)$">
                Header append Vary Accept-Encoding
        </FilesMatch>
    # remove ETags, it's important
    Header unset ETag
    FileETag None   
    Header unset Last-Modified
</IfModule>

# Deflate files to fasten the loading with adding compression
<IfModule mod_deflate.c>
    SetOutputFilter DEFLATE
    AddOutputFilterByType DEFLATE application/x-httpd-php text/html text/xml text/plain text/css text/javascript application/javascript application/x-javascript image/jpeg image/jpg image/png image/gif font/ttf font/eot font/otf
# Properly handle old browsers that do not support compression
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4\.0[678] no-gzip
    BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    # Explicitly exclude binary files from compression just in case
    SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|pdf|swf|ico|zip|ttf|eot|svg)$ no-gzip
</IfModule>
<ifModule mod_expires.c>
    #Setting expiry time by content type to 1 day
    ExpiresActive On
    ExpiresDefault "access plus 1 seconds"
    ExpiresByType image/gif "access plus 86400 seconds"
    ExpiresByType image/jpeg "access plus 86400 seconds"
    ExpiresByType image/png "access plus 86400 seconds"
    ExpiresByType text/css "access plus 86400 seconds"
    ExpiresByType text/javascript "access plus 86400 seconds"
    ExpiresByType application/x-javascript "access plus 86400 seconds"
</ifModule>
 

Attachments

Chris D

XenForo developer
Staff member
#5
Do you have session caching enabled in your config file? I've seen this log you out immediately if misconfigured.
 

Adam Howard

Well-known member
#7
Do you have session caching enabled in your config file? I've seen this log you out immediately if misconfigured.
Current config.php

PHP:
<?php
#$config['enableListeners'] = false;
#$config['debug'] = 1;
$config['db']['host'] = 'It's a secret';
$config['db']['port'] = 'It's a secret';
$config['db']['username'] = 'It's a secret';
$config['db']['password'] = 'It's a secret';
$config['db']['dbname'] = 'It's a secret';
$config['superAdmins'] = 'It's a secret';
$config['javaScriptUrl'] = 'http://cdn.sociallyuncensored.com/js';
$config['externalDataUrl'] = 'http://cdn.sociallyuncensored.com/data';
if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) { $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP']; }
Not currently using any cache opinions at the moment :)
 

Mike

XenForo developer
Staff member
#9
It may well be affecting you on the front end, but if you have "remember me" selected, you won't notice (it'll create a new session with you logged in already silently).