XF 1.1 Keep logging out of XF with Chrome

[Andy.N]

I noticed this as well in ACP and my members told me about getting logged out of XF (beta 5) using Chrome browser.
I don't notice the problem with forum home since I have selected "Stay logged in" but when I log in the ACP, and under one minute, while I'm trying to perform some task, it pops up that I need to log in to do that.
This just happens in beta 4, 5 and I have the js/data folder loads from CDN.

Is there an option where we can select how long a member is logged in?

 

[Mike]

You're right, it's normal for a cache to expire old content. The standard algorithm for this is called "Least Recently Used". However, there are some cache systems that don't purge with LRU, at least not out of the box. As an example, APC/APCu. They will simply not expire things that haven't been set to expire and actually fail to insert the new content. I can't find any particular details about Xcache. Memcache uses LRU which is why we recommend it (http://techgurulive.com/2009/07/22/how-data-expiry-happens-in-memcached/).

LRU purging would generally mean that the most recently created/used elements stay in the cache. If you login and your session insert fails (which is why you'd get logged out immediately), that's not using LRU and that's a misconfigured cache setup. Essentially, your setup is relying on the cache never being full. It's prioritizing something that may have been inserted days before and not used since (with a long TTL) over something that is being requested now.

This is the exact reason you have to opt-in to caching sessions explicitly.

I should also comment that sessions don't exist permanently anywhere. They only exist for a certain amount of time after last activity (this time can vary).

 

[Rho Delta]

I'm gonna make a big post here for future reference:

_____

Some possible causes of users being logged out:

1) The user was idle for too long and was automatically logged out for inactivity. The timeout is set in your:

Admin CP -> Home -> Options -> User Options -> Online Status Timeout

You can increase the timeout or tell your users to check Stay logged in when they login.

2) A problem with cookie scope due to inconsistent forum links. All internal links are consistent, but user-submitted links (e.g. in posts) and links from addons and other customizations may be inconsistent. For example, if you login to the forum with a URL that has "www" but then visit a link without "www" then the login cookie can go out of scope which causes the user to be logged out. It is important that all links and bookmarks are consistent. You can add a rewrite rule to your .htaccess file to enforce no www and thereby avoid the potential problem of inconsistent links:

RewriteEngine On

RewriteCond %{HTTP_HOST} !^yoursite\.com$
RewriteRule ^(.*)$ http://yoursite.com/$1 [R=301,L]

If the forum and .htaccess file is in a subdirectory then you need to specify that in the rules:

RewriteEngine On

RewriteCond %{HTTP_HOST} !^yoursite\.com$
RewriteRule ^(.*)$ http://yoursite.com/forum/$1 [R=301,L]

If you are using XenForo's .htaccess file for friendly URLs then you can add the new rules like so:

#    Mod_security can interfere with uploading of content such as attachments. If you
#    cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#    SecFilterEngine Off
#    SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>
    RewriteEngine On

    RewriteCond %{HTTP_HOST} !^yoursite\.com$
    RewriteRule ^(.*)$ http://yoursite.com/forum/$1 [R=301,L]

    #    If you are having problems with the rewrite rules, remove the "#" from the
    #    line that begins "RewriteBase" below. You will also have to change the path
    #    of the rewrite to reflect the path to your XenForo installation.
    #RewriteBase /xenforo

    #    This line may be needed to enable WebDAV editing with PHP as a CGI.
    #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^.*$ - [NC,L]
    RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
    RewriteRule ^.*$ index.php [NC,L]
</IfModule>

3) Your server is behind a proxy that is messing up reporting of the client IP address. You can visit this page in your Admin CP to check the IP reporting:

admin.php?tools/phpinfo

Search the page for "REMOTE_ADDR". It should show your correct external IP address. If the IP is incorrect or it changes between requests then you will have login problems. This kind of problem means everyone on your forum will be affected.

4) You are storing sessions in a memory cache such as APC and that cache is getting full or is having uptime problems. You need to ensure that your cache doesn't get full and is reliable. Otherwise you can disable session caching by removing this line from your library/config.php file (it is false by default or when unspecified):

$config['cache']['cacheSessions'] = true;

So this is still an issue like 3 years later? Can we get a bug fix for this? I don't really want or know how to do all of these custom changes...

 

[Paul B]

What do you consider to be a bug?

I never have to log in here or any other XenForo site I check "Stay logged in" at.

 

[Rho Delta]

What do you consider to be a bug?

I never have to log in here or any other XenForo site I check "Stay logged in" at.

When using the taigachat shoutbox, about 50% of the time a user clicks a thread link inside the shoutbox that is autoupdated when a user posts in a thread, the user clicking the link is logged out, no matter what your settings are. Taigachat sent me to this thread.

 

[Paul B]

Then the error is with the add-on or a possible lack of rewrite rules in your .htaccess.

That is not a bug with XenForo.

 

[Rho Delta]

Then the error is with the add-on or a possible lack of rewrite rules in your .htaccess.

That is not a bug with XenForo.

I guess our line of thinking isn't the same then, because I consider something not working with default settings a bug. Adding something to .htaccess sounds like a "fix".

 

[Paul B]

It is a server level file, nothing to do with XenForo.

 

[Jeremy]

More likely than not, you've configured something wrong and it is switching between www and non-www.

 

[tafreehm]

When using the taigachat shoutbox, about 50% of the time a user clicks a thread link inside the shoutbox that is autoupdated when a user posts in a thread, the user clicking the link is logged out, no matter what your settings are. Taigachat sent me to this thread.

I know what this is. Make a redirect of www to non www or vice versa. It will resolve the issue.

 

[Earl]

Hello guys,
I've a xf test install on a vps. I need to configure it with APC, Memcached (for cacheSession), and Litespeed Cache.
I managed to enable the litespeed cache using the Litespeed cache plugin with the instructions provided by @Slavik on that plugins overviews page
I need to know how to enable memcache only for cacheSessions?

here is my config.php

<?php

$config['db']['host'] = 'localhost';
$config['db']['port'] = '3306';
$config['db']['username'] = '....';
$config['db']['password'] = '....';
$config['db']['dbname'] = 'xenforo1';

$config['superAdmins'] = '1';

$config['enableMail'] = 'false';

$config['cache']['enabled'] = true;
$config['cache']['frontend'] = 'Core';
$config['cache']['frontendOptions']['cache_id_prefix'] = 'xf1_';
$config['cache']['backend'] = 'Apc';
//$config['cache']['cacheSessions'] = 'true';

and my .htaccess

<IfModule litespeed>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^HEAD|GET$
RewriteCond %{HTTP_COOKIE} !skipPageCache
RewriteRule .* - [E=Cache-Control:max-age=60]
</IfModule>
#       Mod_security can interfere with uploading of content such as attachments. If you
#       cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#       SecFilterEngine Off
#       SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>
        RewriteEngine On

        #       If you are having problems with the rewrite rules, remove the "#" from the
        #       line that begins "RewriteBase" below. You will also have to change the path
        #       of the rewrite to reflect the path to your XenForo installation.
        #RewriteBase /xenforo

        #       This line may be needed to enable WebDAV editing with PHP as a CGI.
        #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

        RewriteCond %{HTTP_HOST} www.***.net$
        RewriteRule ^(.*)$ http://***.net/$1 [R=301,L]

        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -l [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^.*$ - [NC,L]
        RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
        RewriteRule ^.*$ index.php [NC,L]
</IfModule>

 

[Jake Bunce]

Hello guys,
I've a xf test install on a vps. I need to configure it with APC, Memcached (for cacheSession), and Litespeed Cache.
I managed to enable the litespeed cache using the Litespeed cache plugin with the instructions provided by @Slavik on that plugins overviews page
I need to know how to enable memcache only for cacheSessions?

here is my config.php

<?php

$config['db']['host'] = 'localhost';
$config['db']['port'] = '3306';
$config['db']['username'] = '....';
$config['db']['password'] = '....';
$config['db']['dbname'] = 'xenforo1';

$config['superAdmins'] = '1';

$config['enableMail'] = 'false';

$config['cache']['enabled'] = true;
$config['cache']['frontend'] = 'Core';
$config['cache']['frontendOptions']['cache_id_prefix'] = 'xf1_';
$config['cache']['backend'] = 'Apc';
//$config['cache']['cacheSessions'] = 'true';

and my .htaccess

<IfModule litespeed>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^HEAD|GET$
RewriteCond %{HTTP_COOKIE} !skipPageCache
RewriteRule .* - [E=Cache-Control:max-age=60]
</IfModule>
#       Mod_security can interfere with uploading of content such as attachments. If you
#       cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#       SecFilterEngine Off
#       SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>
        RewriteEngine On

        #       If you are having problems with the rewrite rules, remove the "#" from the
        #       line that begins "RewriteBase" below. You will also have to change the path
        #       of the rewrite to reflect the path to your XenForo installation.
        #RewriteBase /xenforo

        #       This line may be needed to enable WebDAV editing with PHP as a CGI.
        #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

        RewriteCond %{HTTP_HOST} www.lk1.net$
        RewriteRule ^(.*)$ http://lk1.net/$1 [R=301,L]

        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -l [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^.*$ - [NC,L]
        RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
        RewriteRule ^.*$ index.php [NC,L]
</IfModule>

Instructions for APC and Memcache:

http://xenforo.com/community/threads/xenforo-plus-apc-plus-memcache.34985/#post-397405

To add sessions to the cache just uncomment this line:

//$config['cache']['cacheSessions'] = 'true';

 

[Earl]

Instructions for APC and Memcache:

http://xenforo.com/community/threads/xenforo-plus-apc-plus-memcache.34985/#post-397405

To add sessions to the cache just uncomment this line:

//$config['cache']['cacheSessions'] = 'true';

Howdy @Jake Bunce,

Yeah I can see im using APC cache as backend, and what if I need APC and Memcache both at the same time? but I only need memcache for cacheSessions, and i need apc too. is that possible?

Is this correct?

<?php

$config['db']['host'] = 'localhost';
$config['db']['port'] = '3306';
$config['db']['username'] = '....';
$config['db']['password'] = '....';
$config['db']['dbname'] = 'xenforo1';

$config['superAdmins'] = '1';

$config['enableMail'] = 'false';

$config['cache']['enabled'] = true;
$config['cache']['frontend'] = 'Core';
$config['cache']['frontendOptions']['cache_id_prefix'] = 'xf1_';
$config['cache']['backend'] = 'Apc';


$config['cache']['backend'] = 'Memcached';
$config['cache']['cacheSessions'] = 'true';
$config['cache']['backendOptions'] = array(
'compression' => false,
'servers' => array(
array(
// your memcached server IP /address
'host' => 'localhost',

// memcached port
'port' => 11211,


)
)
);

 

[Jake Bunce]

Howdy @Jake Bunce,

Yeah I can see im using APC cache as backend, and what if I need APC and Memcache both at the same time? but I only need memcache for cacheSessions, and i need apc too. is that possible?

Is this correct?

<?php

$config['db']['host'] = 'localhost';
$config['db']['port'] = '3306';
$config['db']['username'] = '....';
$config['db']['password'] = '....';
$config['db']['dbname'] = 'xenforo1';

$config['superAdmins'] = '1';

$config['enableMail'] = 'false';

$config['cache']['enabled'] = true;
$config['cache']['frontend'] = 'Core';
$config['cache']['frontendOptions']['cache_id_prefix'] = 'xf1_';
$config['cache']['backend'] = 'Apc';


$config['cache']['backend'] = 'Memcached';
$config['cache']['cacheSessions'] = 'true';
$config['cache']['backendOptions'] = array(
'compression' => false,
'servers' => array(
array(
// your memcached server IP /address
'host' => 'localhost',

// memcached port
'port' => 11211,


)
)
);

I recommend using APC as an opcode cache and Memcache as a memory cache. Install APC into PHP (no XF configuration required) for the opcode cache. Then install Memcache on your server and configure it in XF with those config.php options.

 

[TBDragon]

i have this issue
but i use cloudflare how i can solve this issue ?!

 

[Jake Bunce]

i have this issue
but i use cloudflare how i can solve this issue ?!

http://xenforo.com/community/threads/keep-logging-out-of-xf-with-chrome.22968/#post-286837

3) Your server is behind a proxy that is messing up reporting of the client IP address. You can visit this page in your Admin CP to check the IP reporting:

admin.php?tools/phpinfo

Make sure REMOTE_ADDR shows your correct IP. If it's not correct then you can contact your host or server person to fix this. Or look for a server variable that contains the correct IP and then add this code to your library/config.php file:

// FIX IP ADDRESS FOR PROXY
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];

Replace the red part with the name of the server variable that contains the correct IP (from your phpinfo).

 

[TBDragon]

http://xenforo.com/community/threads/keep-logging-out-of-xf-with-chrome.22968/#post-286837

ya i have this issue

as the REMOTE_ADDR show the CDN ip and i have the root access how i can solve it ?!

and for real IP which ip u mean ? mine ? cuz our country have shared and dynamic ip so what the solution for this ?!

 

[Jake Bunce]

ya i have this issue

as the REMOTE_ADDR show the CDN ip and i have the root access how i can solve it ?!

and for real IP which ip u mean ? mine ? cuz our country have shared and dynamic ip so what the solution for this ?!

Contact your host about fixing it on their end. Otherwise you can use the "bandaid" of adding that config.php code.

 

[MattW]

Howdy @Jake Bunce,

Yeah I can see im using APC cache as backend, and what if I need APC and Memcache both at the same time? but I only need memcache for cacheSessions, and i need apc too. is that possible?

Is this correct?

<?php

$config['db']['host'] = 'localhost';
$config['db']['port'] = '3306';
$config['db']['username'] = '....';
$config['db']['password'] = '....';
$config['db']['dbname'] = 'xenforo1';

$config['superAdmins'] = '1';

$config['enableMail'] = 'false';

$config['cache']['enabled'] = true;
$config['cache']['frontend'] = 'Core';
$config['cache']['frontendOptions']['cache_id_prefix'] = 'xf1_';
$config['cache']['backend'] = 'Apc';


$config['cache']['backend'] = 'Memcached';
$config['cache']['cacheSessions'] = 'true';
$config['cache']['backendOptions'] = array(
'compression' => false,
'servers' => array(
array(
// your memcached server IP /address
'host' => 'localhost',

// memcached port
'port' => 11211,


)
)
);

That config file is incorrect. You can't put APC and Memcached as the backend cache.

If you want to use APC as an Opcache for PHP files, you don't need to put anything in your config file, just leave the Memcached settings in there that you already have.

 

[TBDragon]

Contact your host about fixing it on their end. Otherwise you can use the "bandaid" of adding that config.php code.

hmmm its a vps not shared host
so the host cant do any thing for that , what is bandaid ?!

 

[TBDragon]

Contact your host about fixing it on their end. Otherwise you can use the "bandaid" of adding that config.php code.

does this solution solve the problem ??

http://xenforo.com/community/threads/remote_addr.13180/#post-172330