• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.5 Users getting logged out repeatedly

#1
I have increasing reports from users that they are being logged out repeatedly. Reports include Chrome, Safari, Firefox and Opera browsers. This is a new problem and just started a few days ago. I had, at first, asked them to clear their cache and cookies but it only resolves it temporarily. My tech and I looked into session issues but aren't finding any red flags. What else should we check? People are starting to get very annoyed...
 

Amaury

Well-known member
#5
An add-on is not needed. If the issue is users not checking the stay logged in box, as @wang thinks, then a simple edit can make it be checked by default.
 
#6
Yes, they do have the box checked to stay logged in already, but it's not working, unfortunately. I have sent the htaccess info to my tech for forcing non-www, so I will see if that resolves it. Thank you for the input.
 

Divvens

Well-known member
#7
This is an issue even we are facing. XenForo 1.5, I've ensured that htaccess contains rules to point only to non-www domain for 4 years now. Nothing changed recently except and upgrade to XF 1.5 - users report being logged out if they don't check the stay logged in. Until now have recieved only few reports but all contain a similar pattern, i.e users log in -> click on alerts and are somehow logged out before alert box drops down.

We are investigating it internally before opening a ticket with XenForo.
 

Brogan

XenForo moderator
Staff member
#8
It's not something we have had any other reports of so the first thing to check would be add-ons and then the server.
 

Mike

XenForo developer
Staff member
#9
Things to check:
  • Reverse proxies/load balancers causing IP changes. (You should be using some approach to expose the real IP to XF.)
  • If you're storing sessions in a cache, make sure you have ample space for the sessions at all times.
 
#11
After a month of wrangling this issue, I wanted to share an update. I had previously taken the suggestions here and forced non-www traffic. This did not resolve the issue for my users. Even though it's only been a few dozen users, they've been quite vocally unhappy. So, I continued to try a few additional modifications. I worked with two members of my admin team who were experiencing the issue - one in Firefox and one in Edge. Both were showing https in their browser even though I am not running XF on https. Earlier today, we added a new htaccess rule to force non https traffic in both XF and XFMG. This has resolved the logging out issue for my site - at last.