RMcGirr83 wrote: ↑
Mon Nov 19, 2018 11:31 am
Just rename the cookie in the ACP. Users won't have to delete it from the browser.
I've tried that. (I tried it before I saw your post, as we had a similar problem in the past.) Sadly it didn't work.
(The people who already knew how to zap cookies zapped them, and the other users are all asking for help.)
While looking around, I saw that the phpBB version was out of date, so we have closed our forum and upgraded to the latest version a few hours ago.
The upgrade seems to have worked OK, but we now have a situation where the Session IDs are constantly rotating (instead of it being a periodic problem) and none of the admins are able to log into the ACP now.
I was hoping the upgrade would fix the problem. But it has followed us onto the new upgrade.
Does anyone know what might be making session IDs change constantly? One of my admins knows php a lot better than me, but I'm not sure what we should be looking for.
Has anyone seen another phpBB forum have a similar problem? Could it be a Denial of Service attack or something our hosting company might have changed?
Oh, I'm not sure if it is relavant (so I'll mentinon it just in case) but the "Delete all board" cookies link at the bottom of our forum does nothing:
After changing our cookie settings, it didn't delete the cookie and after renaming the cookie it didn't delete cookies.
I'm not sure if that is "normal" behaviour for phpBB (i.e. changing the ACP settings stops that link from seeing old - corrupted - cookies) or if that was broken.
That link is a fantastic
idea, and if it would
delete all cookies related to our server we wouldn't have people asking us to help them find out how to delete individual cookies (on various desktop and mobile browsers).
(The problem with that link not working has also followed us onto the new phpBB upgrade.)