Magento Cookie Issue. Why does it happen? - magento

I have a Magento website up and running. Suddenly I could not Login to the website and could not add products to the website. On login, it simply redirected back to login page from admin end. And on adding product to cart it kept asking for enabling cookies.
Now I have updated the value of "web/cookie/cookie_domain" in core_config_data to "", and it started working fine, though previously the value was the domain name. Can anyone really suggest/explain why does it behave like this?

Magento also has an issue where if you use the bare domain and a subdomain to try accessing the site, it can set two cookies, one for example.com and one for subdomain.example.com.
You will have issues logging in for either front or admin sessions until you delete all the Magento cookies pertaining to your domain. Setting cookie paths, domains and redirecting all bare domain traffic to www or all www traffic to bare domain is necessary to prevent the issue.

search the web and found solutions.
Disable redirect to enable-cookies CMS page
Go to System –> Configuration –> General –> Web –> Browser Capabilities Detection –> Redirect to CMS-page if cookies are disabled = No
for more info you See this link.I hope solve your problem.

Related

Joomla https certificate expired. Need to undo https

Here's my situation:
I recently inherited a website from someone else who's MIA.
Recently the SSL certificate expired.
Website now can't be accessed properly. It first gives me NET::ERR_CERT_DATE_INVALID and when I bypass it, all UI elements look distorted and don't work.
Tried disabling SSL through Joomla admin page and I can't access the option that's embedded under a "server" tab in the settings page...because the UI elements don't work there as well. (Even joomla admin page is forced through https)
Tried disabling SSL or HTTPS through .htaccess and I don't see that https was enabled through that. In other words, no code for me to disable there.
Anyone has suggestions on how to get this page up and running properly again?

Magento losing cookie when login (switch from HTTP to HTTPS)

I have a Magento 1.7.0.2 installation which loses session data when logging in.
It logs in correctly from main page (HTTP) and works fine until I go to Cart page and click checkout. Then it leads to checkout where I am logged out (already HTTPS) and when I try to login it redirects me to account/dashboard and thus I cannot ever complete an order.
Recently we've changed the server from Litespeed to Apache, I'm not sure if the problem is in Apache configuration because As I change the cookie settings from Magento, it makes no effect.
I've tried setting the domain like ".www.example.com", path to "/", expire time to "5400", no effect.
EDIT: it turns out the cookie is not passed to /checkout/onepage/ request. That is when I click the checkout button. What may be the reason for this?
Try to change System->Configuration->Web->Session Cookie Management->Use HTTP Only to "No" and clear the cache.

Enabling Use Secure URLs in Admin, magento not redirecting properly

I have installed ssl in local PC and working correctly. Front end is using https and all good. But when I enable Use Secure URLs in Admin; I cannot access the backend.
Its trying to redirect and ending up with The page isn't redirecting properly message in firefox.
Anybody know secure URLS in admin panel?
Go to system > configuration > web . click on cookie session timeout tab. make sure the cookie path and cookie domain fields are empty for all store views also.
Did you possibly made any changes in Cookie Path or Cookie Domain? If yes go to Stores > Configuration > General > Web > Default Cookie Settings and leave these fields blank.

I have to delete all browsing data every time I login to admin

I moved magento site from a sub-directory (http://mysite.com/magento) to the parent directory (http://mysite.com). After successful transfer I noticed that my site url does not have "www" So I added it up in the Database in core_config_data in base and secure url fields.
That is before base and secure url were: http://mysite.com
After changing it: http://www.mysite.com (added www to it).
Then I removed everything from the Var folder and deleted browser history with cookies and all other information of chrome.
There is no problem in frontend of the site, although I am not able to login at admin side. It just returns me to login page without any error but with a url like this
http://www.mysite.com/index.php/admin/index/index/key/b4f1cd105c9623c8d313c41e5c59f5b1/
But if I clear browsing history and cookies etc all, then it let me login once and for second time if I want to login again, I have to do the same process again .i.e. delete all the cookies and data from chrome history and then login again.
I have browsed same questions asked at stackoverflow and some other forums but all suggests to clean up cookies. But I think already did that, did I miss something or need to do something more?
This could be myriad things, but I'd check that your cookie domain at
System -> Configuration -> Web -> Session Cookie Management
matches your new www.example.com domain name.

Magento site keeps requesting login information browsing between cart & products

website - http://www1.internetvoipphone.co.uk/
Note - http://www.internetvoipphone.co.uk/ uses V1.3.2, www1 address is our V1.6 dev site before going live so please only look at that one.
Issue - when a user logs in then browses back to a product page they switch from https back to http which in turn logs them out, we cant find a reason why magento changes some links to https but not others
account details for testing:
username: test#test.com
password: password
I've tried resetting to the default template but the issue still occurs so it must be a magento config issue, any help greatly appreciated
The issue seems to be caused by cookies, we use two URL's www1.internetvoipphone.co.uk and secure.internetvoipphone.co.uk, each domain was sending out a cookie "frontend" which seem to have been conflicting.
setting the cookie domain to .internetvoipphone.co.uk generates a single cookie and as yet seems to have fixed the issue.
Yes the cookie path and also the browser's cache can wreak havoc with Magento when using a development installation, even if on another domain.

Resources