Cookie Problem, Internet Explorer Only

Ed
(@coopeh)

12 years, 3 months ago

Hi,

I’m currently running a medium sized Multisite install on an Ubuntu 12.04 x64 based server, using Nginx, PHP-FPM, MySQL and Cloudflare at the front, serving wp-login and wp-admin over HTTPS. Cloudflare isn’t caching any wp-admin/login page, rules are in place, neither is the backend Nginx cache I have in place, both are showing as BYPASS in the headers.

It’s mainly for hosting educational blogs for schools, who unfortunately use IE most of the time.

I’ve been alerted today that users can’t log in to the admin area if they’re using any variation of Internet Explorer, but all other browsers work without issue. Being a Mac user I rarely use Internet Explorer if I can help it, but when testing it in various scenarios I get exactly the same result: “ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.” This is on a proxied connection in a school, a direct connect at home and tethered on my phone’s connection, so it’s not an issue with proxying.

Looking in the developer tools on IE, the cookies are sent and received fine, exactly how they are in every other browser. The test cookie is generated etc, but on POST the page will just refresh with the same cookies, but then show the message about cookies being blocked as above.

I have tried all the common fixes available on Google and these forums, including modifying wp-login.php to force a login, functions.php code to force creating a cookie with the cookie-domain and setting the cookie defines in my wp-config.php. None of these have worked, but I didn’t expect them to as it was already working in other browsers. I’ve yet to disable all the plugins that are network enabled because it is a live Multisite install, but I’ve tried quickly disabling some that could be the culprit, I’ll try the rest during the night when it’s quiet. Stranger still, I have some blogs hosted that use domain mapping and it will allow me to log in to those blogs in IE.

Has anyone witnessed this before? I have had the message before on all browsers when there was an error with a plugin at one point in the past, but this has since been fixed.

Cheers,
Ed

Viewing 15 replies - 16 through 30 (of 55 total)

← 1 2 3 4 →

jkhongusc
(@jkhongusc)

12 years, 2 months ago
Ed –
I do not advocate changing wp core, but have you tried editing wp-login.php and removing the “Cookies are blocked” error? Note that this could mask a real cookie error. This is how I would change it, by commenting out 3 lines (750-752):
```
//        if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
//                $user = new WP_Error('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
//        else
                $user = wp_signon('', $secure_cookie);
```
Anytime you edit core, the modifications get lost on an update.
Thread Starter Ed
(@coopeh)

12 years, 2 months ago

Sorry, I didn’t mean as a permanent fixture. I’ve been going through all the similar threads and implementing the ideas as tests.

The test I performed with the removal of the hidden input resulted in a wordpress_logged_in cookie being created, but it still didn’t log me in and still shows the cookie error message on each submission.

I’ve also tested the code you supplied above previously and it again creates the wordpress_logged_in cookie, but still redirects back to the login page and shows the cookie error message.

Really can’t get my head around this, the cookies are EXACTLY the same on all browsers. I’ve also re-uploaded all the files, disabled all plugins & object cache, set theme back to TwentyEleven and TwentyTwelve, checked wp-config settings, temporarily removed domain mapping plugin + sunrise.php, added the COOKIE_DOMAIN declaration, disabled all caching and CloudFlare interference. No idea what else I can do, it’s getting to the point where customers are now leaving because of it.
Thread Starter Ed
(@coopeh)

12 years, 2 months ago
I also receive these errors if I enable WP_DEBUG:
```
Notice: wpdb::escape is deprecated since version 3.6! Use wpdb::prepare() or esc_sql() instead. in /***/wp-includes/functions.php on line 2913

Strict Standards: Non-static method Bau_Installer::check() should not be called statically in /***/wp-content/plugins/blogs-and-users/blogs-and-users.php on line 76

Strict Standards: Declaration of emc2_enhanced_menu_walker::start_el() should be compatible with Walker_Nav_Menu::start_el(&$output, $item, $depth = 0, $args = Array, $id = 0) in /*/wp-content/plugins/enhanced-menu-editor/emc2-enhanced-menu-editor.php on line 0

Notice: Undefined index: pagenow in /*/wp-includes/link-template.php on line 1999

Notice: Constant EXTERNAL_IMAGES_DIR already defined in /*/wp-content/plugins/import-external-images/import-external-images.php on line 37

Notice: Use of undefined constant UPLOADS - assumed 'UPLOADS' in /*/wp-content/plugins/ultimate-branding/ultimate-branding-files/includes/functions.php on line 281
```
In my opinion and from the above testing, I don’t think any of these would be causing it.
Thread Starter Ed
(@coopeh)

12 years, 2 months ago

I’ve now copied the entire site and replicated it on another domain and I can’t replicate the issue.

Thread Starter Ed
(@coopeh)

12 years, 2 months ago

Ok, this is very strange. If I do “define( ‘SUBDOMAIN_INSTALL’, false );” then it now lets me log in, but the installation is a subdomain installation.

jkhongusc
(@jkhongusc)

12 years, 2 months ago

How do you configure your Domain Mappings? http://domain.com/wp-admin/network/settings.php?page=dm_admin_page

Under Domain Options, we have #1, #3, and #4 selected

Thread Starter Ed
(@coopeh)

12 years, 2 months ago

I’ve got Remote Login, Permanent redirect (better for your blogger’s pagerank) and User domain mapping page enabled. If you enable 4 (Redirect administration pages to site’s original domain (remote login disabled if this redirect is disabled)) on mine then it will disable Remote Login.

Thread Starter Ed
(@coopeh)

12 years, 1 month ago

This still isn’t working. I’ve also tried changing my auth keys and salts with alphanumeric values only.

I’m at a loss.

jkhongusc
(@jkhongusc)

12 years, 1 month ago

I thought you were on track in debugging the problem with your test system. Can you show us your custom wp-config.php settings (but do not include sensitive info)?
Thread Starter Ed
(@coopeh)

12 years, 1 month ago
```
<?php
define('DB_NAME', '***');
define('DB_USER', '***');
define('DB_PASSWORD', '***');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
define('AUTH_KEY',         '***');
define('SECURE_AUTH_KEY',  '***');
define('LOGGED_IN_KEY',    '***');
define('NONCE_KEY',        '***');
define('AUTH_SALT',        '***');
define('SECURE_AUTH_SALT', '***');
define('LOGGED_IN_SALT',   '***');
define('NONCE_SALT',       '***');
define('ADMIN_COOKIE_PATH', '/');
define('COOKIEPATH', '/');
define('SITECOOKIEPATH', '/');
$table_prefix  = '***_';
define('WPLANG', 'en_GB');
if ( isset($_GET['debug']) && $_GET['debug'] == '1' ) {
        define('WP_DEBUG', true);
} elseif ( isset($_GET['debug']) && $_GET['debug'] == '2' ) {
        define('WP_DEBUG', true);
        define('WP_DEBUG_DISPLAY', true);
} elseif ( isset($_GET['debug']) && $_GET['debug'] == '3' ) {
        define('WP_DEBUG', true);
        define('WP_DEBUG_LOG', true);
}
define('VHP_VARNISH_IP','***');
define( 'AUTOSAVE_INTERVAL', 120 );
define( 'WP_POST_REVISIONS', 30 );
define( 'EMPTY_TRASH_DAYS', 7 );
define( 'WP_MEMORY_LIMIT', '128M' );
define( 'ALLOW_UNFILTERED_UPLOADS', true );
define( 'DISALLOW_UNFILTERED_HTML', false );
define( 'FS_METHOD', 'direct' );
define( 'WP_DEFAULT_THEME', 'twentytwelve' );
define( 'MULTISITE', true );
//define( 'SUBDOMAIN_INSTALL', true );
define( 'SUBDOMAIN_INSTALL', false );
define( 'DOMAIN_CURRENT_SITE', 'ed.gs' );
define( 'PATH_CURRENT_SITE', '/' );
define( 'PATH_CURRENT_SITE', '/' );
define( 'SITE_ID_CURRENT_SITE', 1 );
define( 'BLOG_ID_CURRENT_SITE', 1 );
define( 'NOBLOGREDIRECT', 'http://ed.gs/' );
define( 'WP_CACHE_KEY_SALT', '***' );
define( 'SUNRISE', 'on' );
define( 'GF_LICENSE_KEY', '***' );
define( 'FORCE_SSL_LOGIN', false );
define( 'FORCE_SSL_ADMIN', false );
define( 'WP_AUTO_UPDATE_CORE', false );
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
       $_SERVER['HTTPS']='on';
@ini_set('log_errors','On');
@ini_set('display_errors','Off');
@ini_set('error_log','/var/www/***');

if ( !defined('ABSPATH') )
        define('ABSPATH', dirname(__FILE__) . '/');
require_once(ABSPATH . 'wp-settings.php');
```
Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

12 years, 1 month ago

Grep your files and find where COOKIE_DOMAIN is set?

I know that for a while define('COOKIE_DOMAIN', false ); was breaking things with mapped domains.
jkhongusc
(@jkhongusc)

12 years, 1 month ago
IMO, there is something going on with your COOKIE_DOMAIN. I see your wp-config.php is set to ‘ed.gs’, but you reported earlier that a test script is saying your COOKIE_DOMAIN is ‘.ed.gs’. That extra dot is disturbing. And as Mika mentioned sunrise.php does not like it when the COOKIE_DOMAIN is set in wp-config.php, excerpt from my sunrise.php –
```
if ( defined( 'COOKIE_DOMAIN' ) ) {
      die( 'The constant "COOKIE_DOMAIN" is defined (probably in wp-config.php). Please remove or comment out that define() line.' );
}
```
Maybe there is a problem with your sunrise.php. You should verify that you have the right version in wp-content. There is the other possibility that another script/plugin that is affecting it.
Thread Starter Ed
(@coopeh)

12 years, 1 month ago

DOMAIN_CURRENT_SITE is set to ed.gs but there’s no COOKIE_DOMAIN defined in my wp-config. I’ve checked sunrise.php, it’s the current one from Donncha’s latest domain mapping plugin. I even removed it and re-added from the plugin.

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

12 years, 1 month ago

Ed, I suggested a grep because that will search all files, and that’s really what you need to do. Make absolutely sure not a single file is being as smart as a bag of wet hair.

Thread Starter Ed
(@coopeh)

12 years, 1 month ago

Sorry Mika, forgot to mention that I grepped through all files and there’s no defining of COOKIE_DOMAIN anywhere.Here’s a gist with it all to save space on here https://gist.github.com/Coopeh/18d6ca3d88da4d3b27ab

Cheers, Ed

Viewing 15 replies - 16 through 30 (of 55 total)

← 1 2 3 4 →

The topic ‘Cookie Problem, Internet Explorer Only’ is closed to new replies.

Cookie Problem, Internet Explorer Only

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics