WordPress cookie issue blocking app development – wordpress_sec
-
Hello,
We are trying to have an app made that logs into our website. We have an issue where the login is not working for admin members and the AppMySite people have said its due to the following:
WordPress does not set any cookie in the form “wordpress_sec_[hash]”. WordPress specifically uses “wordpress_[hash] and wordpress_logged_in_[hash]”, plus a test cookie. Any cookies apart from these are not supported in our app because this is not a standard practice by WordPress.
They say the cookie is being put there by a security plugin or something. I have checked online and it seems this cookie is pretty standard and I cant find any references to it being the result of a plugin.
Can anyone shed some light on this, is it a standard WP cookie that is not mentioned in their documentation, or is there a way I can disable its usage so the app can work. I really appreciate your time.
-
An update: I was wrong 😀
I just set up a brand new site just to test this for you — WordPress version 6.2.2, default Twenty Twenty-Three theme, and NO plugin installed. So as pure vanilla WordPress as can be.
And, indeed, there’s a
wordpress_sec_[hash]cookie set, but only in the admin dashboard (ie/wp-admin/path). The front-end doesn’t have this cookie.Please see the screenshots below: the first is the back-end (dashboard), the second is the front-end (ie public website).
So the statement… “Any cookies apart from these… is not a standard practice by WordPress” is here proven to be not true.
There’s obviously a reason WordPress sets this cookie, so the solution to your problem is NOT to stop WordPress from setting the cookie, but to get your AppMySite folks to understand and accept that this is a default WordPress cookie — a “standard practice” as they call it — and fix their obviously broken app.
Good luck!
The topic ‘WordPress cookie issue blocking app development – wordpress_sec’ is closed to new replies.