Jump to content

Lockout issue after changing constants.php

Recommended Posts

So first off I'm still running 4.4.10. I don't really like the direction the software has gone since then to be honest and I feel pretty disillusioned with it, despite recognising that there are some good features that have been added since (which is a shame).

It's also too difficult to keep upgrading the forum all the time and keeping compatibility with my existing themes, plugins and applications (some of which haven't even been upgraded for the newest versions now) among more and my own SSO setup. It's just not possible for me to keep making these large changes at the scale you're making them and keep my site actually running, unfortunately.

I would have contacted support about the issue I'm going to post below, but my license has expired and I've just found out when I tried to renew it IPS have now increased the cost from $25 to $40 per 6 months just to get:

  1. support (which mostly although very quick is pretty terrible and you don't really want to know IMO)
  2. ability to post in virtually any forum here (which is helpful because support doesn't help you, but not worth $40)
  3. upgrades (which I've already said I'm not bothered about)
  4. spam monitoring (which is nice, but not worth $40 on its own)

I have no idea why this change has been made and it's never been communicated to me as a Client, and I don't want this topic to turn into another "bash IPS" one as I can see that a few customers seem to be complaining about other things too. But I do feel I need to state that this change is pretty disgusting. That cost is more than 25% of the cost I actually paid for the software.. and you want me to continue forking out $40 every 6 months just to get access to the above? $25 is justifiable IMO, just. But what this is, is basically taking advantage of clients.

Regardless of that now onto what I actually wanted to say. So my Suite sits on a 'forums' subdirectory of my main domain, and I want the cookies set by IPS to be present over my whole site too. When I check the HTTP headers for cookies I can see that one of them is presently residing in only the /forums/ directory. Obviously this is possible with the cookie options, so I've tried modifying my constants.php file with this:

define( 'COOKIE_PATH', '/' );

It seems to work fine, but then for some bizarre reason, when I log out and log back in again, it's locking me straight out of my account on the first attempt even though my username and password are 100% correct. I'm using LastPass so I'm not even typing them. They autofill.

Every time I make this change, the software is bugging for some reason, and locks me out of my account on the first sign in attempt (claiming I tried 3 times?), I even get an email saying I've been locked out. When I try to sign in again, it repeats this and says to try again in 14 minutes. When I try again after that time, it's also locking me out again. This pattern basically continues until I remove or rename the constants.php file and clear my browser cache. I've even tried in different browsers.

Just wondering whether anyone else has had these issues or whwther they might have any ideas why this might be occuring for me?

Thank you.

Link to comment
Share on other sites


I suspect you now have two versions of various cookies, both set on different paths. It's likely the wrong one is being passed by the browser when you're using your community which is causing a failure when authenticating using 'remember me'.

You may want to change your cookie prefix, just to remove the possibility for these conflicts. See COOKIE_PREFIX here- https://invisioncommunity.com/4guides/advanced-options/configuration-options/using-constantsphp-r25/


Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...