acp log out

[Jelly Belly™]

I keep getting logged out of my ACP, it's say my IP has changed but it hasn't as I have a static IP ?

[Jim M]

Are you bouncing between different networks perhaps? I.E. on a mobile device that is bouncing between a WIFI signal and the mobile network. That would explain how you have a static IP address on your WIFI but switching to your the mobile network would cause a different IP address as it is a different network. Alternatively, if you are switching or getting kicked of a VPN or Proxy this would cause your IP address to change as well, even if your home/work has a static IP address.

Viewing your ACP, I am not seeing that issue myself, so it does not appear to be a configuration issue on our end.

[Jelly Belly™]

4 minutes ago, Jim M said:

Are you bouncing between different networks perhaps?

 

No I'm using a desktop wired to my router

It seems to happen mostly when I've been in a section and click on a menu icon, or if i use back page

[Jim M]

Just now, Jelly Belly™ said:

 

No I'm using a desktop wired to my router

It seems to happen mostly when I've been in a section and click on a menu icon, or if i use back page

As mentioned, this can happen if you are on a VPN/proxy and losing connection as well. I'm afraid, I cannot reproduce this.

However, if you want to disable IP address verification, you can do so in ACP -> System -> Advanced Configuration. Though, this is not recommended. 

[Jelly Belly™]

13 minutes ago, Jim M said:

As mentioned, this can happen if you are on a VPN/proxy and losing connection as well

 

no I'm not using a proxy either, it started a couple of days ago

I'll reboot my router and pc see if that makes any difference

[Randy Calvert]

One thing I've noted recently is that my Internet Service Provider is using both IPv4 and IPv6 addresses.  Yes, even though I have a static IPv4 address...  I also have a IPv6 address as well.  My guess is your ISP might be doing something similar as well.  

Edited February 20 by Randy Calvert

[Jelly Belly™]

1 minute ago, Randy Calvert said:

I also have a IPv6 address as well

My ISP doesn't use IPv6

[sulervo]

I have exactly this same problem. I can't use ACP at all.

Also ACP shows that users are from all over the world. Normally they are from one country.

I disabled this "Check IP address when validating session?" and got immediately warning emails that I have logged in from USA and Netherlands.

Incognito mode or VPN didn't help.

Any help?

 

[Jim M]

13 minutes ago, sulervo said:

I have exactly this same problem. I can't use ACP at all.

Also ACP shows that users are from all over the world. Normally they are from one country.

I disabled this "Check IP address when validating session?" and got immediately warning emails that I have logged in from USA and Netherlands.

Incognito mode or VPN didn't help.

Any help?

 

As you are self-hosted and you are utilizing CloudFlare, the above instructions would not apply to you. You would need to ensure that you enable "Trust IP Addresses provided by proxies" in ACP -> System -> Advanced Configuration. Otherwise, CloudFlare's IP address will be used rather than your own (or your visitors).

[sulervo]

Thanks, it helped. I have used CF for years and now this started..

[Donnie95]

You can actually stay logged in to the admin CP? Mine times out after 20 minutes if I don't use it. I thought it was normal.

IP address verification is disabled.

Edited March 2 by Donnie95

[shiobi]

We are experiencing the same issue. No changes were made on our end.

[Jim M]

On 3/1/2024 at 7:45 PM, Donnie95 said:

You can actually stay logged in to the admin CP? Mine times out after 20 minutes if I don't use it. I thought it was normal.

IP address verification is disabled.

Believe there is some confusion here. This topic is about being immediately logged out again, not what you're experiencing which is being logged out when your session is inactive. What you're experiencing is indeed normal as the ACP would time out with your PHP session, which default is around 20 minutes.

10 hours ago, shiobi said:

We are experiencing the same issue. No changes were made on our end.

You're running CloudFlare as well so you will want to ensure that you're accepting IP addresses provided by proxies, as mentioned above.

[Donnie95]

23 minutes ago, Jim M said:

Believe there is some confusion here. This topic is about being immediately logged out again, not what you're experiencing which is being logged out when your session is inactive. What you're experiencing is indeed normal as the ACP would time out with your PHP session, which default is around 20 minutes.

Is it possible to increase the timeout to 24 hours? That way, I would only need to log in once per day.

[Jim M]

6 minutes ago, Donnie95 said:

Is it possible to increase the timeout to 24 hours? That way, I would only need to log in once per day.

Personally, I would not recommend doing this. Not only is this a security hole but this would extend all sessions and cause things to misbehave, thus, fall outside of our support as well. If you really want to do this though, you can set the ACP_SESSION_TIMEOUT constant to tell the software what you're doing. Then you would also want to change the PHP timeout value.