Troubleshooting Random Logouts

For a long time now, I have been trying to fix the persistent issue of our registered users getting logged out automatically, randomly and often repeatedly during the day. I am still trying to identify any specific plugins that might be causing the problem, and in my research I found this post by Marko with some helpful tips.

Since that is an old closed thread and I can't seem to tag @Marko Miljius I fear my reply below may not be seen. So, please excuse this duplicate post. Please refer to other topic for more information.

@Marko Miljus said:

...it could be cookie timeout issue, so we will try to extend it with this:

function wpmudev_set_cookie_expiration( $expiration, $user_id, $remember ) {
return $remember ? $expiration : 60000;
}
add_filter( ‘auth_cookie_expiration’, ‘wpmudev_set_cookie_expiration’, 99, 3 );

Thanks for this Marko! Quick question: Does that "99" mean this is only effective for user_id 99? Or will it set the expire for all user cookies?

Perhaps a silly question I know, but I am desperately seeking a fix for a nagging session timeout issue that is causing random and frequent logouts. I tried this suggestion by Sarah Gooding but it hasn't made a difference.

Also, is your suggestion #4 correct above? It looks different than the php.ini settings you suggest in #3.

Thanks in advance for your help!

  • Sajid

    Hi @jcnjr,

    Hope you are doing good today :slight_smile:

    Thanks for this Marko! Quick question: Does that "99" mean this is only effective for user_id 99? Or will it set the expire for all user cookies?

    The 99 is not ID number of a user. Its the priority parameter that tells WordPress when it needs to run internally. So in short yes it will set expiry for all users.

    Sarah Gooding also suggested the same technique but I will still go with Marko's suggestion.

    The number 3 and 4 yes its seems "use_cookies" is true in this case. What you find in the php.ini would mind sharing that here if the code snippet does not work for you.

    Also there is a "Remember Me" checkbox on the time of login, that will keeps you login on same browser.

    Take care and have a nice day :slight_smile:

    Kind Regards,
    Sajid J

  • jcnjr

    The 99 is not ID number of a user. Its the priority parameter that tells WordPress when it needs to run internally.

    Thank you for the clarification @Sajid ! I'll give Marko's suggestion a try, since Sarah's hack made no difference. We've tried various Remember Me checked tricks/plugins and nothing seems to work. I can't help but think the logouts are being caused by something at the server level. Any backend (Apache/PHP/SQL/Config) suggestions are greatly appreciated.

    The number 3 and 4 yes its seems "use_cookies" is true in this case. What you find in the php.ini would mind sharing that here if the code snippet does not work for you.

    Not sure what you mean by "what I find"...I'll need my server manager to get involved editing any .ini files, so my question was regarding this wp-config hack Marko suggested:

    @ini_set("session.use_cookies", 1);
    @ini_set("session.use_cookies", 0);

    Does this look correct? Just add that as is to wp_config?

    I ask if this is correct since It seems to just contradict itself (1 & 0) and it looks different that the suggested php.ini edit:

    session.use_only_cookies = 1;
    session. use_trans_sid = 0;

    Granted, I don't exactly know what I'm looking at, so I appreciate the education!

  • jcnjr

    @Sajid said:

    What you find in the php.ini would mind sharing that here if the code snippet does not work for you.

    I have asked my server admin for a copy of our current php.ini config.

    Implementing this suggested wp-config hack did not make a difference:

    /* WPMU Dev Attempt to Fix Logout Issue */
    @ini_set("session.use_cookies", 1);
    @ini_set("session.use_cookies", 0);

    Did I add this correctly? Forgive my ignorance, but it still looks like the two commands just contradict each other.

  • Sajid

    Hi @jcnjr,

    Hope you are doing good today :slight_smile:

    I am sorry for confusion here. Yes they definitely contradict each other. I think there were typo in the reply on other thread. It should be use_trans_sid instead of use_cookies on second line.

    Here is the final code:

    /* WPMU Dev Attempt to Fix Logout Issue */
    @ini_set("session.use_cookies", 1);
    @ini_set("session.use_trans_sid ", 0);

    Hope that helps! If you still need assistance, please don't hesitate to ask.

    Take care and have a nice day :slight_smile:

    Kind Regards,
    Sajid J

  • jcnjr

    @Sajid said:

    I think there were typo in the reply on other thread.

    thank you for the clarification!

    I have also just had my server manager add the other suggestion to php.ini:

    session.use_only_cookies = 1;
    session. use_trans_sid = 0;

    I presume the empty space after "session. " on the second line is also a typo. Please advise if not.

    What you find in the php.ini would mind sharing that here...

    I have the results of a phpinfo file, which I understand can be a security risk to share publicly. Could I send that to you via the WPMU Dev contact form for review?

    Thanks again for all the help!

  • Sajid

    Hi @jcnjr,

    Hope you are doing good today :slight_smile:

    session.use_only_cookies = 1;
    session. use_trans_sid = 0;
    I presume the empty space after "session. " on the second line is also a typo. Please advise if not.

    Yes, its a typo as well :slight_frown:

    No, I don't need that information any more just wanted to confirm the default value and exact name in php.ini file.

    Take care and have a nice day :slight_smile:

    Kind Regards,
    Sajid J

  • Sajid

    Hi @jcnjr,

    Hope you are doing good today :slight_smile:

    The value and name of php.ini variables to identify we are using correct. But yes we do using correct values.

    If its still causing the random logout for you and other users then there is possibility you are using a plugin that is doing this. Is there possibility for you to deactivate all plugins and then check again ?

    Take care and have a nice day :slight_smile:

    Kind Regards,
    Sajid J

  • jcnjr

    Is there possibility for you to deactivate all plugins and then check again ?

    @Sajid

    Yes, I've taken all standard troubleshooting steps, multiple times. And, the issue occurs on various different WP installs, all running different plugins.

    Therefore, I'm fairly certain the cause resides somewhere at the server level. My server managers and I can't seem to identify the root of the problem, so I'm hoping some of the experts here might be able to offer suggestions.

    Can anyone recommend a solution for at least logging WHY users get logged out somehow?

    Thanks again!

  • jcnjr

    @Tyler Postle

    Yes! Domain Mapping is active on two of the three networks where I have experienced the log-outs.

    I have been research hard what if any settings I should make to the Domain Mapping plugin as I've researched a potential fix. If you have any suggestions for me, please advise!

    Any other feedback is greatly appreciated.

    Thanks.

    PS: Sorry, I just noticed your reply since for some reason I am no longer receiving email notifications for subscribed topics here... :-\

  • jcnjr

    @Tyler Postle said:

    this was an issue in the past related with Domain Mapping.

    Any suggestions for how the issue might have been resolved in those cases? Just changes to plugin settings, or code hacks?

    I've been testing various combinations of the DM network settings, as our users (including me) are still getting randomly and frequently logged out. See screenshots for the current settings I'm testing now...I'll gladly extend support access if someone cares to have a look.

    Thanks in advance for any help!

  • jcnjr

    So...the logouts continue, with the Domain Mapping settings above, Which Luis said looked fine in the Chat earlier today.

    I left the Dashboard open, with the Firefox Console running, and was able to catch the session error in action with these screenshots. I'm sure the "Password fields" errors displayed once the login screen popped up, but anything else give a hint to what might have caused the log-out?

    @Tyler Postle ? @Sajid ?

    Anyone?

    Thanks!

  • Tyler Postle

    Hey @jcnjr,

    I've been testing this out with DM further and the only time I would get logged out is when logging into a new browser and then logging out there, it would log me out of both sessions.

    The password error you see there is just because there is an entry form on a non-https page so you are right it would of only showed up after you had already been logged out.

    Is there any chance you were logged into another browser or on another computer at the same time?

    Cheers,
    Tyler

  • jcnjr

    @Tyler Postle

    Is there any chance you were logged into another browser or on another computer at the same time?

    Thank you for chiming in Tyler!

    I don't recall if that may have been the case previously, but I did just confirm that behavior:
    1. Logged in with Firefox. (Actually, was still logged in!)
    2. Logged in with Chrome browser.
    3. Logged out in Chrome.
    4. Returned to Firefox to notice I had also been logged out.
    BONUS: I also confirmed that another user at different PC also logged in at the time (on same IP) was NOT logged out when I logged out!

    This scenario, I can live with.

    PS: I've actually been meaning post an update recently since I've been monitoring this issue very closely since updating to the latest Domain Mapping plugin version. I was very excited to see the notice below in the changelog. Since I updated to v.4.4.2 the issue does seem better.

    Users have stopped reporting unexpected logouts in the middle of replying to forum topics that have caused them to lose their posts. I have not had this happen either, and it used to happen frequently. I have also noticed that I was still logged in two out of the last three mornings—a first in a long time!

    I've had a hunch for a long time—and mentioned it somewhere—that a user logging out might be logging out all users, so thank you very much for identifying and hopefully resolving that issue! I'm going to give this a few more days and ask for additional feedback before marking this as resolved.

    But seriously, Thank You!

  • jcnjr

    @TyePo

    ...logging out could logout all users - that was probably the main issue your users were running into.

    Yes! That would explain the mysterious randomness of the issue I've been chasing down—with various consultants and server managers—for the past few months.

    Domain Mapping was the only plugin I couldn't deactivate since doing so would have made our Tripawds Foundation website inaccessible.

    Many thanks to you and @samnajian for resolving this once and for all.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.