Jump to content

Archived

This topic is now archived and is closed to further replies.

manish2535

Yet another Sessions Settings question

Recommended Posts

Hi guys. I was wondering if you guys will have some time to tell me the bad or good side of the settings I have inplace for my site -

 

 

Session Directory /tmp

Force Cookie Use True

Check SSL Session ID True

Check User Agent True

Check IP Address False

Prevent Spider Sessions True

Recreate Session True

 

My site has full SSL. I am asking because recently I have been having people saying they keep getting sent to the login screen. I am pretty sure its got something to do with the session IDs not being created properly but I am not an expert so may be you guys can shed some light on this. Thanks in advance. Appreciated.

Share this post


Link to post
Share on other sites

The force cookie option shouldn't be on but that, or any of the other options, wouldn't cause your problem. It is most likely the configure file is not setup correctly.

Share this post


Link to post
Share on other sites

Is there any harm with Force Cookie being ON apart from the fact that Visitors will need to have their cookies enabled in order to shop in my site?

 

I looked into my configure file, everything looks alright but I want to make sure that these settings were setup correctly -

 

 

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'www.site.com');

define('HTTPS_COOKIE_DOMAIN', 'www.site.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

 

Thanks again for your time.

Share this post


Link to post
Share on other sites

No, there's no other harm. There are other parts of the confiugre file that can cause the problem, thus the link to the support thread for it.

Share this post


Link to post
Share on other sites

The force cookie option shouldn't be on but that, or any of the other options, wouldn't cause your problem. It is most likely the configure file is not setup correctly.

 

With a full SSL certificate the force cookies option should definately be on!

 

You can't shop anywhere decent with cookies set to off .. e.g Amazon etc. It is insecure to have querystring based sessions.

Share this post


Link to post
Share on other sites

×