Cookie Problem, Internet Explorer Only

  • Hi,

    I’m currently running a medium sized Multisite install on an Ubuntu 12.04 x64 based server, using Nginx, PHP-FPM, MySQL and Cloudflare at the front, serving wp-login and wp-admin over HTTPS. Cloudflare isn’t caching any wp-admin/login page, rules are in place, neither is the backend Nginx cache I have in place, both are showing as BYPASS in the headers.

    It’s mainly for hosting educational blogs for schools, who unfortunately use IE most of the time.

    I’ve been alerted today that users can’t log in to the admin area if they’re using any variation of Internet Explorer, but all other browsers work without issue. Being a Mac user I rarely use Internet Explorer if I can help it, but when testing it in various scenarios I get exactly the same result: “ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.” This is on a proxied connection in a school, a direct connect at home and tethered on my phone’s connection, so it’s not an issue with proxying.

    Looking in the developer tools on IE, the cookies are sent and received fine, exactly how they are in every other browser. The test cookie is generated etc, but on POST the page will just refresh with the same cookies, but then show the message about cookies being blocked as above.

    I have tried all the common fixes available on Google and these forums, including modifying wp-login.php to force a login, functions.php code to force creating a cookie with the cookie-domain and setting the cookie defines in my wp-config.php. None of these have worked, but I didn’t expect them to as it was already working in other browsers. I’ve yet to disable all the plugins that are network enabled because it is a live Multisite install, but I’ve tried quickly disabling some that could be the culprit, I’ll try the rest during the night when it’s quiet. Stranger still, I have some blogs hosted that use domain mapping and it will allow me to log in to those blogs in IE.

    Has anyone witnessed this before? I have had the message before on all browsers when there was an error with a plugin at one point in the past, but this has since been fixed.

    Cheers,
    Ed

Viewing 15 replies - 1 through 15 (of 55 total)
  • Thread Starter Ed

    (@coopeh)

    Further to this, I’ve now tried disabling all caching and all plugins and the problem still exists. It’s down to a bare hosting environment with no optimisations at all.

    Ed

    Just a guess, but you might be mixing content, http and https. Depending on browser security settings, it may be rejecting things like cookies. You might want to see the IE browser is throwing any security warning.

    Thread Starter Ed

    (@coopeh)

    Thanks jkhongusc, I thought it might have been that too, so I disabled all HTTPS and tried through a HTTP only connection. It still didn’t work unfortunately, although there we no errors using HTTPS either in the network panel.

    The problem could stem from many sources: caching, http/https mixed content, plugins, themes. Have you tried disabling plugins and changing to a default theme to see if you still have the problem?

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    1) Delete ALL cookies related to your site from IE

    2) Try to log in again. If it fails, check what URL value the cookie is giving you. You may need to use https://codex.www.ads-software.com/Editing_wp-config.php#Set_Cookie_Domain

    Thread Starter Ed

    (@coopeh)

    jkhongusc – I’ve tried all of those unfortunately, none have worked. Thanks.

    Ipstenu – I’ve tried removing all cookies and using an InPrivate browsing session to no avail. I’ll try setting the cookie domain and report back.

    Thread Starter Ed

    (@coopeh)

    Ipstenu – Unfortunately I get “The constant “COOKIE_DOMAIN” is defined (probably in wp-config.php). Please remove or comment out that define() line.” as I’m using the WordPress MU Domain Mapping plugin. I may try temporarily removing sunrise.php at some point this evening and see if that rectifies anything.

    Thread Starter Ed

    (@coopeh)

    Removing sunrise.php/WordPress MU Domain Mapping also doesn’t change anything.

    The cookie domain is sending as .ed.gs for the url littlemead100wc.ed.gs/wp-login.php, this is the same on other browsers, yet they log in correctly.

    Have you tried setting IE’s cookie options? IE may be seeing the cookies but not accepting them.

    Tools -> Internet Options -> Privacy -> Advanced:

    I would select “Override automatic cookie handling”, then accept both first-part and third-party cookies, and select “Always allow session cookies”.

    If the above doesnt work, then I would think that there is something funny going on with your COOKIE_DOMAIN. You mention that the Domain Mapping enabled sites work in IE? If that is so, I would install a script that prints out the COOKIE_DOMAIN; and call it from the working and non-working sites to see if there is a difference. I could create such a script if you want.

    Thread Starter Ed

    (@coopeh)

    Yeah, I’ve tried that already unfortunately.

    Domain mapped sites seem to work fine in IE, yeah.

    I’m at work currently and unable to access my server, I’ll be back home this evening and will test the COOKIE_DOMAIN declaration output then. Assuming I’d need to do something similar to:

    <?php
  echo '<pre>';
  print_r(COOKIE_DOMAIN);
  echo '</pre>'
?>

    Cheers for the help so far!

    I create test scripts either in the wordpress root directory or in the theme directory… depends on whether I am testing a blog or network issue. In this case I would put in WP root dir. I would call this script <WP base>/mydomain.php

    <?php
require( dirname(__FILE__) . '/wp-load.php' );

if ( defined('COOKIE_DOMAIN') ) {
echo "COOKIE_DOMAIN: ".COOKIE_DOMAIN;
} else {
echo "COOKIE_DOMAIN is not defined";
}
?>

    You can see that the script loads in WP on the first line. After you drop that into WP root dir, access from browser though any blog site – https://site.domain.com/wpdomain.php

    Thread Starter Ed

    (@coopeh)

    I’ve just tested it and both IE and Chrome result in the same result of:

    COOKIE_DOMAIN: .ed.gs

    It’s the same for all subdomains too. Domains result in the domain name as the cookie, minus the dot at the start.

    Thread Starter Ed

    (@coopeh)

    Do you think it has something to do with the dot at the start of the cookie domain?

    > Do you think it has something to do with the dot at the start of the cookie domain?

    No, but it is possible. Supposedly .ed.gs and ed.gs are both valid cookie domains. FYI my system reports my domain without a dot: usc.edu

    You should be able to force a domain using the COOKIE_DOMAIN setting, but you might need to de-activate the multisite plugin.

    Thread Starter Ed

    (@coopeh)

    I’ve tested removing the following login form check and it creates a wordpress_logged_in cookie, but still goes back to the login page.

    <input type="hidden" name="testcookie" value="1" />

Viewing 15 replies - 1 through 15 (of 55 total)
  • The topic ‘Cookie Problem, Internet Explorer Only’ is closed to new replies.