Infinite login loop in China

  • Hi there,

    I’d like to report a problem I have since a long time with WordPress in China.

    Whenever I don’t use a VPN, I cannot login to any WordPress blog. The login page is loaded again and again. It seems that it is not possible to login to WordPress with the “China Telecom” ISP (also known as Chinanet). As soon as I connect with a VPN, or login from outside China, there are no problems.

    What changes between China and outside China is that the request GET /wp-admin/ HTTP/1.1 returns a HTTP/1.1 302 Moved Temporarily instead of a HTTP/1.1 200 OK, also the following header is set Location: https://www.example.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.example.com%2Fwp-admin%2F&reauth=1 and then it loads wp-login.php again instead of loading /wp-admin.

    Here is a typical login request from China:

    POST /wp-login.php HTTP/1.1
Host: www.example.com
Connection: keep-alive
Content-Length: 144
Cache-Control: max-age=0
Origin: https://www.example.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.16 (KHTML, like Gecko) Chrome/18.0.1000.0 Safari/535.16
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: https://www.example.com/wp-login.php
Accept-Encoding: gzip,deflate,sdch
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wp-settings-21=m10%3Do%26m1%3Do%26m0%3Do%26m7%3Do%26m6%3Do%26m5%3Do%26editor%3Dtinymce%26hidetb%3D1%26m9%3Do%26wplink%3D1%26m8%3Do%26imgsize%3Dfull%26align%3Dcenter%26m2%3Do%26m3%3Do%26m4%3Do; wp-settings-time-21=1325064641; comment_author_e4dffdcf1716535365da41da85a95b3d=Toto+Tata; comment_author_email_e4dffdcf1716535365da41da85a95b3d=toto%40example.com; PHPSESSID=07c6f9f96051a117f443f743e2467440; __utma=48422960.153258481.1317826388.1328815141.1329401981.50; __utmc=48422960; __utmz=48422960.1317826388.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bb2_screener_=1329588970+180.137.109.31; wordpress_test_cookie=WP+Cookie+check

HTTP/1.1 302 Moved Temporarily
Date: Sat, 18 Feb 2012 18:16:15 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Set-Cookie: bb2_screener_=1329588975+180.137.109.31; path=/
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/
Set-Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798575%7C266c80f63cbe7bb37a1c6d8e0e19fe36; expires=Sat, 03-Mar-2012 18:16:15 GMT; path=/wp-content/plugins; httponly
Set-Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798575%7C266c80f63cbe7bb37a1c6d8e0e19fe36; expires=Sat, 03-Mar-2012 18:16:15 GMT; path=/wp-admin; httponly
Set-Cookie: wordpress_logged_in_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798575%7Cb9379527bc516e23ab82cdd213300dfe; expires=Sat, 03-Mar-2012 18:16:15 GMT; path=/; httponly
Last-Modified: Sat, 18 Feb 2012 18:16:15 GMT
Location: https://www.example.com/wp-admin/
Content-Length: 0
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET /wp-admin/ HTTP/1.1
Host: www.example.com
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.16 (KHTML, like Gecko) Chrome/18.0.1000.0 Safari/535.16
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: https://www.example.com/wp-login.php
Accept-Encoding: gzip,deflate,sdch
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798575%7C266c80f63cbe7bb37a1c6d8e0e19fe36; wp-settings-21=m10%3Do%26m1%3Do%26m0%3Do%26m7%3Do%26m6%3Do%26m5%3Do%26editor%3Dtinymce%26hidetb%3D1%26m9%3Do%26wplink%3D1%26m8%3Do%26imgsize%3Dfull%26align%3Dcenter%26m2%3Do%26m3%3Do%26m4%3Do; wp-settings-time-21=1325064641; comment_author_e4dffdcf1716535365da41da85a95b3d=Toto+Tata; comment_author_email_e4dffdcf1716535365da41da85a95b3d=toto%40example.com; PHPSESSID=07c6f9f96051a117f443f743e2467440; __utma=48422960.153258481.1317826388.1328815141.1329401981.50; __utmc=48422960; __utmz=48422960.1317826388.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bb2_screener_=1329588975+180.137.109.31; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798575%7Cb9379527bc516e23ab82cdd213300dfe

HTTP/1.1 302 Moved Temporarily
Date: Sat, 18 Feb 2012 18:16:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1329588976+180.137.109.31; path=/
Last-Modified: Sat, 18 Feb 2012 18:16:16 GMT
Location: https://www.example.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.example.com%2Fwp-admin%2F&reauth=1
Content-Length: 0
Keep-Alive: timeout=2, max=199
Connection: Keep-Alive
Content-Type: text/html

GET /wp-login.php?redirect_to=http%3A%2F%2Fwww.example.com%2Fwp-admin%2F&reauth=1 HTTP/1.1
Host: www.example.com
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.16 (KHTML, like Gecko) Chrome/18.0.1000.0 Safari/535.16
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: https://www.example.com/wp-login.php
Accept-Encoding: gzip,deflate,sdch
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wp-settings-21=m10%3Do%26m1%3Do%26m0%3Do%26m7%3Do%26m6%3Do%26m5%3Do%26editor%3Dtinymce%26hidetb%3D1%26m9%3Do%26wplink%3D1%26m8%3Do%26imgsize%3Dfull%26align%3Dcenter%26m2%3Do%26m3%3Do%26m4%3Do; wp-settings-time-21=1325064641; comment_author_e4dffdcf1716535365da41da85a95b3d=Toto+Tata; comment_author_email_e4dffdcf1716535365da41da85a95b3d=toto%40example.com; PHPSESSID=07c6f9f96051a117f443f743e2467440; __utma=48422960.153258481.1317826388.1328815141.1329401981.50; __utmc=48422960; __utmz=48422960.1317826388.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798575%7Cb9379527bc516e23ab82cdd213300dfe; bb2_screener_=1329588976+180.137.109.31
If-Modified-Since: Sat, 18 Feb 2012 18:15:37 GMT

HTTP/1.1 200 OK
Date: Sat, 18 Feb 2012 18:16:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Set-Cookie: bb2_screener_=1329588977+180.137.109.31; path=/
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/
Set-Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/wp-admin
Set-Cookie: wordpress_sec_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/wp-admin
Set-Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/wp-content/plugins
Set-Cookie: wordpress_sec_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/wp-content/plugins
Set-Cookie: wordpress_logged_in_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpress_logged_in_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpress_sec_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpress_sec_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpressuser_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpresspass_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpressuser_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Set-Cookie: wordpresspass_e4dffdcf1716535365da41da85a95b3d=+; expires=Fri, 18-Feb-2011 18:16:17 GMT; path=/
Last-Modified: Sat, 18 Feb 2012 18:16:17 GMT
Keep-Alive: timeout=2, max=198
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

    And here is a typical login request from outside China:

    POST /wp-login.php HTTP/1.1
Host: www.example.com
Connection: keep-alive
Content-Length: 144
Cache-Control: max-age=0
Origin: https://www.example.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.16 (KHTML, like Gecko) Chrome/18.0.1000.0 Safari/535.16
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: https://www.example.com/wp-login.php
Accept-Encoding: gzip,deflate,sdch
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wp-settings-21=m10%3Do%26m1%3Do%26m0%3Do%26m7%3Do%26m6%3Do%26m5%3Do%26editor%3Dtinymce%26hidetb%3D1%26m9%3Do%26wplink%3D1%26m8%3Do%26imgsize%3Dfull%26align%3Dcenter%26m2%3Do%26m3%3Do%26m4%3Do; wp-settings-time-21=1325064641; comment_author_e4dffdcf1716535365da41da85a95b3d=Toto+Tata; comment_author_email_e4dffdcf1716535365da41da85a95b3d=toto%40example.com; PHPSESSID=07c6f9f96051a117f443f743e2467440; __utma=48422960.153258481.1317826388.1328815141.1329401981.50; __utmc=48422960; __utmz=48422960.1317826388.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bb2_screener_=1329589281+207.204.232.38; wordpress_test_cookie=WP+Cookie+check

HTTP/1.1 302 Moved Temporarily
Date: Sat, 18 Feb 2012 18:21:26 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Set-Cookie: bb2_screener_=1329589286+207.204.232.38; path=/
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/
Set-Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798886%7Ce8d9b77255c72b01ea5d34eb1bdb75e2; expires=Sat, 03-Mar-2012 18:21:26 GMT; path=/wp-content/plugins; httponly
Set-Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798886%7Ce8d9b77255c72b01ea5d34eb1bdb75e2; expires=Sat, 03-Mar-2012 18:21:26 GMT; path=/wp-admin; httponly
Set-Cookie: wordpress_logged_in_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798886%7C5e41ac2b5781a2ad98ac577112c11bc3; expires=Sat, 03-Mar-2012 18:21:26 GMT; path=/; httponly
Last-Modified: Sat, 18 Feb 2012 18:21:26 GMT
Location: https://www.example.com/wp-admin/
Content-Length: 0
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET /wp-admin/ HTTP/1.1
Host: www.example.com
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.16 (KHTML, like Gecko) Chrome/18.0.1000.0 Safari/535.16
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: https://www.example.com/wp-login.php
Accept-Encoding: gzip,deflate,sdch
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wordpress_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798886%7Ce8d9b77255c72b01ea5d34eb1bdb75e2; wp-settings-21=m10%3Do%26m1%3Do%26m0%3Do%26m7%3Do%26m6%3Do%26m5%3Do%26editor%3Dtinymce%26hidetb%3D1%26m9%3Do%26wplink%3D1%26m8%3Do%26imgsize%3Dfull%26align%3Dcenter%26m2%3Do%26m3%3Do%26m4%3Do; wp-settings-time-21=1325064641; comment_author_e4dffdcf1716535365da41da85a95b3d=Toto+Tata; comment_author_email_e4dffdcf1716535365da41da85a95b3d=toto%40example.com; PHPSESSID=07c6f9f96051a117f443f743e2467440; __utma=48422960.153258481.1317826388.1328815141.1329401981.50; __utmc=48422960; __utmz=48422960.1317826388.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bb2_screener_=1329589286+207.204.232.38; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_e4dffdcf1716535365da41da85a95b3d=toto%7C1330798886%7C5e41ac2b5781a2ad98ac577112c11bc3

HTTP/1.1 200 OK
Date: Sat, 18 Feb 2012 18:21:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Set-Cookie: bb2_screener_=1329589287+207.204.232.38; path=/
Set-Cookie: wp-settings-21=m10%3Do%26m1%3Do%26m0%3Do%26m7%3Do%26m6%3Do%26m5%3Do%26editor%3Dtinymce%26hidetb%3D1%26m9%3Do%26wplink%3D1%26m8%3Do%26imgsize%3Dfull%26align%3Dcenter%26m2%3Do%26m3%3Do%26m4%3Do%26uploader%3D1; expires=Sun, 17-Feb-2013 18:21:27 GMT; path=/
Set-Cookie: wp-settings-time-21=1329589287; expires=Sun, 17-Feb-2013 18:21:27 GMT; path=/
Last-Modified: Sat, 18 Feb 2012 18:21:27 GMT
Keep-Alive: timeout=2, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

    Could someone in the WordPress team find a solution and fix this problem? It would be awesome for Chinese users.

    All the best,

    Gabriel

  • The topic ‘Infinite login loop in China’ is closed to new replies.