WordPress.org

Ready to get started?Download WordPress

Forums

124

[closed] Cookie Error when Logging In (117 posts)

  1. Kevin
    Member
    Posted 10 months ago #

    Since updating WP yesterday, When users attempt to login to my WP site, they receive an error message:

    "Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress."

    Cookies are enabled, and if you re-enter your login information on the same page with the error, you can access the site without difficulty. You will then never see the message if you logout and login , unless you clear your cookies, then it returns.

    Never had the message before, and with cookies enabled in all browsers, you still see the message the first time logging in.

    Any one else experiencing this or have a suggested solution? All help is appreciated!

  2. Tara
    Member
    Posted 10 months ago #

    Have you tried:
    - deactivating ALL plugins temporarily to see if this resolves the problem. If this works, re-activate them individually (one-by-one) to find the problematic plugin(s). If you can't get into your admin dashboard, try deactivating via FTP or SFTP or whatever file management application your host provides. If applicable, also remember to deactivate any plugins in the mu-plugins folder. The easiest way is to rename that folder to mu-plugins-old.
    - To rule out any theme-specific issue, try switching to the unedited default, core-bundled Theme (such as Twenty Twelve or Twenty Thirteen) for a moment using the WP dashboard. If you don't have access to your admin area, you can switch to the default theme by renaming your current theme's folder in wp-content/themes and adding "-old" to the end of the folder name using via FTP or SFTP or whatever file management application your host provides. Alternately, you can remove other themes except the default theme. That will force your site to use it.
    - resetting the plugins folder by FTP or PhpMyAdmin. Sometimes, an apparently inactive plugin can still cause problems (because the hooks remain unless plugins completely removed or some plugins stick around in cached files. So by renaming the folder, you break them and force them inactive).

  3. thlconal
    Member
    Posted 10 months ago #

    I'm now having exactly the same issues; a site that was working perfectly prior to the update now issues the "Error: Cookies are disabled or..." message whenever *anyone* tries to log on. nothing on the site was changed other than the WP 3.7.1 update; This issue is cross-browser.

    I've disabled all plugins and switched to a stock twenty twelve theme to no avail. I've cleared Cache & cookies on each browser I've tried (IE, Firefox, Chrome, Safari...)

    Apparently as part of the new update login.php is now issuing a test cookie that is not being properly read on the first pass. If you reenter the username and pw on the error screen, you will be successfully logged in, but far to many users are not giving it a second try...

    So, basically, this nifty new update has tanked my - and a great many other users - ability to have people log on to their WordPress sites.

    Any ideas how to fix this?

  4. edingc
    Member
    Posted 10 months ago #

    Seeing the same issue here on multiple 3.7.1 sites. Trying to log in a second time works properly.

  5. willem.deboer
    Member
    Posted 10 months ago #

    I'm having exactly the same issues, tried all of the above. http://www.communsense.nl

  6. SOS - 2013
    Member
    Posted 10 months ago #

    I have same issue too.

    I use 3.7.1 . and I cant login to my site .

    I re install 3.7 & 3.6.1 but no thing happened .

    Also when some one send a command white page showed .

    I really don't know what should I do . and advise every one don't upgrade 3.7.1 . I thing this version have big problem .

  7. willem.deboer
    Member
    Posted 10 months ago #

    I agree 100%. I just found my other site won't log off. I have the white page as well. This is a major problem!

  8. willem.deboer
    Member
    Posted 10 months ago #

    I have the white page as well.

  9. Tara
    Member
    Posted 10 months ago #

    Have you guys discussed this issue with your respective webhost?

  10. Kevin
    Member
    Posted 10 months ago #

    It is apparently a login update with WordPress. An “improved” control mechanism during the login process to check if a browser can store cookies. This cookie, however, is only set in the wp-login.php file and in many login scenarios, the cookie is set too late to be of any real use.

    Luckily for me, my membership plugin provided an update to work around the issue. As for solving directly, I unfortunately can't provide much assistance but hope this information helps!

  11. SOS - 2013
    Member
    Posted 10 months ago #

    * I use OVH hosting more than 6 month and there is no change in hosting setting . My site worked until last update 3.7.1 .

    * I change wordpress : 3.7.1 to 3.7 and 3.61
    I remove all plugin folder to deactivate all of them
    I used default 2013 & 2012 theme
    I change browser too : chrome & IE & fierfox & opera
    but none of above solution work to solve this problem .

  12. thlconal
    Member
    Posted 10 months ago #

    I have discussed it with my web host. Fairly easy because I am my web host.

    While I do apprciate suggestions such as "check with your web host," please keep in mind that this isn't an install or plugin issue, but a problem created by the core code being the only thing modified, causing the previously working install to fail.

    It's a matter of us needing to know *what* to talk about to our web host (or ouselves in my own case) in order for us to fix a problem someone else made for us.

  13. niosus
    Member
    Posted 10 months ago #

    I encountered the same issue and have managed to make it work, and a theory of what could be the issue.

    First of all, how to get logged in again. Comment out lines 744-746 in wp-login.php . It should look like this:

    //	if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
    //		$user = new WP_Error('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
    //	else
    		$user = wp_signon('', $secure_cookie);

    This will bypass the check entirely and logs you in.

    At first I didn't understand why it might fail, but then I remembered I am running behind a Varnish cache which filters out all but some select cookies. I haven't checked, but I am fairly certain that my Varnish setup filters out the WordPress test cookie when it receives the login request (the actual POST with the login data). Is it possible all of you are running behind a proxy which filters cookies?

    This is pretty sloppy by the WordPress team. They could also just test the session cookie. If THAT one doesn't get through, it will fail anyway. Completely breaking when a test cookie is missing should not happen.

    I hope this helps...

  14. Livsy
    Member
    Posted 10 months ago #

    @niosus Thank you very much!

  15. Tara
    Member
    Posted 10 months ago #

    @niosus: Thanks for sharing

  16. willem.deboer
    Member
    Posted 10 months ago #

    @niosus Thank you!

  17. willem.deboer
    Member
    Posted 10 months ago #

    Would it help to use wp-login.php from a previous version? Probably not, because I understand from your post that the real problem is somewhere else in WordPress's code?

  18. SOS - 2013
    Member
    Posted 10 months ago #

    Thanks niosus. but I can't login to my site .

    I know there is a way to back my site but i take much time .

    If there is no solution or update I should install a new wordpress and import table of post meta & ... to new DB.

    so thanks for reply.

  19. niosus
    Member
    Posted 10 months ago #

    @willem.deboer

    Everything happens inside wp-login.php, so you can use an old version (<3.7). I did not check if there were any other changes, so if there were security fixes or other changes you won't have those. I recommend editing out those 3 lines. That will make sure everything else stays compatible.

    @SOS - 2013

    If you have FTP access or any other form of access to the filesystem (cpanel, ssh, etc) just comment out the lines as I explained in my previous post. You will be able to log in again like usual. There is no need to reinstall wordpress at all.

  20. Kaldra
    Member
    Posted 10 months ago #

    @niosus

    THANK YOU, THANK YOU, THANK YOU, THANK YOU SO MUCH!

    I have been struggling the last few days trying to figure out what broke on my site to cause this issue. I could only manage to find a workaround by directing myself to /wp-admin/and having the site then redirect me to log in.

    Now it works without a hitch! Again, thank you for sharing this fix.

    You are amazing!

  21. Tara
    Member
    Posted 10 months ago #

    You are welcome:-)

  22. edingc
    Member
    Posted 10 months ago #

    @niosus

    I'm behind Varnish, too. Any thoughts on how to ensure this cookie get passed through to WordPress?

  23. mirajas
    Member
    Posted 10 months ago #

    Thanks @niosus for posting possible solution, however, I found another way on which we do not need to hack the core file like wp-login.php as it will be overwritten when updated and besides testcookie have different security perspective. Here is what I did.

    In function.php of theme I added:

    //fix for cookie error while login.
    setcookie(TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN);
    if ( SITECOOKIEPATH != COOKIEPATH )
    	setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);

    Hope this will help others as it solved in my case.

  24. programmin
    Member
    Posted 10 months ago #

    @mirajas Sounds good, did you post a bug report on this behavior in WP 3.7?

  25. willem.deboer
    Member
    Posted 10 months ago #

    I did the edit and pasted Mirajas's hack into function.php. Now all I see is a white screen after login, browser stays in wp-login.php .... Any suggestions?

  26. amsgator
    Member
    Posted 10 months ago #

    When I try to login to my dashboard it gives me the same error. I've verified numerous times that cookies are enabled. However, the second time I login after getting the error it logs in with no problem. I have tried across multiple browsers and OS platforms, and it's all the same.

    I've deactivated all my plugins and it still gives the error. I even tried reinstalling WordPress and it doesn't fix the issue either.

    I even verified that the test cookie downloaded to the browser.

    @niosus's solution appears to have worked for me. However, what is strange is that I have another 3.7.1 site that works fine without commenting out the wp-login.php lines.

  27. willem.deboer
    Member
    Posted 10 months ago #

    I should add I am also trying to login to my dashboard.

  28. amsgator
    Member
    Posted 10 months ago #

    @willem.deboer Follow what niosus posted. If you did BOTH the login file and functions file edits that may be why it's broken now

  29. willem.deboer
    Member
    Posted 10 months ago #

    Obviously :-) No, I did just the functions.php edit. Moreover, amsgator is having the same problem.

  30. amsgator
    Member
    Posted 10 months ago #

    My bad! :) The wp-login.php hack worked for me. I guess I'll roll with that until something else is figured out

124

Topic Closed

This topic has been closed to new replies.

About this Topic