Support » Plugin: WP Cerber Security, Anti-spam & Malware Scan » Cookies are blocked error on login.

  • Hello, all of the website I have Cerber installed on are having an issue logging in. I am receiving an error that states “Cookies are blocked or not supported by your browser.” This is a recent issue that has not happened before, but it is happening to all Cerber-enabled websites and no others. After I receive this error, if I add “wp-admin” to the url and press enter, I am taken to the dashboard. So, the login works, but the redirect to dashboard is not occurring, and I am receiving this error.

    Please note that I am using the login screen rewrite settings in Cerber to mask my login screen with a custom url.

    Also note, I am not disabling cookies in my browser.

Viewing 7 replies - 1 through 7 (of 7 total)
  • Thread Starter mrapino

    (@mrapino)

    Any news on this?

    Plugin Author Gregory

    (@gioni)

    Hi! Can you reproduce this issue in a different browser?

    Thread Starter mrapino

    (@mrapino)

    I think I tracked down the issue.

    The following query string is automatically added to the default ‘wp-admin’ login url.

    ?redirect_to=https%3A%2F%2Fwww.domain.com%2Fwp-admin%2F&reauth=1

    The error occurs in all configurations of the Cerber Custom Login URL in both Legacy and Standard modes.

    When I use the custom login url and add the additional query string to the end of it, the error does not occur.

    If a patch/update can be pushed with this addition to the custom login url functionality, we will not get this cookie error anymore.

    Please let me know if you have any questions.

    Thanks!

    Plugin Author Gregory

    (@gioni)

    The following query string is automatically added to the default ‘wp-admin’ login url.

    ?redirect_to=https%3A%2F%2Fwww.domain.com%2Fwp-admin%2F&reauth=1

    When does it happen? WordPress doesn’t use/add any query string during the standard login sequence. First of all, try to open your Custom login URL with no query string (do not click any login link rendered somewhere on your website) and try to log in from that page. Does it work?

    Thread Starter mrapino

    (@mrapino)

    First of all, try to open your Custom login URL with no query string (do not click any login link rendered somewhere on your website) and try to log in from that page. Does it work?

    I always just go directly to the custom login page by typing it into the address bar of my browser. This is when I get the error.

    I created a brand new test site, completely clean. I am going to only install Cerber to see if I still get the error. If so, I’ll do some debugging to see exactly why all of my client websites are getting this error.

    More to come.

    Thread Starter mrapino

    (@mrapino)

    Okay, I’m back with some news.

    I just created a brand new install of WordPress. There were zero plugins installed/active other than Cerber. The default Twenty Twenty-One theme was active.

    The Custom Login URL was used, and I received the cookie error.

    Additionally, before installing Cerber, I went to /wp-admin in a completely fresh install, and the url did in fact redirect to:

    /wp-login.php?redirect_to=https%3A%2F%2Fdomain.com%2Fwp-admin%2F&reauth=1

    Out of the box, WordPress is adding the query string above.

    Again, when I take that query string and add it to the end of my custom url, I do not get the error.

    You had mentioned:

    WordPress doesn’t use/add any query string during the standard login sequence.

    Have you done this type of test? I made no modifications to the fresh install, and WordPress is definitely adding this query string within the login sequence.

    Is no one else having this issue? I feel like if this is happening right out of the box on a new install with Cerber being the only plugin activated that everyone should be having this same error pop up.

    Super strange … please advise.

    Thread Starter mrapino

    (@mrapino)

    I found the root cause of the issue. I thought it was the Cerber Custom Login URL section, but the issue was happening when I installed and used WPS Hide Login while Cerber was still activated. This led me to want to disable every single setting one-by-one in Cerber until I finally found it!

    The Cookie Error issue occurs when ANY or ALL of the Anti-Spam settings in the “Cerber Anti-Spam Engine” section are enabled. It does not matter in what combination … one or all can be enabled, and this issue occurs.

    • Registration form: Protect registration form with bot detection engine
    • Comment form: Protect comment form with bot detection engine
    • Other forms: Protect all forms on the website with bot detection engine

    I happen to use all of these on every client website, which is why all of my sites are having this cookie error issue upon trying to login.

    Now that I have tracked this issue down, perhaps you might have an answer as to why it is causing WordPress to think the browser’s cookies are disabled.

    Please let me know if you now have enough information to create a fix.

    Thanks!

Viewing 7 replies - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.