My website was working properly in last year, we need better performance of the website then we have run two script on Centos 6.9 server
1) mysqltunner script
2) Engintron Nginx v1.8.5
It has been after installed then Some time down website, now website is working.
Problem: multiple users login same time with different system then some user account display all thing to another user data,
for example : Mark is login with our username and password, Peter is already login then some time(2min after) Mark moved to Peter a
The problem is with Engintron and micro-caching, if you disable engintron session will work normally
Related
I've an issue that I built 2 different applications in localhost with PHP (Codeigniter), but I can logged in with the same account (My apps connect with different database). If I Logged out one of the application, so the other one is also logged out. Is that normal? If it's not, Why just this happened and how to fix it. Thanks in advance.
We have a recurring issue related with an unexpected random User session expiration within all the applications hosted in subdomains of the same domain. Forcing us to re-authentication every time we are kicked.
Our system is:
3 Dedicated Servers run by a server provider, 3 static IPs
Each server acts as a Virtual server, we can have as many hostings as we need
200-300 different users working simultaneously in the applications
Server 1
A main domain "example.com" that points to a Wordpress website in a hosting of the server
A forum application, phpBB 3.2, hosted in "forum.example.com"
4 wiki sites in wikiX.example.com
apache 2.4.46-1~bpo9+1
PHP 7.3
mysql-server 10.1.48-0+deb9u2
PHP Session folder: /home/.example.com/tmp
Server 2
Several SugarCRM CE 6.5.15 instances in PHP 5.6 running in different subdomains sugarcrmX.example.com
apache 2.2.22-13+deb7u11
php 5.6
mysql-server 5.5.57-0+deb7u1
PHP Session folder: /home/sugarcrm.example.com/tmp
Each app with a different unique_key in config.php
Server 3
Several SuiteCRM 7.11.15 instances running in different subdomains suitecrmX.sinergiacrm.org
apache 2.4.46-1~bpo9+1
PHP 7.3
mysql-server 10.1.48-0+deb9u2
PHP Session folder: /home/suitecrmX.example.com/tmp
Each app with a different unique_key in config.php
We are working often in parallel within the different applications: SuiteCRM, SugarCRM, Forums and Wikis. Then, at some point that we can't define, the applications kick us out with the message 'You have been logged out because your session has expired.'. Redirecting us to the Login page of each of the applications that we were using in that moment. From this moment and for several hours, the situation happens again and again, kicking us out repeatably. Until a time that it seems to stop, leaving us for a couple of hours
This happens to all the members of our team: 8 people working from different locations with different devices, operating systems and browsers. Some of the users (within the 200-300 we metioned) reported this as well, but we presume isn't happening as often as us.
This issue started happening a few months after we upgraded our Wordpress, integrated the Server 3 and the SuiteCRM applications, but we can't say the exact moment it started. Before this, it never happened. So it is a bit difficult for us to find the reason right now.
We have already tried to change the PHP session parameters session.cookie_domain. Setting a different cookie_domain for each of the subdomain of each of the hosts, accordingly. Then deleting cookies of each of the browsers. At the beginning, it seemed we found the solution because our session was persisting. But after a few days, the sessions expiration issue came again.
Are we missing some crucial configuration within any service configuration?
Any idea about how to debug this?
Thanks
EDIT: We have a subdomain for each application sugarcrm1.example.com, sugarcrm2.example.com, etc... Each session is currently stored in different folder /home/sugarcrm1.example.com/tmp, /home/sugarcrm2.example.com/tmp
We don't need them to work in a common session, each application/subdomain has a different user/password management authentication.
The unique_key in config.php is a guid code used by SugarCRM Core to generate a unique user session ID.
We haven't tried changing the default session name "PHPSESSID" yet.
You need to consider the following things:
Move your session storage to a third party/mount it outside/database. I would recommend memcache for a scalable solution. Refer Is it recommended to store PHP Sessions in MemCache?
WordPress, PhpBB, Wiki, and SugarCRM have different session management mechanisms. Firstly you need to make changes to all these to work with the common session
In a server I have 3 identical SuiteCRM (sugarCRM) installations, with the same users/passwords.
I only changed the domain:
localhost/moon,
localhost/sun,
localhost/cloud.
Now I want that when a user logs in one of them they can switch(redirect with alive session for that instance) to other sites without login again.
I imagine something like a combo select in each installation with the other two sites, so when the user selects another site is redirected there and logged in automatically, while the other session is destroyed.
I came from drupal and I thought to develop a custom module, but can anyone help me to start?
What about using the same unique_key in all 3 config.php? A session would be allowing you to use all 3 installations with one login. Logging out and destroying sessions wouldn't be needed that way.
I use wamp to develop on a windows 7 machine. For this app I have an admin area which tracks the admin username and encrypted password with $_SESSION and a cookie which keeps track of the randomly generated encryption key for the password.
I set the cookie like:
setcookie('key', $key, time()+7200, 'admin/');
The admin user verification is run on every admin page after the admin user has entered username and password details to login.
The directory structure of the site and the admin is:
localhost/mysite/
locahost/mysite/admin/
A session runs in the admin section, and a session also runs in the user interface of the front-end to keep track of chosen criteria for searches.
When I run long database queries in the admin area ie. multiple updates and inserts where each iteration requires a connection to an external API, I am unable to load the front-end user interface in the same browser ie. firefox until after the admin operation has completed. If I use a different browser ie. chrome , I am able to load the front-end of the site while running admin mysql functions with no problems.
I'd like to view the site while these operations are running, and use the same browser. It's a small problem, but I'd like to know how to get around it because I want to learn. I mean I could just tell myself that it doesn't matter because the site works fine when I open another browser, and the final user isn't going to be running admin operations while viewing the site anyway, so from that perspective it doesn't matter, but I am curious.
What is going on with the sessions and cookies that stops me from viewing the site whilst the admin operations are running? Is my question even a good one? Part of me thinks that it's a silly question because ultimately the site works perfectly well in a separate browser. Anyway, thank you for looking!
I think your session is being locked. On the page that takes a long time to run add this at the top: session_write_close(); that should fix it.
Using symfony framework 1.4 I have created a website. I'm using sfguard for authentication.
Now, this is working great on WAMP (windows). I can login to several accounts on different browsers and use the website.
I have ubuntu server 9.10 running apache (everything up to date and default configuration). On my server, when I login to the website in one browser it works great. When I on my other computer login with another user account on the public website, the login is successful. But when I refresh/go to another page the first user is shown as logged in instead!
Also, when I press logout, It's not showing that I'm logged out after page load. When I press f5 again I'm logged out.
As mentioned, all this works as expected on my local installation. I'm thinking there something wrong with my PHP session configuration on my ubuntu server, but I've never touched it..
Please help me. This is a school project and I'm presenting it today :(
It's unlikely to be the session handler (certainly not the problem if you are using the default handler). Top of my list of things to check is whether you are sending out the right caching information in the authenticated pages (i.e. either no-cache or Varies: cookie).
C.