After logging in, my users are being logged out automatically when loading another page, without any reason /
or: logging out, leaving & reloading the page, results in them being logged in again.
This is the strange thing:
I tried different domain names with this script; all having letsencrypt certificate.
This never happens with any other domain name, but the one I actually want to use.
Does anyone have the smallest idea, what this may cause?
(I installed l.e. for all domains the same way; and only one behaves like this.
The scripts code is untouched.)
I have deleted cookies for that particular domain name / tried with diff. browsers on diff. computers, always the same error.
This does not sound like anything to do with the Let's Encrypt certs
Most likely related to your application. If you want us to check the certs you will need to fill out more info from the questionnaire you were shown. I looked at your history and never saw where you had completed one.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
You would really have to take a look at the source of the system you are querying to see how they vary HTTP cache headers according to cookies etc. Other factors include whether the domain has a caching proxy service as a front end, such as Cloudflare (very popular).
I'd say you need to figure out the root cause of the caching issue, which is probably not really any of these and you shouldn't be deleting anything. If it's a caching issue (why do you need to script a login to your own site?) you can start by switching off the cloudflare DNS proxying (the little orange cloud icon in the DNS settings in cloudflare) which then circumvents all the fancy cloudflare tech.
Can you share the script or anything about it, such as how it maintains state and which state does it maintain?
Although that sounds like a valid solution to your problem; And I am glad you found it and have overcome it...
I can't help wondering: Why are those links not self-referencing?
Then anyone logging in via "www" could stay connected that way.
[and anyone not using "www" could stay conencted that way too]
Don't know; when I visit the site (no matter how I put the name in);
I am always directed to
https:// www. domainname .com [will have to change the .htaccess file: How to remove www from your URL • Yoast ]
When I then click anything on the site, the domain will forward the domain name internal (without www).
I am using cloudflare and set up the SSL / l.e. certificate for both (with and without www).
Standardizing everything to work on a single correct domain is the best option, but you may get a temporary fix by configuring cookies to work across base and subdomains.