Jump to content
LmanCZ

[SOLVED] Conflicting cookies - can't login or add to cart

Recommended Posts

Hello everyone,

 

I recently added SSL encryption to our site using Let's encrypt on Linux/Apache server we use for hosting. Everything seems to be working fine. But.

 

For some users, login and add to cart is not working. When you try to log in, the login page simply refreshes and nothing happens. When you provide invalid login and/or password, error appears. Also once you click "add to cart" you get a confirmation "product added to your cart", if you add another, you still have only one product in cart. When you go to the cart page, it shows the cart is empty.

 

https://www.mysite.com or https://mysite.com) when you access the page through http:// or just address (www.)mysite.com it will set different cookies and you can't login.

 

There are two identical cookies set from domain www.nanowax.cz and nanowax.cz and that is I believe the problem.

 

I believe the problem might be in BO settings SEO&URL -> domain and ssl domain which is both set to "www.nanowax.cz". I didn't want to change those values as I might break something completely and I am not the one who was setting up the shop. I also get a warning when I login into BO in the dashboard : "You are connected with domain name nanowax.cz That is different from what is set in SEO&URL..."

 

Any help is appreciated as this might turn out to be a big problem...What do I need to change in order to fix this. Also is there a way how to force "flushing" the cookies on client's side as I won't be able to tell all of our customer "hey just delete your cookies"

 

Prestashop version : 1.6.0.8

website : nanowax.cz - access through different URLs to reproduce the issue.

Edited by LmanCZ (see edit history)

Share this post


Link to post
Share on other sites

WWW or non-WWW safe to different cookies. The same is the case for HTTP or HTTPS.

 

Make sure your shop only allows one URL.

 

Flushing cookies can be achieved by the

Front office cookie lifetime setting. Choose a low value for some days.

Edited by Scully (see edit history)

Share this post


Link to post
Share on other sites

Thank you Scully for your reply,

 

When I try to access the shop through all four different options (http://domain.com, http://www.domain.com, https://domain.com, https://www.domain.com) it is all redirected to https://www.domain.com but cookies are set for .domain.com when you try to access it as http://domain.com

 

Would this solve the issue?

 

RewriteEngine on
RewriteCond %{HTTP_HOST} ^nanowax.cz [NC]
RewriteRule ^(.*)$ https://www.nanowax.cz/$1 [L,R=301]

Share this post


Link to post
Share on other sites

With just a quick view, the redirect looks good. Test it before making your final decision.

Also test the backoffice login!

Share this post


Link to post
Share on other sites

Just an update, the redirect seems to have solved the issue. Thank you for the help.

Share this post


Link to post
Share on other sites

You're welcome. Please add "SOLVED" to the topic title. You can do so by clicking on "More Reply Options".

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More