What are the correct settings for Session Cookie Management and Session Validation Management?
- In a single store setup
- In a multi store setup
Session Management
-
Cookie Path
-
Cookie Domain
-
Use HTTP Only
-
Cookie Restriction Mode
Session Validation Settings
-
Validate REMOTE_ADDR
-
Validate HTTP_VIA
-
Validate HTTP_X_FORWARDED_FOR
-
Validate HTTP_USER_AGENT
-
Use SID on Frontend
I always have admin login problems. And can only get rid of it by editing the core file (comment out):
/files/html/app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
// session cookie params
$cookieParams = array(
'lifetime' => $cookie->getLifetime(),
'path' => $cookie->getPath(),
// 'domain' => $cookie->getConfigDomain(),
// 'secure' => $cookie->isSecure(),
// 'httponly' => $cookie->getHttponly()
);
I guess there is no "correct" setting, otherwise there won't be any options. But what is the most common setting? Do I have to have different cookie paths for different stores? What could cause my problem (can't login in Magento admin).
Thank you so much!
Best Answer
"I always have admin login problems" is a bit vague but here goes
Under
System > Configuration > Web
the settings should be as followsAlso set "Session Lifetime (seconds)" under
System > Configuration > Admin
to a high value like 7200 so you don't need to login repeatedly