Magento: How to Force Logout of Backend Sessions

backendlogoutSecuritysession

I shared an administrator account with a 3rd party solution provider to debug one of the extensions installed in our store. Now that the problem is fixed I changed the account password.

However this doesn't seem to log out existing backend sessions. They are still logged in (via browser cookie) even after I changed the account password.

Is there any way to force a log out of ALL Magento backend sessions?

Best Answer

There is a way to find the admin user session file. Please follow below steps to find the admin session files under Magento_Root/var/session/:

Note: below method is use in *nix environment with console utility

Connect to you server through SSH and change your current directory to MAGENTO_ROOT and execute below command:

grep -H -r -n "\"user_id\";s:1:\"7\"" ./var/session/

That's it, you get the lists of admin session file.

What we did here? Using linux grep command we search "user_id";s:1:"7" string inside all session files locate under Magento_Root/var/session directory.

PS: kindly update 7 (administrator id in my case) inside grep search string with your administrator id.

You can delete all listed files.

Best Answer

Related Solutions

Magento CE 1.8.1.0 Backend Login – Blank Admin Page After Successful Login for Specific IP Address

Delete Customer Session from Admin – Magento Guide

Related Topic