Jump to content

Welcome to DevFuse Forums

Sign In  Log in with Facebook

Create Account
Welcome to DevFuse Forums, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of DevFuse Forums by signing in or creating an account.
  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.
Guest Message by DevFuse

Tutorial info Visit support topic

  • Added on: Mar 13 2010 07:00 AM
  • Date Updated: Jun 26 2010 06:03 AM
  • Views: 8325

Cookie Settings

Basic cookie settings, especially helpful for those who have upgraded from 2.x.x

Posted by AndyF on Mar 13 2010 07:00 AM
I see a fair few topics where people are having issues staying logged into their board. I thought I would write a very quick tutorial explaining a few of the recommended settings.

Please note this is not a "one size fits all" tutorial, but I think the majority of boards will be OK with these settings, although there will always be exceptions.

Navigate here > ACP > System > Tools / Settings > "system" > System Settings > Cookies

Cookie Domain ... Just put your URL into here with a . prefix, regardless of whether your board is at www.site.com or www.site.com/forum, it does not matter. Don't forget the leading . , Example:

Cookie Name Prefix ... You can normally leave blank unless you have multiple IPB's installed on this domain. I would suggest you put in something to identify your board simply to help if you decide to install any other applications to your domain. Something like
is ideal to enter here.

Cookie Path ... Typically you can leave this blank.

See how those cookie settings effect things to start with. I will list a few more things to look at if needed, but in most cases they are quite sufficient.

ACP > System > Tools / Settings > "system" > System Settings > Security and Privacy > "Security - High"

Enable X_FORWARDED_FOR IP matching? ... Ideally this should stay off. I found in some cases (for me this was people in the UK using the AOL ISP and the AOL browser) it needed to be enabled.

Member's log in key: Expiration ... Do not set this to "Do not expire" , set to a suitable setting for your board (Recommended setting "Expire after 3 days")

Reset member's log in key upon each log in? ... The default for this is off already. You probably will be able to leave it at that in most cases.

Match user's IP Address during session validation ... The default for this is no. This will probably suit most boards. If you have a lot of members who repeatedly get logged out (In my case AOL users, see my note above) , you may want to try switching it on.

Match user's browser during session validation ... Again, the default for this is no. You can switch this on if you want to try to increase the security of your board a little further.

As above, not everything will work for everyone, but I hope this simple tutorial proves useful :)

Powered by Tutorials 1.5.1 © 2017, by Michael McCune