WP Plugin login error


#21

@lkl I was able to reproduce the issue on lawlessfrench.com, while using Chrome on Win 7.

It seems that our security cookie is never being issued by your website. It may have to do with your WordFence settings or some other plugin which has to do with cookies or security.

If you can arrange me an admin account (a new account which you will delete afterwards) with which i can look into your WordPress installation, that would help fixing this greatly.

If that’s ok, please PM me through the forum, I will give you an email address for which to create this user and send the credentials to. Please never give any credentials to anyone else.

It will take a few days to go through this (not including the weekend), after which i will let you know so you can delete that account.


#22

I’m happy to give you an account so we can get to the bottom of this - DMing you now.

btw, I don’t use any security or cookie plugins intentionally, but WP-Engine controls some chunks of the wordpress installation…


#23

In straty.com case, the security cookie seems to be being reset every time when returning from Patreon.

This may be something to do with the init sequence of the plugins installed, or a plugin that modifies init in any way. Or something to do with WP engine

Im sending you the email to arrange the admin account for.


#24

@straty.com Yes, most of my patrons are able to login, it’s just these 4 that can’t.


#25

I just started poking into some WP Engine issues and here’s their most relevant article re cookies: https://wpengine.com/support/cookies-and-php-sessions/

Could this issue be related to caching?

The conflict here is that cookies which exist to perform a specific action (i.e. show a different sidebar, or different page altogether) do not expect the page to be fully formed before they request it. When present, these cookies expect to interact with PHP in order to perform their unique action. But as you can see in the example above, cached pages do not get processed and built by PHP as uncached ones do.

As a result, your cookie may only work as expected when logged in to the WordPress Admin Dashboard. This is because logged-in user sessions specifically bypass the page cache layer, and will be processed by PHP every time.


#26

@lkl - you don’t happen to be hosted by WP-Engine?

It’s starting to seem - as @codebard suggested - like we may have different issues that are manifesting in a similar error.


#27

That possibility exists, depending on the way your caching plugin or WP engine caches your site.


#28

@straty.com No, not wp-engine. I’m happy to give codebard access to look at my configuration.


#29

For the time being, im debugging this issue at lawlessfrench. I’ll update the thread with the findings. Tomorrow I’ll check straty.


#30

:+1: - Sounds good. I’m around today to help debug…


#31

Is it ok if i disable/enable plugins to test?


#32

yes, go for it. this is my top priority and I have a backup from this AM


#33

Is it possible that i can change some code in our plugin on this live site?


#34

100% - you can do anything you need to do from inside the wordpress admin panel


#35

@codebard - I think we got it!!! :tada: :tada:

I got on the phone with WP-Engine and the tech - who was incredibly helpful btw, which is why I use them - immediately knew what the issue was and we had it fixed in under 5 minutes.

WP-Engine caches very aggressively and that was causing the nonce not to be set properly.

For future WP Engine + Patreon Wordpress users who may stumble across this issue in the future: call WP-Engine and ask them to exclude the “patreon_nonce” cookie from the cache. They need the exact spelling of the cookie.

@codebard, maybe this could be included in the plugin documentation as well? I’m sure other wordpress-optimized hosting services do similar things with caching.

Finally, would you mind testing one last time on your end? https://straty.com/bitcoin/ Thanks

And thank you for all your work on this! I’m very appreciative!


#36

Great to hear. I read a case about this issue with that exact solution, but i had to ask you to ask them to be sure.

I tested myself and i can confirm it works too.

Glad that we got to the bottom of this.


#37

Glad we got to the bottom of this as well!

Thanks again @Codebard


#38

Hi Codebard,

I have a new patron who was getting the “nonces don’t match” error. She cleared her cache but now when she tries to log in, she gets the captha over and over, she says she submitted the images 10 times and it just kept giving her more images to confirm.

Browser info: https://whatsmybrowser.org/b/28AXVV7


#39

Your full user agent string is:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0.3 Safari/604.5.6


#40

Sorry, I have no idea what to do with that.