shouldn’t be logged out when opening a new tab from /wp-admin/
Current behavior
when opening a new tab from /wp-admin/, occasionally (30%+ of the time) i’m logged out - this happens ONLY when opening a link in a new tab
Steps to reproduce
load a wp-admin page
open another wp-admin page in a new tab
browser is logged out and forwarded to login page
Context
apparently a lot of people are having this problem - it is not CP specific, but it may have to do with how the website is set up and therefore it may require a CP fix
browser doesn’t seem to always matter according to experiences of others, but sometimes it does
the problem has to do with cookies apparently - browser console (the key here is “SameSite”)…
Cookie “wordpress_sec_<hash removed for privacy reasons>” has been rejected because it is already expired. wp-login.php
Some cookies are misusing the recommended “SameSite“ attribute 17
Cookie “wordpress_<hash removed for privacy reasons>” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Sounds like a plugin conflict to me. Any membership, user role, or login plugins?
I would start with the usual deactivating all plugins, set a default theme, and see if that solves it. If it does, then activate 1-2 plugins at a time until you find the culprit.
Cookie issues are common with sites that serve content from sub-domains. If you have a non-standard setup, such as serving images or other static files from a sub-domain, try setting the COOKIE_DOMAIN constant. This will let your site set the cookies and the sub-domains will be cookie-less.
Sounds like a plugin conflict to me. Any membership, user role, or login plugins?
negative - also i tested with all plugs disabled and a fresh browser profile - the theme is 2016 and i believe i tested with another default theme
Cookie issues are common with sites that serve content from sub-domains. If you have a non-standard setup …
no subs and everything is pretty standard i think - also i’ll remind that many other are having this problem with different browsers and different websites - i think it has something to do with the “SameSite” attribute which i think may, in the case of CP, be something that falls under .htaccess and therefore it might be a CP issue … i’m not sure about that, thus my probing
Since none of the suggestions panned out, you’ll probably be stuck disabling things until you figure it out. Start with plugins. If it’s not a plugin, then try disabling browser add-ons. If it’s not an add-on, next try verifying your browser settings aren’t too restrictive.
Those search results you linked are not specific to WordPress or ClassicPress. These results are. This isn’t a common issue with *Press sites.
if you read my OP and reply, you’ll see i already tested all the things you recommend
re: the search results, i clearly pointed out twice that this problem is not specific to CP but that, nevertheless, it may be CP issue because it may be an htaccess issue
Right. I’ve only seen this issue with *Press twice over 15 years. One situation is the sub-domain setup…the other situation is a plugin that incorrectly customizes the login process. Anyway, good luck rooting it out.