bernhard Posted August 31, 2015 Share Posted August 31, 2015 i have a new mobile phone (android 4.4.2 + chrome 44.0.2403.133) and got some problems with some of my websites - but not all of them! logs say User 'admin' - Error: Session fingerprint changed (IP address or useragent) (IP: xx.xxx.xx.xxx) changing $config->sessionFingerprint to "8" (only useragent) solves the problem, but i'm not sure if that's the best solution... does this open any security holes? what is also strange is that there is one website where everything works fine. it's the only website with "session handler database" module installed so i thought this was the issue, but installing this module on another site led to "this ... appears to be forged", so i had to set fingerprint to 8 again. any insights would be very welcome, thank you Link to comment Share on other sites More sharing options...
Adam Kiss Posted September 3, 2015 Share Posted September 3, 2015 I had something like this happen once. Somehow the wire cookie was empty, but existing — so it wasn't set to real cookie, but also wasn't working. Try clearing your cookies Link to comment Share on other sites More sharing options...
bernhard Posted November 20, 2015 Author Share Posted November 20, 2015 i still have this problem on all my installations with my "new" mobile phone. any insights how "dangerous" a change to "8" is? Link to comment Share on other sites More sharing options...
Soma Posted November 20, 2015 Share Posted November 20, 2015 There are no alternatives afaik. Fingerprint is sometimes too much security and creates more problems than it solves. 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now