Session expired or cookies are not enabled in your

RE: www.joomlapolis.com/forum/146-general/154354-session-expired-or-cookies-are-not-enabled-in-your?start=12

Had the same issue and it halted development for several hours. It was some stupid spoof checking setting in the configuration > integrations in case anyone else has this issue (and I'm sure it's very common since it defaults to 'on').

It's not very common to have this issue. It's only common if your site tampers with cookies/sessions or you've some sort of browser extension/setting blocking the spoof secret cookie. Some EU cookie extensions will do exactly that. Disabling the spoof checking is not recommended. The reason it is there is to prevent spoofing, which is forcing form data though without using the form. This means external sites could post your forms. It is recommended to find the conflict.

Appreciate the quick response and explanation of why, Krileon. There isn't anything installed that I can think of that would cause the issue. On the day it happened, the only things I did was re-arrange the menu items, give my client manager permissions, and then accidentally (via Chrome auto-fill) tried to log into the front end with the primary administrator credentials for the admin. My guess is that login attempt triggered it. And it seemed to be isolated to my IP address (all computers/phones i my home, but not outside of my home). So it seems to have a good use, but it's pretty ugly when it 'goes wrong'. Thank you again for the information!

I have also had this issue with my website, to start off I tried to get around it by keeping my Joomla log in instead but this causes odd glitches for some users and I do not have time to deal with enquiries about problems logging in and obviously want my users to have a smooth easy user experience. So this morning I've republished the CB login module, unpublished my Joomla login, changed the configurations and ended up back with the session expired cookie error message on login. Searched the forum, found these links, turned off spoof checking and users are now able to log in again.

Being in the UK we are required to have Cookie and privacy policies and I use a GDPR plugin to ensure I meet those requirements. I'm guessing it is either this plugin or my Security Check Pro plugin which is causing the conflict.

Has anyone else any experience of conflicts with these plugins and how did you resolve them? I obviously want my site to meet requirements and be secure and allow people to log in and access what they've paid for.

Any suggestions and recommendations welcome :lol:

Tracey

I have also had this issue with my website, to start off I tried to get around it by keeping my Joomla log in instead but this causes odd glitches for some users and I do not have time to deal with enquiries about problems logging in and obviously want my users to have a smooth easy user experience. So this morning I've republished the CB login module, unpublished my Joomla login, changed the configurations and ended up back with the session expired cookie error message on login. Searched the forum, found these links, turned off spoof checking and users are now able to log in again.

Ensure you've the latest CB build installed. We do not use a cookie for spoof checking anymore. It's entirely within your Joomla session now so this error can't happen unless you've problems with Joomla sessions in general or the spoof check expired (sat on the page too long, but that takes awhile).

Being in the UK we are required to have Cookie and privacy policies and I use a GDPR plugin to ensure I meet those requirements. I'm guessing it is either this plugin or my Security Check Pro plugin which is causing the conflict.

There is a lot of misinformation about this law causing the internet to become extremely frustrating (having to confirm cookies on every.. single.. website). The cookie confirmation is only necessary if you're using tracking cookies (e.g. Google Analytics or anything of the sort). The law does not apply to login session cookies or other insignificant data like it. So unless you're using tracking cookies you can safely stop using the confirmation popup plugin. Regardless it should not be a problem given we no longer use cookies for spoof checking. My guess is your security check plugin maybe tampering with the Joomla session or Joomlas session cookie is being blocked in error by your cookie confirm plugin.