Official Apex Clan

[Mark]

I sent an email to support (who says 24 hours for reply) but still haven't had one.

This forum keeps logging me out every day. I am signed up to about 5 or 6 different forums and they never log me out so it's not my cookies. It's only ever this website that does it.

Any idea what would be causing this?

[Support]

Hello,

We did receive your e-mail and we have only just now repaired are setting for us to reply. However sadly the resting of our of shore e-mail server resulted in your e-mail being lost. and we where unable to respond to you.
Yes this forum does use cookies to keep track of visitors and read/unread posts.
We have not made any alterations to the forum. This is as matter of fact a fresh install forum and any modifications made are only that of templates (The view of forum) there are no modification made to the way the forum logs you in nor any modifications made to cookie control or sessions stored. However if you are logging in at multiple locations and you do not logout in one place and try successfully to auto login from another location you will course the session stored for your account on the database to be corrupted because the data stored on your pc does not match that on what is on the server. Logging out will ensure that the session stored on the server is removed ready for you to create another session at a different location or same location.
As we cannot manually remove a stored session for your account we cannot correct your issue because of encryption. We can however remove everyone's stored sessions which will require everyone once again to login. Should they have forgotten their password this will then course issues to those people and unless more people complain of this we wouldn't like to course more problems.

Issue raised by AOL users of this forum.
PHPBB released the following statement.

phpBB uses sessions to keep track of users as they browse the board. These sessions use a combination of a unique session id, the users IP and if specified the users browser and/or the users x-forwarded-for header to identify each user. We make use of all of this as an extra safe-guard to help prevent sessions being hijacked (by discovering the unique session id).

Unfortunately this only works when the users IP is constant as they browse the board. For most users this will be the case. However certain providers route their users via a cluster of proxys. In some cases, particularly the AOL browser, this results in different IPs being forwarded as the user moves between pages. We take account of this by not checking the entire IP by default but only the first "three quads" (A.B.C). Again in most cases this will be fine. However again AOL uses IPs which can vary so much that checking only the first two quads results in a fairly static IP being available for session validation.

If you are experiencing problems related to this you can set the Session IP validation parameter Security Settings to A.B. Please note that reducing the IP validation length does potentially increase the risk of sessions being hijacked (this is something for you to consider, phpBB Group takes no responsibility should anything happen!). We suggest to at least additionally enable the browser validation.

We have already made those changes last year in February 2009

Ensure that your browser is enabling cookies as our previous help guides show the setups. Don't do this if you view doggy sites. you know what we mean.
With the above done
To attempt to fix this, login, then logout, then login, then logout, then enter username and password, tick the box and login. When you have viewed the forum (As logged in) close the browser and open the browser again. If you automatically login then it has worked.

Also because cookies are stored, always use the same address, http://www.apex or http://apex- both work fine but can course conflict if both used at the same session because of what is stored in the cookie.

AUTO LOGIN WORKING FOR THE FOLLOWING BROWSERS
We have tested the auto login on the following browsers

OPERA = WORKING
FIREFOX = WORKING
IE8 = WORKING
MOBILE WEB = WORKING
Opera Mini = WORKING
S60 browser with Flash Lite support = WORKING

If you could tell us a bit more on they type of browser, we will attempt to make a video for you to watch showing you it not working and then what we do to make it work. If this will help you.

[Mark]

Thanks for the reply.

It's firefox with no mods, and previously it was chrome with no mods. Both kept logging me out. I don't log in to the forums in other locations so I don't think it would be that.

I just thought it may be something your side and it doesn't happen with any of the other forums I use.

[Support]

Thank you.
Please check for us in Firefox.
Click on Tools at the top of browser and select options.
Please see if "Clear History when Firefox closes" is ticked. If it is, click on the setting button and just check that the "Active Logins" box is NOT ticked.
If it is ticked, this could be reason for being kicked off when closed.

I hope this will sort your issue.

[Mark]

It's still logging me out.

The strange thing is since I've been signed up to these forums I've had several PCs and different builds, it's not like I'm using corrupted cookies or browser history.

[Support]

Hello Mark,

We have seeked advice from EvilFighter and he has supplied us with information on your Internet connection.
It appears that your I.P address is recycling.
Either your BT are forcing you to change your I.P address and or they are using poxy servers or you are.
Or your router is forcing changes.

PHPBB3 now uses I.P checking Tech, this means because your I.P is changing our forums are affected. If the forum version would of been PHPBB2 then this would not have happened.
Sadly there is nothing we can do to help you here regarding you keeping a static or less random address.

I have asked for all data to be sent to you for you to view and see if anything you can do to help your situations.

Please note:
This forum only check part A and B of an I.P address which with almost all internet providers are identical and thus only a very few people are affected by this. With any hourly/daily changes to this will result in the forum automatically kicking you off because of session verification failure.