Bobcares

Prestashop admin login problem – Why you get kicked out of the admin panel?

by | Oct 29, 2018

Prestashop has stringent security features.

One such feature is  Short Session timeouts. This is to reduce the exposure of your application to session based attacks like session cookie theft.

However, this can cause issues even for legitimate users.Store admins could get kicked out of the admin interface if they remain inactive (say by attending a call) in the middle of a store update. It can be very frustrating.

We’ve seen many causes for this error as part of our Support Services, where we manage tech support desk of web hosts.

Today, let’s discuss when we see this error, why and how we can fix it.

 

Prestashop admin login problem – Where do you see this error?

Website owners cite broadly 3 situations in which this issue happens:

  1. Prestashop admin panel kicks out the administrator in the middle of updating product settings (yes, no reason at all).
  2. Prestashop store owner cannot login, no matter how many times the browser cache is cleared. It keeps showing the login page again & again.
  3. Prestashop admin panel logs out the owner after a few minutes of inactivity.

 

Top 3 reasons for Prestashop admin login problem

Let’s discuss the top 3 reasons for this problem.

  1. Maximum duration of inactivity set – “Admin Controller” manages  Backoffice functionalities in Prestashop. The default cookie inactivity period is set to 15 mins in this file.You’ll be kicked out of the admin panel after 15 mins of inactivity.
  2. Use of dynamic IP address – When you are in Prestashop admin panel, it secures the session by tagging your login session with your IP address(via authentication cookie). It constantly checks for this IP address. If your IP address changes, it will invalidate the cookie and and ask you to re-login again.
  3. Incorrect values for “PS_SHOP_DOMAIN” and “PS_SHOP_DOMAIN_SSL” – Incorrect domain name given for PS_SHOP_DOMAIN and PS_SHOP_DOMAIN_SSL  in the table ps_configuration.

 

Prestashop admin login problem – How to fix this error?

To fix this, we primarily use 5 different ways, based on the exact issue the store owner is facing.

But before we get into the details, and you make any changes to the store, make sure that you have the backup of your database and website files.

 

1. Clear browser cache and cookies

To verify this try to access from another browser or turn on ‘incognito mode’.

 

2. Clear Prestashop cache

The cache files are located in these locations.

Go to these folders and delete all the files in them.

  • /tools/smarty/cache
  • OR /tools/smarty_v2/cache

 

  • /tools/smarty/compile
  • OR  /tools/smarty_v2/compile

 

3. Correct the domain name saved in database

Give the correct domain name for PS_SHOP_DOMAIN and PS_SHOP_DOMAIN_SSL  in the table ps_configuration.

You should give the domain name only. For eg: your store URL is http://test.com/store/, you should give the values as:

PS_SHOP_DOMAIN = test.com
PS_SHOP_DOMAIN_SSL = test.com

 

The install directory should be given in the file “/config/setting.inc.php“.

 

4. Disable IP address check

Remove the user’s IP address check done by Prestashop.

You can disable it in the file “classes/cookie.php” inside the function “isLoggedBack()“.

Here, remove or comment the following condition.

!Configuration::get('PS_COOKIE_CHECKIP'))

 

5. Increase the cookie inactivity period

The inactivity period is set as 15 mins by default.

You can increase this value in the file “classes/controller/AdminController.php“.

Look for the below code in the file:

if (time $ this-> Context> cookie-> last_activity + 900 <())

 

Here the inactivity period is set as 900s(15 mins). You can replace this value in seconds.

 

Conclusion

Prestashop admin login problem is a common issue that store owners can come across. Today, we have discussed the top reasons for this error and how our Support Engineers fix them.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

SEE SERVER ADMIN PLANS

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

2 Comments

  1. Ozgur Sahin

    Hi i have this problem. Also the clients have similar problems. They cant login and when they click checkout they re directed to homepage. Is this related?

    Reply
    • Sijin George

      Yes Ozgur, it can be related.
      If you still have errors and need help, we’ll be happy to talk to you on chat (click on the icon at right-bottom).

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF