Jump to content

Forced to login and submit to 2FA on IP change

slim

By slim
in Using WHMCS

 Share

Recommended Posts

slim Senior Member

slim

Posted
Posted (edited)

I use WHMCS on laptop and each time I connect via a different connection i’m forced to login again, and go through 2FA. This is painful when traveling and using a combo of 4g and wifi in various places.

What's the reason WHMCS does this when many other services are ok with changed connections / IP’s?

Edited by slim
spelink
0
Link to comment
Share on other sites
zomex Senior Member

zomex

Posted
Posted
On 12/28/2019 at 12:58 AM, slim said:

I use WHMCS on laptop and each time I connect via a different connection i’m forced to login again, and go through 2FA. This is painful when traveling and using a combo of 4g and wifi in various places.

What's the reason WHMCS does this when many other services are ok with changed connections / IP’s?

Have you selected the Remember me checkbox when logging-in? I remember having similar issues in the past before, since using this option I am not having to login again and this is with different connections.

0
Link to comment
Share on other sites
slim Senior Member

slim

Posted
  • Author
Posted

Yes, i tick it.

As a test , using my iPhone I logged out and logged back in with the box ticked.

After logging in I enabled the VPN on my iPhone to give myself a different IP. Then I refreshed the WHMCS admin page in my browser - which takes me directly to the login again. So frustrating.

0
Link to comment
Share on other sites
slim Senior Member

slim

Posted
  • Author
Posted (edited)

Hi Chris

Thanks - I think you may have nailed this.

The field is unticked in my install. As I read the setting I take it that this means WHMCS is checking the session and due to the IP changing its re asking for login credentials. I have now ticked this setting - which should disable this check. 

Edited by slim
0
Link to comment
Share on other sites
WHMCS ChrisD Senior Member

WHMCS ChrisD

Posted
Posted
8 minutes ago, slim said:

Hi Chris

Thanks - I think you may have nailed this.

The field is unticked in my install. As I read the setting I take it that this means WHMCS is checking the session and due to the IP changing its re asking for login credentials. I have now ticked this setting - which should disable this check. 

Glad you have this sorted 🙂

1
Link to comment
Share on other sites
  • WHMCS Technical Analyst II
WHMCS Alex Senior Member

WHMCS Alex

Posted
  • WHMCS Technical Analyst II
Posted

Hello @slim,

This is used to protect against cookie/session hijacking and ideally should remain unticked. 

If you find you are being logged out so frequently that WHMCS becomes unusable, this is normally more of an indication of WHMCS receiving  HTTP requests from a proxy or DDOS protection service, such as CloudFlare (where the IP changes frequently).

If that is the case here, you will want to configure your Trusted Proxy Settings to account for this: https://docs.whmcs.com/Trusted_Proxy_Settings

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept