问题
I have a MediaWiki running on multiple AWS instances and login and registration is broken. The session.save_path is set to /tmp which is writeable and readable by anyone. I use Apache2 and PHP5 as well as MEMCACHED.
Whenever you try to login you either get informed that there is protection against session hijacking or that you have cookies off. These are the errors:
There seems to be a problem with your login session; this action has been canceled as a precaution against session hijacking. Go back to the previous page, reload that page and then try again.
Wiki uses cookies to log in users. You have cookies disabled. Please enable them and try again.
I use a shared cookiedomain in the format ".domain.tld" and the entire domain is behind CloudFlare and an Amazon ELB load balancer. All LocalSettings.php are the same and the Apaches have shared configurations.
回答1:
Per Aaron Schulz, don't use the default session handling, it's disastrous.
As you have memcached enabled, add
$wgMainCacheType = CACHE_ANYTHING;
$wgSessionsInObjectCache = true;
in your LocalSettings.php and let us know if things improved (they definitely should).
来源:https://stackoverflow.com/questions/25317403/mediawiki-sessions-and-cookies-not-working-on-multi-server-behind-cloudflare