Score:0

Sessions lost on specific network only

it flag

NOTE: My apologies - I am not a server admin, but I have a problem that I believe may be server related, or combination of server and network related. I do not have too much technical information about the server or network, so I apologize if facts are a bit unclear or scarce. I just do not know. I am not expecting solutions here (bonus if we do get one) but, at least assist me with some questions I can ask our server administrators. I will not be able to answer network specific questions from the ISP, but maybe there are things I can monitor from some of the tools on our local machines or network that can provide insight to the problem described below. If my question is in the wrong forum, please can you migrate it? This one is a bit of a grey area: code or not code, server or not server, network or not network?

My client has a web application that constantly loses sessions (losing sessions defined as the user's login session is destroyed, and the user gets logged out), but only on one network, namely Telkom here in South Africa, and only on the production server (not the UAT server). We've tested with fiber and LTE connections.

The implementations we did in code to solve the issue is not in purview of this forum, but I will just state that we have done everything our research could indicate that could possibly be wrong.

Here is what I can tell you:

  • There are some differences in the PHP INFO of the servers (prod vs UAT), the most notable one for me is that my IP address when accessing the UAT server is network address the network of the client (maybe indicating some VPN or masking or something?), where my IP address when accessing the production server is actually the one provided by the ISP.
  • POST_MAX_SIZE on UAT is 64MB while on PROD is only 8MB.I know this is specifically PHP related, but it was a notable difference in the setup.
  • On pages where Ajax requests weren't specifically being sent with cache headers, the production server correctly does caches, whereas the UAT server does not cache regardless, which indicates to me a difference in the Apache or .htaccess settings of the server.
jp flag
define "session lost"
Kobus Myburgh avatar
it flag
Sorry if I was not clear. Session lost means the PHP session of the application - the user is logged out.
jp flag
session handling is application-specific. You didn't specify how do you manage your sessions and how you pass session information between your application and the web client and which transport do you use (HTTP or HTTPS, is there any proxies involved etc).
Kobus Myburgh avatar
it flag
Session is handled by a cookie referring to a corresponding row in the database.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.