I am in the process of moving my development site into production and have moved the site over on AWS. All seems fine but the only problem that occurs is that I cannot login to the back-end of Magento due to some sort of cookie related problem.
Here is the cookie set-up as of right now:
Session Cookie Management
Cookie Lifetime: 86400
Cookie Path: /
Cookie Domain: .mydomain.com
Use HTTP Only: Yes
Cookie Restriction Mode: No
Session Validation Settings
Validate REMOTE_ADDR: No
Validate HTTP_VIA: No
Validate HTTP_X_FORWARDED_FOR: No
Validate HTTP_USER_AGENT: No
Use SID on Frontend: No
I noticed the other day that cookies were expiring in the past so I started looking into possible solutions and this is the only thing at the moment that allows me to login:
Changing the following lines in /app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
FROM:
// session cookie params
$cookieParams = array(
'lifetime' => $cookie->getLifetime(),
'path' => $cookie->getPath(),
'domain' => $cookie->getConfigDomain(),
'secure' => $cookie->isSecure(),
'httponly' => $cookie->getHttponly()
);
TO:
// session cookie params
$cookieParams = array(
'lifetime' => $cookie->getLifetime(),
'path' => $cookie->getPath(),
// 'domain' => $cookie->getConfigDomain(),
// 'secure' => $cookie->isSecure(),
// 'httponly' => $cookie->getHttponly()
);
Now obviously this is just a temp work around so I can login, I don't really want to open up any security flaws or change any of Magento's core files.
Bit more information about the site set-up. It is a Magento 1.8.1 Community edition site running on an m1.medium instance on EC2.
So, my question is, does anybody know how to fix this the right way without potential problems in the future?
All help is greatly appreciated :)
