0

NOTE: My apologies - I am not a server admin, but I have a problem that I believe may be server related, or combination of server and network related. I do not have too much technical information about the server or network, so I apologize if facts are a bit unclear or scarce. I just do not know. I am not expecting solutions here (bonus if we do get one) but, at least assist me with some questions I can ask our server administrators. I will not be able to answer network specific questions from the ISP, but maybe there are things I can monitor from some of the tools on our local machines or network that can provide insight to the problem described below. If my question is in the wrong forum, please can you migrate it? This one is a bit of a grey area: code or not code, server or not server, network or not network?

My client has a web application that constantly loses sessions (losing sessions defined as the user's login session is destroyed, and the user gets logged out), but only on one network, namely Telkom here in South Africa, and only on the production server (not the UAT server). We've tested with fiber and LTE connections.

The implementations we did in code to solve the issue is not in purview of this forum, but I will just state that we have done everything our research could indicate that could possibly be wrong.

Here is what I can tell you:

  • There are some differences in the PHP INFO of the servers (prod vs UAT), the most notable one for me is that my IP address when accessing the UAT server is network address the network of the client (maybe indicating some VPN or masking or something?), where my IP address when accessing the production server is actually the one provided by the ISP.
  • POST_MAX_SIZE on UAT is 64MB while on PROD is only 8MB.I know this is specifically PHP related, but it was a notable difference in the setup.
  • On pages where Ajax requests weren't specifically being sent with cache headers, the production server correctly does caches, whereas the UAT server does not cache regardless, which indicates to me a difference in the Apache or .htaccess settings of the server.
Improve this question
4
  • define "session lost"
    – AlexD
    Dec 31, 2021 at 9:20
  • Sorry if I was not clear. Session lost means the PHP session of the application - the user is logged out.
    – Kobus Myburgh
    Jan 1, 2022 at 10:24
  • session handling is application-specific. You didn't specify how do you manage your sessions and how you pass session information between your application and the web client and which transport do you use (HTTP or HTTPS, is there any proxies involved etc).
    – AlexD
    Jan 2, 2022 at 9:14
  • Session is handled by a cookie referring to a corresponding row in the database.
    – Kobus Myburgh
    Jan 3, 2022 at 11:50

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .