[pmwiki-users] Site wanting login
Petko Yotov
5ko at 5ko.fr
Fri Sep 7 08:23:15 PDT 2018
This appears to be a message from the UserAuth addon.
Looking at the source code, you may be able to allow changes of the IP
address during the same session with such a line in config.php, before
including the userauth2.php file:
$UA2EnforceFixedClientIp = false;
If an IP address changes in the same session, either:
1. you actually changed IP address (may happen often if you use mobile
3G/4G internet, on the move, or if your device disconnects and
reconnects a little later, or you passed through some load-balancing
proxy), or
2. someone else was somehow able to hijack your session ID and is trying
to access the wiki.
In the past IP addresses changed rarely during a session (~ 20 min) so
the addon considers this risky.
If you configure your wiki to redirect all visitors to the HTTPS/SSL
version, the risk of having your session ID stolen is much lower.
By default, PmWiki doesn't restrict a session to a single IP address.
Petko
--
If you upgrade : http://www.pmwiki.org/Upgrades
On 07/09/2018 16:53, Neil Cheng wrote:
> I have been using pmwiki for several years for my website
> cruiseportwiki.com [1]
>
> I have recently been getting the following error at random times
> accessing pages. Pages are public read only and admin write only.
>
> This has been reported by other users as well. Running version
>
> pmwiki-2.2.107
>
> Session client coupling inconsistent (IP address changed?). Stopping
> for security reasons.
More information about the pmwiki-users
mailing list