Update: This has been resolved.

There's currently a minor problem with staying logged into WordPress sites. If you check "remember me" when you login then come back later (like after closing the browser window), you will still be logged into the admin area but not on the front-facing part of your site. There are two ways around this:
  1. Don't check "remember me" when logging in. This will force you to login each time and everything will work as expected.
  2. If you do check "remember me", then you need to visit the admin area, log out, then login again. This will log you back into the front-end of your site.
The problem has to do with the new SSL (https) certificate that was added to the admin area. The certificate protects the admin area and login page and makes your cookies that designate you as logged in secure. It helps protect you against public wifi networks, where it would otherwise be very easy for someone to steal your username and password as you're logging in. The SSL certificate protects you against that.

But, it also means that the cookies that remember you as being logged in can't be transferred from https (admin area) to non-https (front-end of your site) across multiple site sessions.

So in that sense, there isn't anything we can do to fix this without reversing all the new security measures we added with the SSL certificate.

Our goal over the next few weeks is to implement SSL on the front-end of your site too. That means the admin area AND front-facing parts of your site will be protected and the cookies should be able to be transferred across sessions, thus keeping you logged in everywhere. This isn't a simple fix so it will take a bit of time, but it is our highest priority right now.

Thank you for your patience and get in touchif you have any questions!

Friday, May 20, 2016

« Back