Forum keeps logging me out.

jamiechi2

New member
Almost every time I try to switch to another thread or continue on the next page, I get logged out.
It seems like I have to log back in 6 times within a 5 minute period.
I do have Ublock but it is disabled for this web site. I have never seen this issue before.:(
 
I have had problems this morning, forum indicated 2 pages, when switching to second page forum reports no entries, subsequent starts then indicates three pages. Will report when I select 2nd and 3rd. Selected 2nd page which only had a few threads, 3rd page disappeared.
Tried once again and there are three pages with 57 threads, selected page 2, page three disappeared leaving two threads on page 2.
 
Last edited:
Had similar problem this morning, it showed 2 pages of new posts but when I clicked on the second page it said nothing was found. Finding it very odd that (at least 3) if you mention the odd/new login procedure the topic gets immediately locked. Why is it taboo?
 
Had similar problem this morning, it showed 2 pages of new posts but when I clicked on the second page it said nothing was found. Finding it very odd that (at least 3) if you mention the odd/new login procedure the topic gets immediately locked. Why is it taboo?

Indeed! Perhaps oknotsen could explain seeing as it's he who is locking the threads!

Rob.
 
Once again:
There has been put some protection in place because the forum was under a DDOS attack yesterday. Simply a hired service against these kind of things. It will likely be turned off again.
The admin that put it in place is likely back from a break on Thursday and might be able to shed more light on it, but then again don’t be surprised if he doesn’t as you obviously don’t want to help the person that put the forum under the attack in the first place.
As people started to speculate and / or started to about tin foil etc. I started to lock stuff.

I didn’t lock this topic as I doubt the login problem has anything to do with it. More likely that the OP has some cookie problem or is not using HTTPS. I honestly have no clue.

The other topic, about having trouble with the topic pages might again be something else. Might have to do with the 15 or so SPAM topics that got deleted today in combination with some silly forum bug. If so, that should disappear in 24 hours as we rarely get that many SPAM topics in such short time.

Sorry, I have nothing more to add. To me some things look unrelated to the others, but I obviously don’t know everything.
Hope that clears some things up. Then again, might result in the opposite I have hoped to achieve with this reply.
 
Last edited:
The forum is becoming a pain in the rear to use.
Apart from what has already been mentioned, I was unceremoniously logged out after submitting a post, logged in again and my post was gone, not even auto-saved.
I know that security is important, but what is the point of a forum that can't be used easily?
I have copied and pasted this post into notepad in case I get dumped out again, something I can't do when a post includes images.!
 
I just experienced the very quick logout myself. The time the forum maintains logged in has become a lot shorter.

I will inform the admin about it, but as he won't be back from his break till tomorrow, don't expect anything today.
 
he forum is becoming a pain in the rear to use.
Apart from what has already been mentioned, I was unceremoniously logged out after submitting a post, logged in again and my post was gone, not even auto-saved.
I know that security is important, but what is the point of a forum that can't be used easily?
I have copied and pasted this post into notepad in case I get dumped out again, something I can't do when a post includes images.!
Yes I lost my 1st post to this thread just like that. The 2nd I had a copy of but gave up as every time I went to preview it I got logged out and had to log back in. When it started loosing what I'd written after I had logged back in - numerous times. I gave up.

Is this a result of the reported DOS attack or something else. For a while I was getting the "checking browser your browser message" but now I just get logged out with no message.

Bob Pearson

PS. I got logged out when I just submitted this post.

PPS. And again when I edited it.
 
Last edited:
I haven't seen any response from N3V regarding this problem with the forums. Did I miss a posting somewhere?

To be honest the forums are becoming unusable for me. I get logged out after a few minutes use. Backing out using the back arrow I often end up with a white screen instead of text and pictures.

This is almost 2 full days since these problems started. Maybe they pissed off the wrong people with their new email campaign - I hope not.

Bob Pearson
 
Maybe I can help with understanding what is going on. I worked for an ISP for 18 years and dealt with attacks almost daily.

First DDoS attacks are typically made against servers that require logins. When you attempt to login to a server that is using https in the address you are making a secure login. This means that your username and password is securely transmitted to the server from your browser. While this is happening a session is created on the server. (Not a Trainz session;)) If you successfully login your session continues for an amount of time set by the admin of the server. Normally this is a few hours before it times out and you have to login again.

If the login fails the session is terminated by the server. The total number of concurrent sessions allowed is also set by the admin. Depending on typical usage it is anywhere from a few hundreds to tens of thousands or more. Now note that even failures create sessions for a few seconds. The attacker is trying lots of logins and failing but if his attempts per second exceed the total number of sessions allowed then the server stops allowing logins. If the attacker maintains the pace of logins then terminated sessions are instantly replaced by new login attempts.

The defense against this sort of attack is to log the IP address of the login attempt and if it fails several times in a few seconds then block further attempts from that IP address. I suspect that is the purpose of the white screen that pauses your login a few seconds to see if more attempts are made from your IP address. If no more attempts are seen then you are allowed to proceed.

Once you are logged in and you have a session established, the session does something very important for you. Without a active session, every time you move to a new page you would have to login again. Your active session remembers that you have logged in successfully already and bypasses the login for the new page. I suspect the admin lowered the length of sessions for some reason. Sounds to me like maybe at least a few logins were successful. Once the length of sessions is put back to the old setting the timeouts will stop.

I saw a few people asking why attack a forum of a small game company. The truth is today every server, router, firewall and anything else is under attack 24/7 365. Giant Bot Nets using millions of compromised computers are use to stage these attacks. No one server is singled out. Think of walking through a large parking lot just trying door handles to see if you find a car that is unlocked.

Hope this answers some of your questions.
William
 
Thank you William.

There is still a problem, today when making posts I click Post Quick Reply and get this message.

"You do not have permission to perform this action. Please refresh the page and login before trying again."

I am then logged out.

This is not acceptable for such a busy forum.
 
Thank you William.

There is still a problem, today when making posts I click Post Quick Reply and get this message.

"You do not have permission to perform this action. Please refresh the page and login before trying again."

I am then logged out.

This is not acceptable for such a busy forum.

Graham,

Clear your temp files and cookies and try again. That may work as you may still be operating on stale data.
 
All settings related to the forum are back to normal as of yesterday, so I suggest to follow JCitron’s suggestion.
 
I'd also suggest Command window then "ipconfig /flushdns" less quotes then enter.

No problems with logging out here, been logged in continually since about 11am.
 
Hi John, I clear my cookies twice a day because of the use my PC gets.

This has only happened since that DDoS screen arrived. (which seems to have gone now).

Malc, If it happens again I'll do as you suggest.



Added, I've just made this post without a hitch!
 
It's just happened again.

Sequence of events used.

Log in to forum

Read new posts

Reply to thread

Make post

Post quick reply

Get message that I am not authorised.

Go advanced

Get auto logged out

log in

post still there due to autosave

Post Quick Reply.

Successs.

Now I have just closed the forum and my browser.

Ran C Cleaner to dump unwanted cookies

Ran ipconfig /flushdns

I am now going to hit Post Quick Reply to see what happens.


Edited to now add....

Post went through without a problem.

I am now going to log out of the forum and do some other work, then will return later to make another post.
 
Last edited:
I spoke with the admin and the only thing he did was turn on (and a few days later off) the DDOS protection.
He did not change anything at all to the forum (or website) settings as he doesn’t have to for that protection service.
Traffic effectively was temporarily rerouted.
 
Back
Top