This article describes a number of problems that you may be contacted about by your end users
Last updated on 9 June 2016 MW
Problems with being logged out
Please first read the following if you have problems being logged out.
- For every website visitor, a session object is created on the server. The session object can be identified with a unique id (the session id). This session id is returned to the client and written to a cookie in the user's browser. For every page request, this cookie is being read so that the server knows who the user is, what his/her permissions are, whether he/she is logged in and so on. As a result, users must enable cookies in their browser if they want to use the website. If cookies are disabled, a page will load informing the user that the site can not be used without cookies.
- By default (e.g. with the standard settings) normal user sessions will expire after 4 hours of inactivity, administrator sessions expire after 72 hours, and sessions that were created by bots, crawlers, live sign services et cetera, expire after 10 minutes of inactivity. You can change these settings if you want > Backoffice > SIte configuration > Sessions.
Once a session expires, the user is logged out and all information re the session is removed from the server.
- If a user requests a page with a session id that no longer exists on the server (because it has expired), a new session is automatically created and the user can continue his/her visit as a guest. The user can of course log in again.
- A user account can not be logged in more than once. So different users should not log in with the same user account. If a user logs in with an account for which there's still a session on the server, then that session is logged out - but the session data remains on the server so that that user can continue his/her visit as a guest. Note that a session may still exist on the server because the user logged in earlier, but also because some else logged in with the same account.
- You can not log in with the same browser (i.e. using multiple tabseets) with two different user accounts, because the cookie that is stored for the website will be overwritten with the last session id. This will cause the other session to be logged out.
- You can however log in on the same computer with two different browsers (and two different accounts), e.g. Chrome and Firefox, because both browsers will store a unique cookie.
- If your website has multiple aliases (for instance both mywebsite.com, my-website.com and mywebsite.co.uk) then you must tell us. To prevent separate cookies from being written and read for each of the domain aliases (which may cause unexpected behaviour and users being logged out), we can create a "rewrite rule" so that only one single domain alias is used, regardless of the alias that was used to go to the website. If this applies to you then do tell us and let us know which primary domain alias you want to use.
If the above information doesn't help you solve the problem, then read below
- Click on System info in the administrator menu. Under the heading Server settings, check which option is active for the setting IP matching. If IP matching is enabled, this means that the IP address may not change between page requests. If you have an internet connection that doesn't have a fixed IP address then contact support. Disabling this setting may help solve the problem.
- Check the dfc variable. Go to your home page, right click and choose View source. Scroll down until you find the line that reads "dfc". There must be a value in there. If it's blank or if it has something other than your domain name, then contact support. This indicates a server configuration problem.
- Go to Website logs in the administrator menu. The "currenct activity" tabsheet shows all sessions that stored on the server. Find the user who is having problems in the list. The third column shows the IP location for each session. If this column displays N/A, this means that the country couldn't be retrieved for the user's IP address. This causes the session manager on the server to "think" that the session is created by a bot, a crawler, a life-sign testing service etc. Such sessions expire 10 minutes after the last page was requested, which means that the user will logged out if he/she doesn't use the website for 10 minutes.
If the above information doesn't help you solve the problem, then create a support ticket to describe the problem and make sure that you include information about browser and version, the operating system and version, the user login name, the user's country.
Logging in / password problems
1) My client forgot his/her password
Before version 27.3
All the websites have a "retrieve password" function. This will the send the password to the e-mail address that is linked to the end user account. It cannot be sent to another e-mail address. The user must know his/her login.
Version 27.3 or later
All the websites have a "Reset my password" function. Passwords are not sent by e-mail but the user can change his/her password with this function. An e-mail with a reset link will be sent to the user.
2) My client doesn't receive the password by e-mail after using the "retrieve password" or "reset password" function
a) There may have been a problem with your e-mail. Check the sent mail folder of your mail service and check the failed mail logs in backoffice via Logs > Failed mail.
b) The e-mail may have ended up in the end user's spam folder
c) The user's account has admin permissions enabled, in which case the e-mail will not be sent
3) My client cannot retrieve his/her password, I need to tell it to them
Before version 27.3
If you are using Infradox backoffice: look up the client in "user management". Click the user id in the column on the left. In the properties dialog you'll see a link "password". Click it to have the user's password sent to your e-mail address. Note that the site administrator e-mail address is configured on the server and that it cannot be changed online (the address is displayed when you click the link).
Version 27.3 or later
You can not retrieve passwords. You can however sent a password reset link to the user. Go to User management, find the account and open the properties dialog. There's a "password reset link" on the first tab sheet.
4) My client entered the wrong password several times and now gets a message that his/her account is blocked
Your client will have to wait several minutes after entering a wrong password a number of times within a certain number of minutes (depends on the server settings). This will add the account and ip address to the list of temporarily blocked accounts. The blocked entry will be removed automatically after a while, generally between 10 and 30 minutes.
5) My client cannot log in with the correct log in and password information
a) Most Infradox websites can be used even if cookies are disabled, but logging in will require cookies to be enabled.
b) In case cookies are enabled and the client still cannot login, then ask the client to delete both the domain and path cookies for your website
c) An administrator has marked the account as "disabled" - please check to make sure that the account is enabled in User Management
d) Some more recent Infradox websites have the "activation" option built-in, requiring the user to click a link they receive in their e-mail. The account is not enabled until the user has activated his/her account by use of the aforementioned activation link.
File download problems
1) My client gets the message "file currently unavailable"
If your website is API based it may be that the file is no longer available on the 3rd party server. You'll have to contact that 3rd party (agent) for information.
2) My client gets a "technical error" message when trying to download a file from the order page
As the message indicates, this is generally not a problem that you can solve without our help. Please include the client login, the order number and the error message when you post your ticket. If you know that the file is not stored on our servers (i.e. in case of data syndication, API connections, s3 storage and so on) then please include that information as well.
3) When trying to download a file, the message "the data appears to be invalid" is displayed
This error message indicates that the client data cannot be verified. This happens when the user leaves a page open for several hours and the user's sessions has expired as a result. When the user then clicks the download button, this error occurs. The user should log in first.
E-mail related problems
1) E-mails sent from the website are not received
a) Make sure that the e-mails are not ending up in your (or your client's spam folder)
b) Make sure that the e-mail was actually sent to the correct e-mail address
c) If your problem is about receiving a password retrieval e-mail then please read above under "logging in / password problems"
d) Many e-mails (e.g. notifications) are sent to group addresses. if that's the case then make sure that you are part of that group (eg info@, sales@ et cetera).
e) Check your outbox to make sure that the e-mail was sent. If you can't find it there then go to Site configuration, Failed e-mail to see if the message appears there.
f) Check your e-mail configuration and make sure that the settings are (still) correct. Go to Site configuration, E-mail configuration to check and test your settings.
g) XS version 21 or later: Go to Site configuration and click on Failed e-mail on the left. If there are e-mails that could not be sent you will see those there. The xml file is the actual message and the .err file has information about the error.