Getting Logged Out of ClassicPress
Since migrating several blogs from WordPress to ClassicPress, I get logged out whenever I follow a link to my dashboard from the custom start page on my LAN. Or from any other website.
It remembers me when I…
- Type in the admin URL directly
- Open a bookmark
- Open it from Vivaldi Speed Dial
- Follow a link from the blog front-end
- Follow a link from anywhere else on the same site.
Only following a link from outside logs me out.
A little digging turned this up: ClassicPress uses the SameSite=Strict
mode for admin cookies. This is a way to mitigate cross-site attacks by telling the browser it shouldn’t send the cookies if the request is coming from another site.
That’s a good thing! And it explains exactly what I’m seeing.
So at least it makes sense, even though it does mean I need to change my workflow a bit.