Fixing Magento Login Problem after a Fresh Installation

May 10, 2009

This is just a quick little note to suggest two ways to solve the problem that you cannot log in to your Magento admin interface after a fresh install of Magento.

The Problem

The problem will manifest itself as a redirect back to the login screen, even though you typed the right username and password. If this problem is affecting you, you will be redirected back and see no error message. This indicates you have the right credentials, but the Magento Admin is just not letting you in. You can verify it by typing the wrong username and password, you’ll see you get redirected back and it shows an error message.

The problem occurs because the Magento backend tries to set a cookie on your browser, and then for some reason when you next make a request, the cookie is gone(or was never there). This makes Magento think you have never logged in, and of course it redirects you to the login screen. So the real guts of it is the missing cookie, we need to find out why it’s missing.

There are two three solutions (Update: now with bonus 3rd solution) I have come across that will solve this, there may be others too, so please feel free to post them below. Both of these solutions have been suggested in the comments of my post on Setting up Apache Virtual Hosting.

Solution 1: Domain Name with no dots

This is the most common solution, if you have set up Magento to run locally (on MAMP for example) then you may be accessing the Apache webserver using the localhost hostname. A security setting in browsers means that the cookie will not be set, though apparently in FF3 at least, this behavior is a bug?.

So simply stop using localhost, you can use your localhost interface (e.g. 127.0.0.1 or 127.0.1.1). To determine your localhost interface you can look at the contents of your hosts file:

# Look for the number to the left of localhost
cat /etc/hosts

or your interface configuration.

# Look for interface loX with the LOOPBACK flag (probably lo0)
ifconfig

Once you know which number to use, you can replace localhost with the number. If you have already installed Magento using localhost then it will keep writing out links to localhost, even after you have changed to using the IP address, you will need to change the base_url values in the core_config_data table, you can run a query like this to find the right config values to change:

SELECT * FROM core_config_data WHERE VALUE LIKE "%localhost%";

This should identfy two config values that will need to update with a query like:

UPDATE core_config_data SET VALUE="http://127.0.0.1/" WHERE path IN ('web/unsecure/base_url','web/secure/base_url') ;

I’m going to assume you know to put the right value into that query, and not use the example one I have provided!

After changing that value you should delete your var/cache contents, and then refresh the page. Now you should have Magento running on an IP address, not a hostname with no dots in it. Of course you could always set up a fake domain name like www.testing.com by using a Virtual Hosting setup like I describe in my post on how to configure a MAMP Virtual host.

Solution 2: Timezone differences between server and client

One other, less likely problem, is that the cookie is being set, but expiring immediately. To check this you can inspect the cookies your browser is holding, and check if there is one there from Magento. If there is then check both the timezone your magento installation is using , and the one you have set locally, perhaps your local time is not set properly?

Solution 3: Cookie domain does not match server domain

This caught me out when I was replicating a remote site on my local mac development environment. I thought it’d be worth adding this solution here, seeing as this post still seems to rank well for Magento install problems. I had changed the base URLs but had forgotten to check the core_config_data table for any other Magento configuration data that might have been interfering with cookies. The config path in question is: web/cookie/cookie_domain.

You can check the table with an SQL command like this – you should be on the look out for config values that have hard coded the old URL:

SELECT * FROM core_config_data WHERE VALUE LIKE "%domain.com%";
 
-- Be on the look out for something like this:
|       513 | DEFAULT |        0 | web/cookie/cookie_domain               | DOMAIN.com                                     |

And update it to an empty string (less secure) or the new actual domain (more secure) as shown below:

UPDATE core_config_data SET VALUE = "" WHERE config_id = 513;
-- or
UPDATE core_config_data SET VALUE = "domain.com" WHERE config_id = 513;

Hopefully one of these two three solutions will get you back on track and able to log in to your newly installed Magento. Feel free to post problems or suggest other solutions in the comments below. I’m always more than happy to update my posts with helpful tips from readers.

Ashley

Posts

Hi! I'm Ashley Schroder, a Software Engineer from New Zealand - this is a collection of notes on my experiences with Ecommerce Web Development, particularly Magento Development.

Are Your Customers Getting The Magento Emails You Send?

MageSend Magento Email sending with Amazon SES

I have made a premium Magento Extension called MageSend. MageSend makes it simple and easy to send using Amazon's highly reliable SES email service.

The extension is $99, and comes with a complete money back guarantee, please check it out, I am confident it will resolve any email sending problems with your Magento store.

64 responses to Fixing Magento Login Problem after a Fresh Installation

  1. I am running magento 1.6.2. I have migrated my site from a development domain to the live domain – both domains reside on the same server. In summary, the steps I performed were as follow:-

    1. I ftp-ed my entire magento folder from the development domain to the root of the live domain
    2. Recursively chmoded all directory permissions on the live domain to 755
    3. Recursively chmoded all file permissions to 644
    4. Dumped the development mysql database and uploaded it to a new database connected with the live domain
    5. Changed all Unsecure and Secure Base url references to the live domain
    6. Edited the live domain app/etc/local.xml to point to the new database
    7. Truncated the core_session table in the live db
    8. Flushed magento/var/cache on the live domain
    9. Updated the index.php and .htaccess files in the magento folder on the live domain with the necessary live domain/store details.

    When I now load my home page on the live domain (http://.com/magento/index.php) I am redirected to the home page on the development domain instead of the live domain. When I now load my live admin login page (http://.com/magento/index.php/admin> I am also redirected to the frontend home page on the development domain.

    The really weird thing is that I completed the migration yesterday and, in the endless attempts I have made since then to identify the issue on two separate occasions, and without making any changes to configuration settings, when I requested my home page on the live domain the live domain home page successfully loaded and on two separate occasions when I requested my live admin login page it also successfully loaded and I was able to login to the live magento backend. This suggests that my live configuration settings are indeed correct and that there may be some stubborn obscure cache or session data at the root of the issue.

    Is there anybody who can tell me the likely cause of this behaviour and how I resolve this issue?

  2. Thanks for the solution to this problem…was actually thinking it was a problem from the magento code; well, seems not.

    Thanks, great help!

  3. really thanks for the information

  4. Got the same problem/headache and I hardcoded the situation like this

    Open this file

    /app/code/core/Mage/Core/Model/Session/Abstract/Varien.php

    Make a backup of the file first, just in case..

    Look for this lines o code

    // set session cookie params
    session_set_cookie_params(
    $this->getCookie()->getLifetime(),
    $this->getCookie()->getPath(),
    $this->getCookie()->getDomain(),
    $this->getCookie()->isSecure(),
    $this->getCookie()->getHttponly()
    );

    and make this changes:

    // set session cookie params
    session_set_cookie_params(
    $this->getCookie()->getLifetime(),
    $this->getCookie()->getPath()//,
    //$this->getCookie()->getDomain(),
    //$this->getCookie()->isSecure(),
    //$this->getCookie()->getHttponly()
    );

    Remember to put it back as original when is in production…

  5. Solution 3 was what I needed! Thanks Ashley, your work is always helpful!

  6. Awesome post! Thanks for the help.

  7. i also have same issue
    after i go to this url http://www.gingerlily.fr/test/ fronted cookie change to http://www.gingerlily.fr.
    all the images and other resourced loaded from root site can anyone help me.. thanks

  8. Hi Ashley – you saved the day … an incorrect Cookie Path caused my system to be inacessible… can now get back in the admin! Thanks for the post!

    Allan

  9. Juan Fach your comment really help me!

  10. thanks great work and thanks for sharing

  11. Juan Fach: thanks…….you solved my problem.:)

  12. Hi Ashley
    I was soo relieved to find your post on the cookies issues with Magento. I am just trying to get an installation up and running, and cookies are definately not working – that being said, I have tried everything I can think of to straighten it out, and still no luck. Even your great writeup here did not solve the problem. Is there any way you can help???

  13. Doh! turns out it was a system time problem after all.
    Thanks for the excellent info you have here. :-]

  14. Claudio Dobniewski February 26, 2013 at 3:09 am

    Thanks! domain whith dots work for me!

    localhost or fridakalo not work

    localhost.com or fridakalo.com yes work.

    regards!