CMS kicks us out after short inactivity. Can't find an error

ssl
pagerules

#1

We are being booted from our CMS after only a short period of time, repeatedly. The only way thus far to get back in is to switch our wifi route from one channel to the other.

The workaround is to save after updating each field as we post content (tedious).

We have a page rule in place for our cms dashboard, SSL is at “full” but security level is “essentially off.”

The error we get is not a cloudflare error - it says “you are not authorized to perform this action” - but we’re running out of ideas on what’s causing it.

Has anyone encountered a problem like this that is alleviated by switching wifi router channels?


#2

You may be a victim of Wi-Fi deauthentication attack.


#3

Xaq - Thank you for this, did not know it existed. However we’re having this problem in multiple locations, not just our own. People are being booted off our CMS all over our state.


#4

Subtracting the wifi bit, it sounds to me like you’re having issues with session invalidation. This could be the session list is full on the server, the server is bouncing, or maybe a CMS security plugin is kicking users if it misinterprets input as a possible attack. I would check the configuration on the server and turn on verbose logging.


#5

Mike thanks for this. I’m forwarding this to our web dev.


#6

mike8 I think you were right. We are changing how the site handles security and sessions and will see how that goes. Thanks again.