Reset password link creation no longer functioning after switching to Cloudflare

I use a plugin called Theme My Login on Wordpress for users to log in and out of their account. Ever since switching to Cloudflare it no longer creates functioning reset password links. Users are still sent a reset password link, but when clicked an error message appears saying the link is invalid.

Our local wordpress expert says the issue is cookie related, that Cloudflare is somehow preventing the creation of the necessary cookie to keep the reset password link functioning.

Anyone have any experience with this or know how to fix?

Hard to diagnose without more information. Cloudflare does not do anything at all with cookies. Are you using Cloudflare WAF (firewall)? Are you caching pages? Are all resources loading properly (https)? Are you using rocket loader?

I am not using Cloudflare WAF (don’t have the pro version). Never adjusted the caching settings (it’s set to standard with 4 hour browser cache expiration). Not sure how to answer regarding the resources loading properly, I’m not experiencing any other issues. Yes, I am using rocket loader.

My point was that Cloudflare doesn’t do anything with cookies, doesn’t cache pages, and doesn’t change links on your website or create error “invalid” error messages.

First of all, I would recommend disabling CF rocket loader. This is basically the only Cloudflare feature that might be interfering with frontend behavior from your server. Some login mechanisms use javascript.

Well, this would have to be checked. In Chrome for example, open View > Developer > Javascript console. Then check the pages, see if any errors show up in the console, and check if something isn’t loading in the “network” tab.

With the exception of Rocket loader, Cloudflare doesn’t interfere in the website functionality … My experienced guess is that either it’s rocket loader, or it’s simply not a Cloudflare issue. I can only diagnose further by being able to test from here.