The key [HTTP_COOKIE] is wrong


#1

hello, my site fell for a moment, after returning is crazy. The modena is in dollars and does not let me change to COP pesos. I noticed that the key [HTTP_COOKIE] has a very long string and I think it’s wrong. I show you an image. The content goes much further to the right


#2

Did you try clearing browser’s cache?


#3

Hi @Xaq, thanks for answering, I’ll tell you.
Yes, I have cleaned the browser cache, the emi cms cache (Prestashop), I have purged to cloudflare. I would need to clean some cache?
Now I can visualize my site in the right way, but in the administration system it does not save the changes (although it is certain that the bdd works). I try to log in with my account on my blog (Wordpress) and log in with another user.
If it works, I have activated HSTS, but I have it active for a long time and everything was fine, the only thing was that yesterday the server restarted and when it came back my CMS was crazy.


#4

So you are OK at client side but have problems at server side.
Do you have any recent backup or can you dump your database and restore the last working backup?


#5

If I have it, but I’m almost sure it’s not a problem with the system, I can already lose the user’s registration and not let me log out, clean cookies and cache in the browser and in CMS, when I open the browser and give Click to start the session opens the same previous session.
What other idea is the possibility that it could happen?
I am thinking about the detour of HSTS, then cloudflare and I return to my dns to see if I return to normal, what do you think?


#6

How about setting your site to Development Mode? This will bypass the cache and give you a more “live” version of your site. I’m thinking something is getting stuck in a Cloudflare cache.

Dev Mode can be enabled from your Cloudflare Overview tab (Quick Actions) or Caching tab.


#7

Hi @sdayman, I’ve already enabled dev mode. What can I see with that enabled? It also seems to me that something stuck in the cloudflare cache.


#8

If Dev Mode didn’t fix it, then try to :grey: the site in Cloudflare’s DNS. This will completely bypass Cloudflare.


#9

Sorry, to do what you tell me, should I disable the dev mode first?


#10

No, you don’t need to.

And later on, Dev Mode will automatically turn off.


#11

Perfect.
You know that when executing the command:

curl -v vencompras.com

It shows me the next exit.
It’s normal to tell me Hostname was NOT found in DNS cache?

* Rebuilt URL to: vencompras.com/
* Hostname was NOT found in DNS cache
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 104.18.57.196...

  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0* Connected to vencompras.com (104.18.57.196) port 80 (#0)

> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: vencompras.com
> Accept: */*
> 
< HTTP/1.1 301 Moved Permanently
< Date: Sat, 25 Nov 2017 16:11:09 GMT
< Transfer-Encoding: chunked
< Connection: keep-alive
< Cache-Control: max-age=3600
< Expires: Sat, 25 Nov 2017 17:11:09 GMT
< Location: https://vencompras.com/
* Server cloudflare-nginx is not blacklisted
< Server: cloudflare-nginx
< CF-RAY: 3c35e1d5b3ec2114-LAX
< 
{ [data not shown]
 0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
* Connection #0 to host vencompras.com left intact

#12

I’ve never seen that in my version of curl, but the message does not surprise me. Not every hostname is going to stay in your DNS cache. So your computer gets it from your local DNS server, which may, in turn, need to get it from an upstream DNS server.


#13

So I do not worry, even without being able to solve. I followed all your recommendations and my site nothing. I insist that it can be something with a corrupt cache in cloudflare, since prestashop works with the user’s cookies. He does not let me change the currency either, he only stays in COP.
It may be a good idea to disable HSTS?


#14

If you :grey: your DNS entry for your site, then you can test your site without Cloudflare. Have you tried this?


#15

Yes, I tried it and it continues the same or should I wait some time after making the change?


#16

Please look at this post

[_expire: protected] => 1511635610

It catches my attention _expire: protected.
I captured that information by printing the cookie variable of my site


#17

It takes about 5 minutes for DNS to propagate. But to double check, look at your browser’s Dev Tools for the HTTP response to make sure there are no Cloudflare headers. That would mean your site is being visited directly.

And if that’s the case, then it’s not a Cloudflare issue.


#18

@sdayman Thank you very much for all the information.