1. b2evolution CMS User Manual
  2. Installation / Upgrade
  3. Advanced Setup
  4. Multi-Domain Setup
  5. Logging-in on multiple domains

Logging-in on multiple domains

If you have a Multi Domain Setup, at some point you might want to log-in on several of your domains at once.

Here’s what you can and cannot expect to work:

1. You cannot share cookies between completely different domains

First you have to remember that if you log in on www.microsoft.com, the cookie that remembers your session there will never be sent to www.google.com. What this means for you is that if you are running 2 sites on site-a.com and site-b.com, it doesn’t matter that you own both domains and run them on the same b2evolution installation, the reality is that a cookie from site-a.com will never be sent to site-b.com. So no matter what you try, logging in on site-A will never automatically log you in on site-B. This is a security restriction of your web browser.

2. Sharing cookies between sub-domains is possible

Now, if you now run 2 sites on www.your-domain.com and blog.your-domain.com, then YES, it is very possible to log in once and be logged in on every sub-site/sub-domain of your-domain.com.

In order to achieve that, you need to set the Cookie Domain for every one of the collections to your-domain.com . In b2evolution 6.7.5+ you can do this in the Collection Cookie Settings.

This will all work automatically if you set your $baseurl to your-domain.com or www.your-domain.com and then set some of your collections to some-name.your-domain.com.

In b2evolution versions prior to 6.7.5, you would have needed to edit the $cookie_domain advanced configuration variable (no longer necessary in 6.7.5+)

3. Sharing cookies between a main domain and subdomains is possible

b2evolution will work fine with if you want to share cookies between a main domain like your-domain.com and a subdomain like sub.your-domain.com domains by sharing the same Cookie Domain (in this case: your-domain.com) and the same Cookie Path (in this case: /).

4. Trying to split a main domain and subdomain will create conflicts (same for subpaths)

Now if you tried to have your-domain.com and sub.your-domain.com NOT to share cookies (by using 2 different ), you would run into trouble because the subdomain would start receiving 2 different cookies.

Same problem if you tried to have your-domain.com/ and your-domain.com/sub-folder/ NOT to share cookies (by using 2 different ) because, here again, the subfolder would start receiving alternatively one or the other cookie.

The way to fix that would be to use different cookie names for different collections, BUT the way b2evolution’s sessions are initialized before initializing the Collection makes this impractical. Since this is a very narrow use case, we have decided not to support it for now.

5. More info on cookies

For more information on b2evolution’s use of cookies, see also: Troubleshooting Cookie Issues

Created by • Last edit by on 2016-08-08 16:08 • •

No feedback yet