Logging-in on multiple domains
If you have a Multi Domain Setup, at some point you might want to log-in on several of your domains at once.
Here’s what you can and cannot expect to work:
1. You cannot share cookies between completely different domains
First you have to remember that if you log in on
www.microsoft.com, the cookie that remembers your session there will never be sent to
www.google.com. What this means for you is that if you are running 2 sites on
site-b.com, it doesn’t matter that you own both domains and run them on the same b2evolution installation, the reality is that a cookie from
site-a.com will never be sent to
site-b.com. So no matter what you try, logging in on site-A will never automatically log you in on site-B. This is a security restriction of your web browser.
2. Sharing cookies between sub-domains is possible
Now, if you now run 2 sites on
blog.your-domain.com, then YES, it is very possible to log in once and be logged in on every sub-site/sub-domain of
In order to achieve that, you need to set the Cookie Domain for every one of the collections to
your-domain.com . In b2evolution 6.7.5+ you can do this in the Collection Cookie Settings.
This will all work automatically if you set your
www.your-domain.com and then set some of your collections to
In b2evolution versions prior to 6.7.5, you would have needed to edit the
$cookie_domain advanced configuration variable (no longer necessary in 6.7.5+)
3. Sharing cookies between a main domain and subdomains is possible
b2evolution will work fine with if you want to share cookies between a main domain like
your-domain.com and a subdomain like
sub.your-domain.com domains by sharing the same Cookie Domain (in this case:
your-domain.com) and the same Cookie Path (in this case:
4. Trying to split a main domain and subdomain will create conflicts (same for subpaths)
Now if you tried to have
sub.your-domain.com NOT to share cookies (by using 2 different Cookie Domains), you would run into trouble because the subdomain would start receiving 2 different cookies.
Same problem if you tried to have
your-domain.com/sub-folder/ NOT to share cookies (by using 2 different Cookie Paths) because, here again, the subfolder would start receiving alternatively one or the other cookie.
The way to fix that would be to use different cookie names for different collections, BUT the way b2evolution’s sessions are initialized before initializing the Collection makes this impractical. Since this is a very narrow use case, we have decided not to support it for now.
5. More info on cookies