Manual:How to debug/Login problems


Login or session problems (such as not being able to log in, immediately getting logged out, randomly getting logged out, not being able to edit due to "loss of session data" errors) can be caused by a large variety of things, which makes debugging them hard.

When investigating or reporting errors, here are a few tips.

  • Try to collect information about various aspects of the error:
    • Does it persist after clearing cookies for the wiki domain? When logging in using incognito mode? When logging in with a different kind of browser?
    • If you use any ad blockers or browser privacy add-ons, are they blocking anything? Does it work if you turn them off?
    • Does it affect all user accounts, or just one?
    • Does the "remember me" flag make any difference? (Clear cookies before attempts.)
    • If the problems are happening on a Wikimedia wiki, try logging in on another wiki, preferably one that does not share a second-level domain name (so if the problem happens on, try for example
    • If the problems are happening on your own wiki, what MediaWiki version do you use? (Session and login handling has been fully rewritten in 1.27.) Pre-1.27, check the value of $wgSessionsInObjectCache ; if it is false, test that your PHP session handling is working (e.g. that session.save_path is writable). If it is true, see what session providers (SessionProvider subclasses) you are using.
  • If the problems are happening on your own wiki, check what session backend is being used ($wgSessionCacheType ), and make sure it works (data is actually persisted between requests). The most safe configuration is $wgSessionCacheType = CACHE_DB;. If you're unsure about how it's configured, add this setting at the end of your LocalSettings.php.
  • Please do not reuse old bug reports unless you are sure it's the same cause. There are lots of reports about past issues, and the while symptoms will usually look vaguely similar to yours (there are only so many ways login can fail) the cause is likely to be different.

Some additional checks:

If the above information is not enough to diagnose the issue (which is usually the case), you'll need to get detailed debug data:

  • Capture the relevant HTTP requests and responses (i.e. visiting the login page + submitting the login form + the resulting redirect; if the wiki uses single sign-on then all the requests to Special:CentralAutoLogin as well). This can be done by using the Network tab in the Developer Tools of your web browser (more information: Firefox; Internet Explorer, Chrome and Chromium, Safari). Note this includes security-sensitive data (such as your session ID); when reporting bugs, either sanitize them or create a private paste. (Dumping to a HAR file is an easy way to log all required data.)
  • If the problems are happening on your own wiki, check your logs for relevant records, especially the session, cookie, authentication, objectcache channels.
MediaWiki version:
  • For certain types of cache you can get more information by setting debug mode:
$wgHooks['SetupAfterCache'][] = function () {
    global $wgSessionCacheType;
    ObjectCache::getInstance( $wgSessionCacheType )->setDebug( true );
  • Ensure the hostnames match in MediaWiki and Apache httpd.conf. For example, for the domain and the web server located at
# LocalSettings.php
$wgServer           = '//';
$wgCanonicalServer  = '';
$wgSitename         = 'Example Wiki';

$wgSecureLogin      = true;
$wgCookieHttpOnly   = true;
$wgCookieSecure     = 'detect';
# httpd.conf
<VirtualHost *:80>
   ServerAlias *
   Redirect permanent /

<VirtualHost *:443>
   SSLEngine on
   ServerAlias *