Quote:
|
Originally Posted by Ksenia
If you upgrade the database on a dev server, when you move the upgraded DB back to production server you need to edit config.php of production copy as follows:
1)copy $blowfish_key and security keys ($xc_security_key_session, $xc_security_key_config, $xc_security_key_general) from dev copy
or
2) Set these constants to 'false' so that the secret keys will not be checked:
const CHECK_CUSTOMERS_INTEGRITY
const CHECK_XAUTH_USER_IDS_INTEGRITY
const CHECK_RESET_PASSWORDS_INTEGRITY
const CHECK_CONFIG_INTEGRITY
We consider that #1 is a better choice, but it's up to you to decide.
And since you're editing config.php, you may also want to disable the 'block unknown admin IP' feature, (const BLOCK_UNKNOWN_ADMIN_IP is responsible for it) or expand the list of allowed admin IPs ( const ADMIN_ALLOWED_IP).
|
@Ksenia
I tried option #1 and it did NOT work. Again if these security features are tied to the IP address they will never work when moved from one server to another unless keys are regenerated which is impossible without login in to admin or doing "forgot password".... Since even with all of them OFF you still can't login to admin the only way left is "forgot password"....