Skip to:

Re: .htaccess/Cookie woes!



I’ll preface this by saying that I love Ahi Tuna dishes at restaurants. What is it about that huge hunk of raw fish meat that’s only seared to (probably) keep men’s wives from refusing to share a bed with a man who would eat a classic “dry heave” food. So, why do I like it? Well, it’s not the big chunk of meat that draws me in and pleases my palate. It’s the simple glaze that I often find on top; the light, sweet sauce that perfectly compliments the fish. As they say, “The secret’s in the sauce.”

So, the “sauce” for this problem was the secret, and the sauce ended up being all too simple. Ziyphr first directed my friend and I to wp-settings.php. (He said to check out line 185, but mine was around 151-160). I found the code that called the siteurl and home, both of which would have returned, as that is what I have listed in my admin panel. I thought I needed to modify those to somehow spit out two domains, with the www and sans.

My friend also informed me that he believed that cookie domains really need two dots, the first before the domain and the second after the domain but before the ‘com’. In my case it would be How to get ‘siteurl’ or ‘home’ to reflect that was a challenging thought.

One side-note for anyone trying this same thing, DON'T CHANGE YOUR SITE ADDRESS OR HOME ADDRESS TO ANYTHING OTHER THAN \"WWW.MYURL.COM\" OR \"MYURL.COM\" IN THE ADMIN PANEL. Doing so will cause you more headaches than when you meet your mother in law for the first time. (Ok, that was an exaggeration, but only slightly).

Once I got that mess sorted out, we tried to hard code in the, replacing

define('COOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_settings('home') . '/' ) ); with

define('COOKIEPATH', '');

This didn’t work, and all hope was lost. Curiosity getting the best of me, I opened up my preferences panel in Safari and pulled up the list of all my stored cookies to see if there were any similarities/discrepencies between my cookie and other sites’ cookies. This is where I saw my cookie had the value “” under the heading “website” where most other sites were listed as “”, missing the www that seemed to be plaguing me. I decided that was what I needed changed, and when I looked back at the code in wp-settings.php, I discovered that line 160 was unique from the others.

if ( !defined('COOKIE_DOMAIN') )
define('COOKIE_DOMAIN', false);

I decided to change this to this:

if ( !defined('COOKIE_DOMAIN') )
define('COOKIE_DOMAIN', '');

What do you know…I dumped my cookies for my site, refreshed the page, logged in, checked the cookie, and there it was, ‘’. Now for the true test, I got rid of the ‘www’ in the address bar, hit return, and VOILA! I was still logged in. Everything was seamless. I was now the owner of a spiffy wordpress/bbpress integrated site that shared cookies across sites and subdomains. No crazy .htaccess directives, no checking and double checking every last link in my site to reflect my choice of domains.

This is the way it should be done. I’m quite surprised it was such a simple solution, and that nobody seemed to be aware of how simple the solution is. I hope this is helpful to someone else trying to share cookies across multiple subdomains.

Skip to toolbar