Fixing error_message": "Session reuse detected, IPAddress logged

@whattheserver : I just want to say thank you for your work on this. I can see you put a significant amount of time into helping out with this. It’s much appreciated.

If you want to do this by commenting out (or removing) lines, then pay attention to the fact that the relevant line numbers may change with each update.

As of 2.0 the relevant lines are 17-47

Thanks @Mysterious_Beans … i did this as per your suggestion and it worked for me … Cheers !!!

given solutions are not working, please post the solution for this problem.

I think @CyberPanel should include it under security options and allow the user to switch it on or off

I tried both solutions suggested with no success, still getting the errors when IP changes

Type your comment> @CyberPanel said:

If your IP change frequently and you don’t need this protection, you can edit this file

https://github.com/usmannasir/cyberpanel/blob/1.8.0/CyberCP/secMiddleware.py

Remove line 11-40.

On server this file is available at /usr/local/CyberCP/CyberCP

then systemctl restart lscpd

Solution did nt work. cyberpanel did not work properly with cloudflare

I have the same issue using CloudFlare.
I can sometimes log in, and some times I get the error.
{“error_message”: “Session reuse detected, IPAddress logged.”, “errorMessage”: “Session reuse detected, IPAddress logged.”}

The tutorial over just ends up with internal error 500.

I have the same issue. I am also using CloudFlare.
After logging in I can browse 1-2 sites on cyberpanel, then I have to login again.

Everything works well when I log in with HTTP:: (only loading of each page takes much longer).
I only have the issue described above when I log in with HTTPS::.

Same behavior for others?

For cloudflare users please replace REMOTE_ADDR with True-Client-IP and for nginx please replace REMOTE_ADDR with X_REAL_IP
your issue will be resolved no need to remove a single line and also no 500 error cheers
regards
Aditya Rathore World

@arworld said:
For cloudflare users please replace REMOTE_ADDR with True-Client-IP and for nginx please replace REMOTE_ADDR with X_REAL_IP
your issue will be resolved no need to remove a single line and also no 500 error cheers
regards
Aditya Rathore World

ipAddr = request.META.get(‘True-Client-IP’).split(’:’)[:3]

you can comment above line if using cloudflare as it have single header ip only
def call(self, request):
try:
uID = request.session[‘userID’]
admin = Administrator.objects.get(pk=uID)
ipAddr = request.META.get(‘True-Client-IP’)

        if ipAddr.find('.') > -1:
            if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW:
                pass
            else:
                del request.session['userID']
                del request.session['ipAddr']
                logging.writeToFile(request.META.get('True-Client-IP'))
                final_dic = {'error_message': "Session reuse detected, IPAddress logged.",
                             "errorMessage": "Session reuse detected, IPAddress logged."}
                final_json = json.dumps(final_dic)
                return HttpResponse(final_json)
        else:

ipAddr = request.META.get(‘True-Client-IP’).split(’:’)[:3]

            if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW:
                pass
            else:
                del request.session['userID']
                del request.session['ipAddr']
                logging.writeToFile(request.META.get('True-Client-IP'))
                final_dic = {'error_message': "Session reuse detected, IPAddress logged.",
                             "errorMessage": "Session reuse detected, IPAddress logged."}
                final_json = json.dumps(final_dic)
                return HttpResponse(final_json)
    except:
        pass

i also tried every methods now i got 500
Internal Server Error

@arworld said:
For cloudflare users please replace REMOTE_ADDR with True-Client-IP and for nginx please replace REMOTE_ADDR with X_REAL_IP
your issue will be resolved no need to remove a single line and also no 500 error cheers
regards
Aditya Rathore World

Thank you @arworld for your help! This seems to work for me very well. So far I haven’t had any problems with the session reuse anymore!

1 Like

Glad it helped you too :blush: