Social Login does not work!!
It may happen that, when using YITH WooCommerce Social Login and trying to log in, it does not work and you may also get an error screen.
In these situations, it is useful to enable WordPress debugging and the plugin log because the generated errors can help us identify the problem.
One of the most common problems is caused by the cache. In this case, we need to exclude the path `wp-content/plugins/yith-woocommerce-social-login-premium/includes/hybridauth/` from caching. If our hosting has its own caching system, such as WPEngine, it’s necessary to ask the hosting to exclude the above-mentioned path from caching.
Note: on WPEngine, it is also essential to exclude the cookie
except for sites hosted on WPEngine, PHP Sessions must be active on the installation.
It may happen that sessions are saved in a specific path and the plugin can't access them. In this case, it can be fixed as follows:
- create a folder in the main root of the site and name it, for example, `tmp`
- add the following line to the wp-config.php:
Another issue that may happen is due to file/folder permissions. It’s necessary that the path `wp-content/plugins/yith-woocommerce-social-login-premium/includes/hybridauth/` has the correct permissions access (755 for folder and 644 for files)
A timezone issue can be identified by error messages like the following:
DateTime::__construct(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.
This should be fixed on the server settings. Therefore, in order to fix it, you need to contact the hosting company.
Some servers don’t put “/” at the end of the URLs. In this case, the error will be triggered by the social network we are trying to access. We simply need to add the following line to the wp-config.php of our installation:
define( 'YWSL_FINAL_SLASH', true );
It is possible that in Mod_Security there are some rules that generate a false positive. In some cases, you might find a message like this in the logs:
`[Fri Sep 06 15:08:18.322666 2019] [:error] [pid 31404:tid 47047375914752] [client 127.0.0.1:50660] [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 2). Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.mysite.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile openid https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.mysite.com"] [uri "/"] [unique_id "XXJaQt8wFaN5k3mICQg0egAAAJg"]`
If disabling Mod_Security solves the problem, you need to contact your hosting so they can check the rules and find a solution.