I install PHP, Apache, and MySQL done and worked. When I finish installing Phpmyadmin, then open it has an error.

Failed to set session cookie. Maybe you are using HTTP instead of HTTPS.

I don't know why. How can I fix this?

After searching the net for a solution to this problem i figured out that in my case a specific chrome extension caused the login problem. So i recommend to disable your extensions .

In my case the chrome extension that caused the problem was called : Safe torrent scanner

Just had this issue on Chrome today, the following worked for me so I thought I'd share it.

Navigate to the Inspector > Application > Clear Storage > Go ahead and clear everything.

I had the same problem and a quick workaround was to use Incognito mode

I had this issue today, and here are the steps that I did that helped me fix it on Chrome:

1- Right click anywhere on the page, and choose "inspect" or click F12 to open developer tools.

2- From the top menu, choose "Application".

3- Click Cookies on the left menu.

4- You will find some cookies there, click each one, and click "X" on the top to remove it. After removing all of them, refresh the page.

Just clear the cookies and the cache in your browser. This is how it worked for me.

You don't seem to be the first to experience this; there's one other before you: https://github.com/phpmyadmin/phpmyadmin/issues/14184

I've personally had trouble where I have to press the button to log in a second time, but it works for me. The person who opened that bug was completely unable to log in.

So basically it's currently an open and known bug and hopefully it will be fixed for the next phpMyAdmin release.

I have had this issue in the past however was successful in solving it using the instructions provided in this answer. (using phpMyAdmin version 4.8.0.1)

Navigate to

config.inc.php

in your server files and examine the following section:

/* Authentication type and info */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['user'] = 'username';
$cfg['Servers'][$i]['password'] = 'password';
$cfg['Servers'][$i]['extension'] = 'mysqli';
$cfg['Servers'][$i]['AllowNoPassword'] = true;

If not already performed, comment out the user and password lines and makes sure the auth_type is set to cookie.

From my experience, this action needs to take place for phpMyAdmin to operate with cookie authentication before you move on.

Next perform the following steps to solve the session cookie not working with HTTP:

1. Enter your browser settings (e.g. for Google Chrome go to chrome://settings/)
2. Attempt to locate the setting to clear cookies, cached data, images and files, history, etc.
3. After you successfully find this, clear your browser's browsing history, download history, cached images and files, and content settings.
4. Clear the cookies for the phpMyAdmin login page. Note: In Internet Explorer, it is slightly difficult to view and delete the cookies. An internet article is available from Ask Leo about viewing cookies in IE if you need help.

I received the idea of performing the above instructions because I eyed someone at this GitHub issue mentioning private mode. This is a comment from nik6018:

As stated in #14234 Login via HTTP works if in private mode, but doesn't work in normal session. I tried to clear the cookie for the domain but still the same issue.

Private mode reminded me of issues I have had in the distant past like this one, and I remember having to clear various browser items.

On account of my reminder from the distant past, I tried the above instructions in a different sequence or way than I presented them, and it worked.

I found one reason for this error

Ref: https://github.com/phpmyadmin/phpmyadmin/issues/15634#issuecomment-571713024

If your browser has a Secure cookie and you are browsing a non secure connexion, the non secure connexion will send a new non secure cookie. And the browser will refuse to overwrite the Secure one. Leading to an endless loop.

"Failed to set session cookie. Maybe you are using HTTP instead of HTTPS to access phpMyAdmin."

I also tried "Privacy Badger" but could not reproduce the issue.

I faced this issue on phpMyAdmin-4.9.1. I simply renamed config file from config.sample.inc.php to config.inc.php.

I had this issue because I am hosting phpmyadmin behind an nginx reverse proxy, using Docker Compose. In my docker-compose.yml file I had:

db-admin:
    # https://hub.docker.com/r/phpmyadmin/phpmyadmin/
    image: phpmyadmin/phpmyadmin:latest
    restart: always
    environment:
      - PMA_ARBITRARY=1
      - PMA_HOST=http://db
      - PMA_PORT=3306
      - PMA_ABSOLUTE_URI=http://localhost/db-admin/  # necessary because the db-admin is hosted behind a reverse proxy.
    ports:
      - 8084:80
    depends_on:
      - db
    networks:
      - shared-network

Due to the reverse-proxy and the PMA_ABSOLUTE_URI, I can only use this application on http://localhost/db-admin, not on http://localhost:8084.

A specific "chrome extension" is causing my login problem. So I recommend disabling your extensions. You can install this extension, it will enable or disable all extensions with one click , this is the link:

https://chromewebstore.google.com/detail/pmpractices-disable-exten/fjediallhmpmapaajckohopenhlkplmm

Well, it's one of two things. Either you don't have TLS/HTTPS enabled on your production box (which you definitely should! -- good resources for getting started are Let's Encrypt and whatever host you're using) OR you're probably trying to access a development server in a production mode. In the latter case, while I'm not familiar with PHPMyAdmin myself I'd guess there's a configuration file somewhere that dictates when it should act like a production server versus a local server and you can just toggle that. But definitely don't toggle your production server to act like a development server, then you're just giving up security for convenience which will eventually come back to bite you.

I had the same problem, but, in my case, the problem was my VPN, so I disabled it.

If you are using a VPN you need to disable it or just disable you cookie blocking.

The issue should be solved using phpMyAdmin 4.9.2 as I made a fix for it but if you still have the issue please comment on https://github.com/phpmyadmin/phpmyadmin/issues/15634

In my case it was the Bitwarden plugin on Firefox. Disabling it fixed the issue, along with another issue which prevented Business Central from loading.

I just ran into this problem using Firefox 61 on a site I had been using regularly, so I knew my config settings were correct. In fact, I could go in using Private Mode. So, in non-private mode, using the Firefox Developers Tools, I cleared ALL Session cookies and VOILA. Worked perfectly.

My solution was to disable (add an exception for my domain) to the "Privacy Badger" Firefox Extension.

As soon as I did this, I was able to log in.

The other solutions in this post (config.ini.php, browser cache, VPN) did not do anything for me. Seems like the issue is primarily tied to environment / browser config, which could be unique for each person.

I don't think it's an issue with PHPMyAdmin.

Oddly enough, this error can result when using Docker and the database hostname is not specified correctly in the container configuration, e.g., when the actual database hostname does not match phpMyAdmin's default value.

The portion of the message that states, Maybe you are using HTTP instead of HTTPS. is a "red herring" because switching to HTTPS is not what fixes the issue in this specific case.

For this specific case, in the docker-compose.yml, the PMA_HOST environment variable must be set appropriately, e.g.:

services:
    phpmyadmin:
        environment:
          - PMA_HOST=mysql

A more complete example, which works correctly in Laravel Sail (which is a specific Docker container stack implementation), but only after making this change, is as follows:

services:
    phpmyadmin:
        image: phpmyadmin
        restart: always
        ports:
          - 8080:80
        environment:
          - PMA_HOST=mysql
        networks:
          - sail

Now, phpMyAdmin can be reached successfully at http://localhost:8080 (note the lack of HTTPS), and the error no longer occurs.

if you are using extension named "tampermonkey", just disable it, reload and try login again.

I'm not sure why but in my case, I just restarted the 'Apache24' service from the Task Manager, and I was able to log in successfully afterward.

I take some days to try to resolve the issue. Finally, the reason is php and phpMyAdmin versions are not compatible together.

• PHP 8.1.4 => error
• PHP 8.0.17 => ok

Create folder on this path: /var/cpanel/php/sessions/ea-php74

and give permission: sudo chmod 777 /var/cpanel/php/sessions/ea-php74

Another thing might be, if you have set something like:

<IfModule mod_headers.c>
    Header always set X-Frame-Options "sameorigin"
    Header always set X-XSS-Protection "1; mode=block"
    Header always edit Set-Cookie (.*) "$1; SameSite=Strict"
</IfModule>

server-wide, like I did^^, you have to set:

Header always edit Set-Cookie (.*) "$1; SameSite=Strict"

only for the hosts which really needs it.

In my case the reason of the error was doubled slash after domain name: https://example.com//myadmin. When I removed extra slash phpMyAdmin started to login

If all of the solutions above don't work, just use a different browser.

It will work right away.

For a person who get this error now disable all your extensions on chrome and retry.

I just cleared the page cookies and it get fixed for me. click lock icon in search bar and clear page cookies from cookies section.

In my case, in docker I just updated to latest version of phpmyadmin.

It happened in all browsers as well after clearing cache and data. In my case the error message was not representative.

My architecture: Browser -> AWS ALB -> PHPMyadmin Fargate container -> RDS

My misconfiguration was forgetting opening the correct port from Fargate container towards RDS.

There is a line in config.inc.php that you MUST fill for cookie auth to work:

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

you can use md5sum to get you 32 random bytes:

head /dev/random | md5sum