Ever since we upgraded to Bugzilla 3.2 at work, a new feature has been terrorizing me. On the login page, you’ll find ”Restrict this session to this IP address (using this option improves security)“. This box is always checked, and when enabled, every time you take your computer and login from a different IP (Say, while working from home, for example) you’ll have to login again.
This feature is poorly documented, but I finally found it. Under Bugzilla administration > Paramters > User Authentication > loginnetmask.
Change this value to 32. The checkbox will no longer appear on your site, and users won’t be forced to login again after picking up their laptop and plugging it in somewhere else.
Although the parameter is documented with this:
The number of bits for the netmask used if a user chooses to allow a login to be valid for more than a single IP. Setting this to 32 disables this feature.
Note that enabling this may decrease the security of your system.
I don’t see how a reasonable person would know that this would disable the “restrict this session to this IP address” functionality. I had to go look in the source to figure it out!
So, until it’s documented better… you’re welcome!