Please Help! getting error mesg: "Security Error: No _CSRFToken exists in session. Try reloading previous page."

7 posts by 3 authors in: Forums > CMS Builder
Last Post: October 27, 2014   (RSS)

error mesg: "Security Error: No _CSRFToken exists in session. Try reloading previous page."

Hi equiniox,

This is happening because the session that contains the users _CSRFToken (which is used to prevent Cross-Site Request Forgery) is being unset. There are a couple of things you could look into to fix this:

  1. Try settings a directory to store your session data in, you can do this in the CMSB General settings area (see attached). On some hosting services the session files are deleted extremely often by the server unless you store them in a directory you can control.
  2. CMS Builder is set up so that session cookies remain for 24 hours, but some servers ignore this and use their own session limits, you might have to contact your hosting company and see if you have access to the session.gc_maxlifetime variable:
  3. ini_set('session.gc_maxlifetime', 3600);

You could also try disabling the `Check Referer` check box in the General Settings of the CMS, and see if this makes a difference, although your CMS backend will be slightly less secure if you do this.

Thanks,

Greg

Greg Thomas







PHP Programmer - interactivetools.com
Attachments:

CMS Builder.png 98K

error mesg: "Security Error: No _CSRFToken exists in session. Try reloading previous page."

By Codee - September 19, 2014

Thank you "Super G" !  ;-)

error mesg: "Security Error: No _CSRFToken exists in session. Try reloading previous page."

By zip222 - October 24, 2014

I am having the same issue and need assistance. 

error mesg: "Security Error: No _CSRFToken exists in session. Try reloading previous page."

Hi Zip,

Have you tried the changes I recommended in the post above?

Thanks,

Greg

Greg Thomas







PHP Programmer - interactivetools.com

error mesg: "Security Error: No _CSRFToken exists in session. Try reloading previous page."

By zip222 - October 25, 2014

yes, I did both of those things and I am able to login on my office computer, but not on my home computer. the home computer is where I original experienced the issues. I made the changes and was still unable to login at home. the next day I tried logging in at the office and was able to do so without issue. But I still can't connect at home.

error mesg: "Security Error: No _CSRFToken exists in session. Try reloading previous page."

Hi Zip,

This sounds like it might be a browser issue, what browser version and Operating system do you use at home? When you're unable to login, do you always get the "Security Error: No _CSRFToken exists in session. Try reloading previous page."  error message?

Thanks,

Greg

Greg Thomas







PHP Programmer - interactivetools.com