Re: Security Error: No _CSRFToken exists in session. Try reloading previous page

5 posts by 3 authors in: Forums > CMS Builder
Last Post: December 10, 2019   (RSS)

In response to: https://www.interactivetools.com/forum/forum-posts.php?postNum=2239602#post2239602

A few months ago I upgraded the client site to PHP 7.2 (and it was all working fine), but now I am getting this error too - "
Security Error: No _CSRFToken exists in session. Try reloading or going back to previous page."  

Can you advise how I can fix this as can't find anything else in the forum.

Thanks

By daniel - October 23, 2019

Hi degreesnorth,

I sometimes encounter this issue when there's a mismatch between http and https URLs. Can you verify that the page(s) you're having issues with are using the correct protocol?

Thanks,

Daniel
Technical Lead
interactivetools.com

By daniel - October 23, 2019

Hey degreesnorth,

Glad that sorted it out! Simple solutions are always nice.

Cheers,

Daniel
Technical Lead
interactivetools.com

This can also happen if you are using the global /tmp directory for session storage which is the default.There may be system housekeeping tasks that remove the session storage files.

If possible change session.save_path in General Settings to the user account tmp directory. ~/tmp or may be hard coded using the home path instead of the tilde i.e. /home/useraccount/tmp. This will depend on the OS and control panel you are using. Easiest way to get  the path is check Program Directory in General Settings. You might need to create the directory if it doesn't exist and make sure it is outside your web root.

Jeff Shields