Failed login attempt, forbidden, invalid csrf token

Solved Technical Support
  • I have a fresh install of NodeBB v0.8.1 on Ubuntu (Microsoft Azure VM). Installation and config went smoothly as well as registering a few initial users, etc.

    A few hours later new users as well as myself are consistently getting a Forbidden error when trying to login or register a new account.

    ./nodebb log simply says invalid csrf token for the /register and /login routes.

    There have been a few other posts on here spanning the last several months regarding invalid csrf tokens. Some hint at solutions involving DNS propogation or resetting the themes.

    Using redis-server 3.0.3
    Current theme: Persona v2.1.25
    Git hash: 8ff79af6b916b1741f957968f7cab06b68a406b2

    Thanks for any ideas.


    While troubleshooting an issue with the email plugin, we added our site domain in ACP settings > advanced > domain-settings.

    Removing these two domains back to their defaults (blank) immediately solved the invalid csrf token issues.

  • (can't mark this as Solved ... does a moderator need to do this or are there just issues with Q&A plugin?)

  • Thanks for the update @amarinelli

Suggested Topics