Failed login attempt, forbidden, invalid csrf token



  • I have a fresh install of NodeBB v0.8.1 on Ubuntu (Microsoft Azure VM). Installation and config went smoothly as well as registering a few initial users, etc.

    A few hours later new users as well as myself are consistently getting a Forbidden error when trying to login or register a new account.

    ./nodebb log simply says invalid csrf token for the /register and /login routes.

    There have been a few other posts on here spanning the last several months regarding invalid csrf tokens. Some hint at solutions involving DNS propogation or resetting the themes.

    Using redis-server 3.0.3
    Current theme: Persona v2.1.25
    Git hash: 8ff79af6b916b1741f957968f7cab06b68a406b2

    Thanks for any ideas.



  • UPDATE

    While troubleshooting an issue with the email plugin, we added our site domain in ACP settings > advanced > domain-settings.

    Removing these two domains back to their defaults (blank) immediately solved the invalid csrf token issues.



  • (can't mark this as Solved ... does a moderator need to do this or are there just issues with Q&A plugin?)


  • Admin

    Thanks for the update @amarinelli




Looks like your connection to NodeBB was lost, please wait while we try to reconnect.