So after clearing all local data, deleting the session entries via CLI, restarting the server, etc...
I noticed that when I navigated to my forums this morning, I did not use the secure protocol URL I had in my config.json. 💩
I have a fresh install of NodeBB v0.8.1 on Ubuntu (Microsoft Azure VM). Installation and config went smoothly as well as registering a few initial users, etc.
A few hours later new users as well as myself are consistently getting a
Forbidden error when trying to login or register a new account.
./nodebb log simply says invalid csrf token for the
Using redis-server 3.0.3
Current theme: Persona v2.1.25
Thanks for any ideas.
While troubleshooting an issue with the email plugin, we added our site domain in ACP settings > advanced > domain-settings.
Removing these two domains back to their defaults (blank) immediately solved the
invalid csrf token issues.
(can't mark this as Solved ... does a moderator need to do this or are there just issues with Q&A plugin?)
Thanks for the update @amarinelli