Re: Security Error: No _CSRFToken exists in session. Try reloading previous page

5 posts by 3 authors in: Forums > CMS Builder
Last Post: December 10, 2019   (RSS)

By degreesnorth - October 23, 2019

In response to:

A few months ago I upgraded the client site to PHP 7.2 (and it was all working fine), but now I am getting this error too - "
Security Error: No _CSRFToken exists in session. Try reloading or going back to previous page."  

Can you advise how I can fix this as can't find anything else in the forum.


By daniel - October 23, 2019

Hi degreesnorth,

I sometimes encounter this issue when there's a mismatch between http and https URLs. Can you verify that the page(s) you're having issues with are using the correct protocol?


PHP Programmer

By degreesnorth - October 23, 2019

Yes, thanks, that was the issue.  Sorry, that seems so simple :(!

Appreciate your help.

By kitsguru - December 10, 2019

This can also happen if you are using the global /tmp directory for session storage which is the default.There may be system housekeeping tasks that remove the session storage files.

If possible change session.save_path in General Settings to the user account tmp directory. ~/tmp or may be hard coded using the home path instead of the tilde i.e. /home/useraccount/tmp. This will depend on the OS and control panel you are using. Easiest way to get  the path is check Program Directory in General Settings. You might need to create the directory if it doesn't exist and make sure it is outside your web root.


Jeff Shields