Error: The CSRF protection key did not match. This may indicate a plugin or theme is out of date. Please contact technical support for more information.

I can login using Firefox, but when I attempt to login with Edge, I receive the error above. I can continue to login and out (and back in again) using Firefox.

I attempted to login using a private window with Edge, and I receive the following error message:

Oops!
Something went wrong. Please try again.

So, took the site offline, I cleared system caches, and disabled all addons. I then tried logging using the same admin account, with a new private window (Edge), and received the same 'Oops' error message.

Any suggestions or idea of what's happening?

Thanks.

 

Tried again just now and still received the error:

The CSRF protection key did not match. This may indicate an application or theme is out of date. Please contact technical support for more information.

Is this happening on a specific page or on just like your forum index? Are you using Safari by chance? If you are, could you please try updating to the latest release if you're not on it?

 

Is this happening on a specific page or on just like your forum index? Are you using Safari by chance? If you are, could you please try updating to the latest release if you're not on it?

It happens when I’m on my home page and I login. It happened just now (I’m on the latest version btw). It seems to happen when I’m on a mobile device (iPhone or iPad) versus computer. It happened again just now which prompted me to venture back to this topic.

what version of iOS are you on there?

Hi there, I'm having the the same issue on our development board since at least last Friday. We ignored it at first - and reported to google the we thought the error was... in error. 🙃

Now we get

1) can push through this page . .

and arrive here . .

Happy to start a new thread - wanted to check here first.

Thanks - Dave 'the new guy'

Just poking around - I note when I visit our first plug in vender - their site also listed as unsecure . . that's not causing the issue is it?

 

Just poking around - I note when I visit our first plug in vender - their site also listed as unsecure . . that's not causing the issue is it?

Can you try to disable all third party stuff and see if the error will go away? If it does, you can enable them one by one until you find the culprit so to speak.

Miss_B: Disabled adds ons, I still get the phishing warning, but no longer the next red warning page with the CSRF warning.

Marc - That's correct.

• re-reported to google.

• I separately re-enabled each addon, logging out and closing browser and re logged in after doing this for each (of our 4 add ons). I've also cleared history. I no longer see the CSRF cert warning, but still get the phishing warning. So in that regard, we're back one step (the cert warnings started a few days after the phishing warnings began). So with the add ons enabled, currently no cert warning, but still a phishing warning. If the pattern repeats, perhaps the cert warning will return shortly. Or not.

• Marc - I'm not sure which add on you're referencing? I'm not able to identify one of them as causing an issue through this process. Am I missing something?

Edited April 3Apr 3 by Indy Dave

Thanks for all the help. To review . . . Here's what we've done on our end, and we still have the phishing warning, across browsers:

• We've disabled ALL third party applications and or plug ins

• Deleted systems cache

• Taken site off line, and put it back on line

• deleted browser cache and histories (on multiple admin's user machines)

We're still getting the deceptive site warnings/phishing attempts detected. We have reported to google several times already.

Since this issue now seems to no longer be CSRF cert invalid, I'll move on. If we continue to have the risky site warnings, I'll start a fresh topic.

Thanks again!