Invalid Security Token
Problem: You get this error in the Admin panel when logging in on performing operations
There are a few possible causes of the problem, all linked to the Session:
-
Try reloading your browser to get a fresh token
-
Try clearing your browser session cookies, Try logging out and back in.
-
Ensure you are running under SSL and a HTTPS URL if you have
session.secure: trueset in Grav'ssystem.yaml -
Check that PHP has the correct tmp path set up. This can be set in PHP directly, or by setting Grav's
system.yamlsession.pathsetting (it can also be set via Admin, in the System Configuration) Reported issue -
Make sure your web server config is right and includes the query string Reported issue
-
Make sure your hostname doesn't have underscores in it. It will cause the hostname to default to
unknown, making the session invalid.