Usage Guide and Documentation


Invalid CSRF Token Error

Cross-Site Request Forgery (CSRF) is an attack that forces authenticated users to send a request to an authenticated web application. CSRF attacks exploit a web application's trust in an authenticated user. A CSRF attack exploits a security vulnerability of a web application (software, scripts, etc.) that cannot distinguish between a genuine user-generated request and a fake-generated request.

In order to prevent CSRF forgery on WISECP, CSRF TOKEN is used in all form fields. In this way, it is easily understood whether the request was sent with the permission and authority of a real user. However, in some cases, the CSRF TOKEN cannot be processed into the SESSION information of the user on the server and the "Invalid CSRF Token" error occurs.

Possible causes and solutions for this are as follows:

  1. Your "session" directory may not be writable. (High possibility)
    Solution: Update the "" field in the "PHP.ini" settings as seen. (It should be seen as marked in the screenshot.)
  2. Your disk space may be full.
    Solution: Make sure that the disk space allocated for your hosting service is not full. For testing, you can try uploading a file to your site via FTP.
  3. The cookie settings of your web browser (Chrome, Mozilla, etc.) may be turned off.
    Solution: Make sure that the cookie features are not disabled by examining your web browser settings. If you can login to any other website, it means there is no problem with your browser.

If the instructions described above do not work for you, it means that session records cannot be created on your server for a different reason.

We recommend that you seek support from the service provider you receive server service from or a server management specialist regarding your issue.

HTML/JavaScript Tags MySQL Strict Mode Issue

Do you have any questions?

Feel free to contact us
Contact Us
Copyright © 2023. All Rights Reserved.
Join Our Discord Channel