Skip to main content
This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.
I am having a problem with 2.4 on a user site (i.e. development url is http://ip-number/~username/).
Steps to recreate:
1) edit a page in cms
2) save and publish
3) click "Published Site" in cms to view the page
4) back in the cms, try to update a page. save and publish just spins, and I am asked to login again.
If I don't view the site by clicking on the "Published Site" link, I can make changes, save them, and view in a separate window in the browser.
I have some more information about this. Looking at the firebug output, I'm getting the following message in the response when I try to save a page in the admin section: SecurityID doesn't match, possible CSRF attack.
The issue I was having was a session problem from the hosting provider. You can control your own sessions by adding the following to the bottom of your .htaccess:
php_value session.gc_probability 1
php_value session.gc_divisor 100
php_value session.gc_maxlifetime 3600
php_value session.save_path /mnt/stor1/123456/example.com/web/sessions
my session save path is outside my content folder that holds the web files, so it can't be accessed from the www.
Here is a link explaining the above.
Please do not disable all security tokens. This exposes your entire site to CSRF attacks.