Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

2.4 publishing issue on user site

Go to End

6 Posts   2256 Views


Community Member, 26 Posts

18 May 2010 at 4:42pm

I am having a problem with 2.4 on a user site (i.e. development url is http://ip-number/~username/).

Steps to recreate:

1) edit a page in cms
2) save and publish
3) click "Published Site" in cms to view the page
4) back in the cms, try to update a page. save and publish just spins, and I am asked to login again.

I am unable to edit and a javascript alert comes up saying "please login and then try again".

If I don't view the site by clicking on the "Published Site" link, I can make changes, save them, and view in a separate window in the browser.


Community Member, 26 Posts

19 May 2010 at 3:13am

I have some more information about this. Looking at the firebug output, I'm getting the following message in the response when I try to save a page in the admin section: SecurityID doesn't match, possible CSRF attack.

Any ideas?


Community Member, 72 Posts

8 July 2010 at 11:56am

this might help, I am having the same problem, and it didn't help me, but give it a whirl. You never know.


Community Member, 349 Posts

8 July 2010 at 12:19pm


to _config.php


Community Member, 72 Posts

9 July 2010 at 9:51am

The issue I was having was a session problem from the hosting provider. You can control your own sessions by adding the following to the bottom of your .htaccess:

php_value session.gc_probability 1
php_value session.gc_divisor 100
php_value session.gc_maxlifetime 3600
php_value session.save_path /mnt/stor1/123456/

my session save path is outside my content folder that holds the web files, so it can't be accessed from the www.

Here is a link explaining the above.

Fred Condo

Community Member, 29 Posts

13 January 2011 at 8:06pm

Please do not disable all security tokens. This exposes your entire site to CSRF attacks.