Invalid CSRF Protection Token, Fix WHMCS CentOS, Plesk, cPanel by Lee Claxton Sarasota

KVM VPS Hosting AdvertisementKVM VPS Unlimited Bandwidth

KVM VPS Hosting with KVM VPS Unlimited Bandwidth, KVM virtual private server hosting starting at only $30 a month. Cheap KVM Hosting up to 6 Cores @ 2.83Ghz, 12GB Memory, 1TB RAID-10 with Unlimited Bandwidth.

invalid csrf protection token

invalid csrf protection token this tutorial will help you fix WHMCS error CentOS 6 on Plesk 12. You can get an idea of what’s wrong by looking through here.

Invalid CSRF Protection Token

To fix WHMCS error Invalid CSRF Protection Token in WHMCS billing on Plesk, CentOS, CloudLinux. Should work for any linux distro and should give you an idea on any windows web server version. Some people say to add session_name(“WHMCS”); to your configuration.php file. But this will cause errors with captcha’s not working. You will need to correct the permissions for the customers php stored locations for it to work.

 

Fix WHMCS CentOS, Plesk, cPanel

Fix WHMCS Error CentOS, when you try to save or do any thing in WHMCS and get the Invalid CSRF Protection Token error you can fix it by making sure your php sessions location has the correct permissions.

It will usually be located at /var/lib/php/session depending on the php sessions location. You can find this in your php.ini file.

Check your php.ini for the session path or use command below to find it using grep.

nano /etc/php.ini

Command to Find Session Path in PHP.INI

cat /etc/php.ini | grep session.save_path

Changing permissions for your session.save_path which you should be able to find using the command above. Substitute what yours is.

If you’re running cPanel your default sessions folder is /tmp if you’re using CloudLinux use the command below to find all session folders.

find / -name session

If you’re running CloudLinux and CageFS you will have multiple session locations.

Find all your php.ini files.

find / -name php.ini

Once you figure out where your php sessions folder or folders are you will need to change the permissions using chmod and maybe your owner and group of the php session folder to make it work. Use the commands one at a time until you no longer get Invalid CSRF Protection Token.

chmod 1755 /var/lib/php/session

If the above still does not work you can try:

chmod 1775 /var/lib/php/session

If above still not works you can try:

chmod 1777 /var/lib/php/session

The above should work if it’s the correct php session location in your websites php.ini file.

Checking to make sure your php sessions location is working you can do ls -lsa on the directory to see if any files are located inside. If you see customers php session files being stored than you have set the correct permission. Change the location depending on what your php sessions location is.

ls -lsa /var/lib/php/session

 

Changing PHP Owner and Group and Looking at Websites PHP Sessions

If you are still unable to store customers php session files you should check your php.ini file which you can find by doing find / -name php.ini and edit the customers website or the main at /etc/php.ini you can also check the owner and group of /var/lib/php/session to make sure it’s correct. It should be root, some times applications you install could change this. But with 1777 permissions should work no matter what.

Check php sessions owner and group:

ls -lsa /var/lib/php

If running CloudLinux or any thing else the owner could be different than root.

chown root:root /var/lib/php

===========================================================================

Alpha Computer and Web Services

5439 Sawgrass RD

Sarasota FL 34232

941-539-9680

https://www.acshostings.com

Highly affordable PC Repair Sarasota technician will fix your Windows computer and Windows servers to Linux Servers and Linux computers. We do onsite computer repair sarasota area, inshop pc repair sarasota and remote pc repair services. We also do web services including offering dedicated servers, web hosting, domain names, ssl certificates, web design and tons more! Visit our website to learn more.

Written by:

Lee Claxton Sarasota

Lee Claxton Sarasota

Lee Claxton

Lee Claxton Sarasota