Skip to main content

#176 Last request denied, invalid security token

Posted in ‘NorrCompetition’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information (available for public)

PHP version
8.3

Latest post by b2z on Friday, 04 July 2025 16:50 EEST

Friday, 04 July 2025 13:33 EEST

Webjongens

https://www.stichting-babel.nl/inzenden is giving an error. We have previously used this same menu item for a competition last year though now i'm getting this error when I am not logged in.

error:
Het laatste verzoek is geweigerd omdat het een ongeldig veiligheidsteken bevat. Vernieuw de pagina en probeer het opnieuw.

Translated:
The last request was denied because it contained an invalid security token. Please refresh the page and try again.

Edited by Webjongens on 2025-07-04 14:33 EEST

Friday, 04 July 2025 15:06 EEST

System Task
system
The ticket information has been edited by Florian Julius (Webjongens).

Friday, 04 July 2025 15:09 EEST

sulpher
Hi Florian,
"Username and password do not match or you do not have an account yet." - in Joomla administrator panel. Please check out credentials.

Friday, 04 July 2025 15:23 EEST

sulpher
There are the following steps to go:
There should be an entry submission form. You can try to create a new menu item. Maybe the token is caching. Try to clear Joomla cache. And disable page cache if it is enabled (to make sure the problem occurs due to cache). If you have any script compressor like JCH Optimize, it also can impact on the result. The tests and investigation are needed.

Friday, 04 July 2025 15:59 EEST

Webjongens

Hi Sulpher,

I updated the password should work now. 

Currently standard Joomla caching is on, disabling the cache did seem to solve the issue. I will try using a different cache tool where we can exclude specific pages.

Best regards!

Friday, 04 July 2025 16:50 EEST

b2z

Hi Florian,

Just to note what my colleague wrote about the cache.

Using caching is ok, but in case of forms they can provide an unpredicted result, because forms use dynamically created CSRF token. This means that the token should be updated for every page request and should not be cached.

Talking about Joomla standard cache. I have enabled it on our test website and do not see any errors or issues. But as I said, cache is quite unpredictable. Also "System - Page Cache" plugin should be disabled as it caches the whole pages.

Kind regards,

Dmitrijs

Support information

Support hours: You can get our help: Monday - Friday / 09:00 to 17:00 (GMT+3), but not limited. Our staff is pleased to provide Premium support to every paid subscriber asap, but sometimes you should be ready to wait for our reply for up to 3 days.


Our time: / Your time:

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. We also ask you to remove temporary credentials at your site after the problem is resolved. Thank you.

Support of free extensions is not provided on this forum. Please submit your questions or report issues via Github tracker. See link on the product page.