This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Is it safe if comment out CSRF TOKEN? | Fix Application Error: [0204]
#1
Is it safe if comment out CSRF TOKEN? | Fix Application Error: [0204]
Hello. 
I just installed sentora for my centos 7 vps, installation is successful but when i try to login panel and i got message

"Application Error: [0204] - The form you attempted to submit had an invalid token!"

Fresh Re-installing sentora didn't work for me. Then i found the solution from here (just retake from archive.org) thanks dave Ozoalor from braintem.

Here is the tutorial

Quote:1. Search csfr.class.php

Code:
find / -name "csfr.class.php"


2. Open csfr.class.php (sentora directory= /etc/sentora/panel/dryden/runtime/csfr.class.php) with text editor and Comment out everything in the protect() function like this: Be careful not to comment out the function itself. Just comment out all what is inside.


PHP Code:
static function Protect() {
 
    /*
        if (isset($_POST['csfr_token']) && ($_POST['csfr_token'] == $_SESSION['zpcsfr'])) {
            self::Tokeniser();
            return true;
        }
        $error_html = "<style type=\"text/css\"><!--
            .dbwarning {
                    font-family: Verdana, Geneva, sans-serif;
                    font-size: 14px;
                    color: #C00;
                    background-color: #FCC;
                    padding: 30px;
                    border: 1px solid #C00;
            }
            p {
                    font-size: 12px;
                    color: Custom Vhost entries problem - Not working;
            }
            </style>
            <div class=\"dbwarning\"><strong>Application Error:</strong> [0204] - The form you attempted to submit had an invalid token!</p></div>";
        die($error_html);
        */
 
   


That is work for me, but is it safe?
Reply
Thanks given by:
#2
RE: Is it safe if comment out CSRF TOKEN? | Fix Application Error: [0204]
No. That bit of code helps protect against CSRF hijacking. https://en.wikipedia.org/wiki/Cross-site...st_forgery
If you are getting the error, there is something not right.

Try clearing your browser's cookies and cache.
Do not use the 'back' button at all when logged into the panel.

Me.B Any other suggestions?
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#3
RE: Is it safe if comment out CSRF TOKEN? | Fix Application Error: [0204]
Do you accept cookies? Seem you have an issue with your browser and you are never adviced to disabled CSRF.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
Repo update error hostingms 3 5 ,246 02-14-2024, 09:20 AM
Last Post: TGates
apt-get install mod_ssl ERROR CMs222 9 25 ,406 11-11-2022, 09:14 PM
Last Post: zustudios
Sentora debug and error files johnnyp 0 1 ,099 10-27-2022, 06:16 PM
Last Post: johnnyp

Forum Jump:


Users browsing this thread: 1 Guest(s)