SimpleRisk uses the csrf-magic library to include nonces in posts in order to prevent Cross Site Request Forgery attacks. When this library is first initialized, it creates a csrf-secret.php file located under the /includes/csrf-magic directory. You will likely see this error message if you are running multiple SimpleRisk instances behind a load balancer. To fix it, just make sure that the $secret variable is the same in each copy of this file on each SimpleRisk instance.
Why do I see "CSRF check failed. Your form session may have expired, or you may not have cookies enabled."? Print
Modified on: Sat, Jan 16, 2016 at 12:13 PM
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.