XF 2.1 Security error issues

Lee

Lee

Well-known member
I have a user who browsed using a proxy server.

Since the upgrade to 2.1 RC1 they are getting security errors whenever they try and submit a post.

Is this a bug that has been potentially introduced between beta and RC? Or do I have something misconfgured?
 
Sort by date Sort by votes
Hugely unlikely to be any bug here.

I'm assuming you are referring to this message specifically:
Security error occurred. Please press back, refresh the page, and try again.
Click to expand...
If their proxy server IP address is changing all of the time, then it could be invalidating their session which would be breaking the request.

Other causes could be related to browser extensions etc. If it is only happening with one user then it is almost certainly something they have changed or something local to them.
 
Upvote 0 Downvote
Have you had any luck resolving this? I am having the same issue reported by a few of my forum members, it has seemed to come up more frequently since I started using cloudflare as well. From all the tutorials that I have seen I do believe that I have cloudflare set up correctly.
 
Upvote 0 Downvote
Same here, our members are complaining about seeing this error message frequently after started using Cloudflare.

It seems to be related to IP address changes on their mobile devices.

Steps to reproduce - everything takes place on a mobile phone, when not connected to the WiFi network, but to the network of mobile operator:
  1. Login to Forum (which is using Cloudflare)
  2. Write a message
  3. Switch to some other app (leaving the browser)
  4. More than 4 hours passes (user session limit)
  5. Open email app
  6. Got notification from Forum about a new message in the forum topic, click the link to visit it
  7. The corresponding page of the Forum opens (seeing that you are no longer logged in)
  8. "Security error occurred. Please press back, refresh the page, and try again" dialog appears.
  9. After refreshing the page, the same message pops up again
  10. Any subsequent page you visit - the same message keeps popping up
  11. The only solution to stop seeing the error is to log in to the Forum again
@Chris D any ideas how to solve this? Is $config['enableLoginCsrf'] = false; setting related?
 
Last edited:
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

LuckyRiver
  • Question Question
XF 2.3 Security error occurred when login to admin console
Replies
1
Views
90
Chris D
Chris D
Mr Lucky
  • Question Question
XF 2.2 Security error occurred. Please press back, refresh the page, and try again.
2
Replies
28
Views
2K
Suzanne O
Suzanne O
Artonn
Moving my namecheap hosting to Digital ocean droplet (internal server error issues)
Replies
11
Views
473
Artonn
Artonn
SeToY
  • Solved
XF 2.2 Properly fix security issue with v2.2.16
Replies
19
Views
321
FTL
FTL
I
"Security error occurred" dialog when IP address changes
Replies
8
Views
1K
digitalpoint
digitalpoint
Back
Top Bottom