Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Invalid CSRF Token Timeout setting

I'm running OST v1.9.8 on Windows Server 2012 R2.

Just wonder why "Invalid CSRF Token" shows up fairly frequently. 

It says Timeout setting is by default 24 hours. 
SESSION_TTL to be 24 hours (86400 seconds)

And i've checked the bootstrap.php in OST v1.9.8, it's also SESSION_TTL = 86400

However, it seems to me that the timeout is far shorter than 24 hours.

Anyone have similar experience please?


  • You should upgrade to current and see if the problem goes away.  If you are unwilling to upgrade to current then you should at least upgrade to the current version of the 1.9 tree. (1.9.15 as of this writing)
Sign In or Register to comment.