Zammad Solve CSRF token verification failed on login

  • Blog
  • Zammad Solve CSRF token verification failed on login

If you get the error message “CSRF token verification failed” when attempting to login to your Zammad Web Dashboard, we’ve got a solution for you. In most installations of Zammad, whether dockerized or direct packages installations on a base OS, access is proxied via Nginx or Apache web server.

The “Can’t login because of CSRF token errors” is usually witnessed on systems with more than one proxy server. To solve the issue we need to tell our web server which connection type was used by the user. Open your Zammad proxy configuration file.

For Nginx users

If you are running Zammad behind Nginx proxy server, open your virtual host configuration and locate both directives proxy_set_header X-Forwarded-Proto and replace $scheme by https.

sudo vim /etc/nginx/conf.d/zammad.conf

It should look like below after the changes.

proxy_set_header X-Forwarded-Proto https;

Replace all occurrences under the following blocks:

  • location /ws
  • location /cable
  • location /

Restart nginx after making the changes:

sudo systemctl restart nginx

For Apache users

Open your virtual host configuration just above the first ProxyPass directive insert:

RequestHeader set X_FORWARDED_PROTO 'https'
RequestHeader set X-Forwarded-Ssl on

Restart Apache web server after the changes are made:

sudo systemctl restart apache2

Your IT Journey Starts Here!

Ready to level up your IT skills? Our new eLearning platform is coming soon to help you master the latest technologies.

  • Learn at your own pace
  • Access expert-led premium content
  • Gain in-demand IT certification tips and practice questions
  • Master essential skills: Linux, Scripting and Automation, Kubernetes, Cloud, IaC, GitOps, DevOps, Cybersecurity, and more.

Be the first to know when we launch! Join our waitlist now.

Join Waiting List
Twitter Facebook Linkedin Whatsapp Reddit

Join our Linux and open source community. Subscribe to our newsletter for tips, tricks, and collaboration opportunities!

Recent Post

Categories

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Post

Microsoft Edge vs Chrome – which is better

The web browser is the key arsenal that we use to browse the internet. If you want to access information […]

  • NO COMMENTS
  • November 21, 2024
Install Java 11 (OpenJDK 11) on Oracle Linux 8

In this guide,we will look at how you can install Java 11 on Oracle Linux 8. Java is a widely […]

  • NO COMMENTS
  • November 17, 2024
How To Install Podman in Amazon Linux 2

The adoption of Containers and microservice architectures has been amazing and speedy in the past few years. Docker is widely […]

  • NO COMMENTS
  • November 17, 2024

You can connect with CloudSpinx using the following channels

Hosting Services  
Consultancy Services
Development Services
Networking Services
  • Structured Cabling
  • Firewall solutions
  • Smart Home Solutions
  • Internet filtering
  • Surveillance
  • Communication
Storage & Backup
  • NAS / SAN Storage
  • Software-defined storage (SDS)
  • OS / Apps Backups
  • CCTV Backups
  • Data Recovery
Office Services
Business Applications
  • ERP
  • CRM
  • POS
  • Project Management
  • Communication
  • Communication & Collaboration
  • Accounting & Finance
  • Asset Management
  • E-commerce Platforms
  • Business intelligence
Latest Articles
Newsletter
Follow Us
X-twitter Linkedin Facebook-f Github
Contact US
© Copyright 2024 CloudSpinx Limited
Download CloudSpinx Profile!

Cancellation Policy

Refund Policy

TOS

Let's Connect

Unleash the full potential of your business with CloudSpinx. Our expert solutions specialists are standing by to answer your questions and tailor a plan that perfectly aligns with your unique needs.
You will get a response from our solutions specialist within 12 hours
We understand emergencies can be stressful. For immediate assistance, chat with us now

Contact CloudSpinx today!

Download CloudSpinx Profile

Discover the full spectrum of our expertise and services by downloading our detailed Company Profile. Simply enter your first name, last name, and email address.