Zammad Solve CSRF token verification failed on login

  • Blog
  • Zammad Solve CSRF token verification failed on login

If you get the error message “CSRF token verification failed” when attempting to login to your Zammad Web Dashboard, we’ve got a solution for you. In most installations of Zammad, whether dockerized or direct packages installations on a base OS, access is proxied via Nginx or Apache web server.

The “Can’t login because of CSRF token errors” is usually witnessed on systems with more than one proxy server. To solve the issue we need to tell our web server which connection type was used by the user. Open your Zammad proxy configuration file.

For Nginx users

If you are running Zammad behind Nginx proxy server, open your virtual host configuration and locate both directives proxy_set_header X-Forwarded-Proto and replace $scheme by https.

sudo vim /etc/nginx/conf.d/zammad.conf

It should look like below after the changes.

proxy_set_header X-Forwarded-Proto https;

Replace all occurrences under the following blocks:

  • location /ws
  • location /cable
  • location /

Restart nginx after making the changes:

sudo systemctl restart nginx

For Apache users

Open your virtual host configuration just above the first ProxyPass directive insert:

RequestHeader set X_FORWARDED_PROTO 'https'
RequestHeader set X-Forwarded-Ssl on

Restart Apache web server after the changes are made:

sudo systemctl restart apache2

Your IT Journey Starts Here!

Ready to level up your IT skills? Our new eLearning platform is coming soon to help you master the latest technologies.

  • Learn at your own pace
  • Access expert-led premium content
  • Gain in-demand IT certification tips and practice questions
  • Master essential skills: Linux, Scripting and Automation, Kubernetes, Cloud, IaC, GitOps, DevOps, Cybersecurity, and more.

Be the first to know when we launch! Join our waitlist now.

Join Waiting List
Twitter Facebook Linkedin Whatsapp Reddit

Join our Linux and open source community. Subscribe to our newsletter for tips, tricks, and collaboration opportunities!

Recent Post

Categories

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Post

Git PR vs MR vs Release vs RC vs Tag vs Branch

Let’s clarify the differences between merge requests (commonly called pull requests in GitHub), releases, release candidates (RCs), tags, and branches […]

  • NO COMMENTS
  • September 5, 2024
Set up Kind Kubernetes with Nginx Ingress using Terraform

Kind (which in full means “Kubernetes IN Docker”), is a command line tool that enables you to run Kubernetes clusters […]

  • NO COMMENTS
  • September 1, 2024
Migrate packages from one cPanel server to another

Are you looking for an easy way to migrate packages from one cPanel server to a new cPanel server? In […]

  • NO COMMENTS
  • August 28, 2024

You can connect with CloudSpinx using the following channels

Hosting Services  
Consultancy Services
Development Services
Networking Services
  • Structured Cabling
  • Firewall solutions
  • Smart Home Solutions
  • Internet filtering
  • Surveillance
  • Communication
Storage & Backup
  • NAS / SAN Storage
  • Software-defined storage (SDS)
  • OS / Apps Backups
  • CCTV Backups
  • Data Recovery
Office Services
Business Applications
  • ERP
  • CRM
  • POS
  • Project Management
  • Communication
  • Communication & Collaboration
  • Accounting & Finance
  • Asset Management
  • E-commerce Platforms
  • Business intelligence
Latest Articles
Newsletter
Follow Us
X-twitter Linkedin Facebook-f Github
Contact US
© Copyright 2024 CloudSpinx Limited
Download CloudSpinx Profile!

Cancellation Policy

Refund Policy

TOS

Let's Connect

Unleash the full potential of your business with CloudSpinx. Our expert solutions specialists are standing by to answer your questions and tailor a plan that perfectly aligns with your unique needs.
You will get a response from our solutions specialist within 12 hours
We understand emergencies can be stressful. For immediate assistance, chat with us now

Contact CloudSpinx today!

Download CloudSpinx Profile

Discover the full spectrum of our expertise and services by downloading our detailed Company Profile. Simply enter your first name, last name, and email address.