Forbidden (403) CSRF verification failed. Request aborted

I have setup the tutor on linux box, I can access both the lms and cms but when I try to login or forgot password. I am getting following error.

Forbidden (403)

CSRF verification failed. Request aborted.

You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.

If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for ‘same-origin’ requests.

I am using the site on http with default configuration. Can anyone point me to the documentation which will help to solve this.

Please describe as throughly as possible your issue. In particular:

  1. Which version of tutor are you running? (tutor --version)
  2. Have you enabled any plugin? (tutor plugins list)
  3. Which browser do you use?
  4. At what url is the error happening?
  5. Can you share a screenshot of the error?

Please find the below details.
tutor, version 10.1.0

discovery==10.1.0 (disabled)

ecommerce==10.1.0 (disabled)

lts==9.1.6 (disabled)

minio==10.1.0 (disabled)

notes==10.1.0 (disabled)

xqueue==10.1.0 (disabled)

Chrome - Version 84.0.4147.125 (Official Build) (64-bit)



@smaskar take a look at Users cannot login - CSRF cookie not set

Update to v10.2.0 and the problem should be solved

1 Like

Yes, this same bug was discussed elsewhere and resolved in v10.2.0.


Thank you, problem resolved after upgrade.

Recently I was trying tutor on AWS with its AMI and it has version 10.0.8, facing the same issue, can we upgrade it v10.2.0 ?. or what are the other options?

@arunpallikandath I pushed a new AMI release to AWS. Amazon unhelpfully does not include the upgrade instructions in the upgrade email, but you should run:

curl -fsSL | sh