Solved CSRF check failed

balanga

Son of Beastie

Reaction score: 194
Messages: 3,738

I'm getting this error msg when I try connecting to my pfSense box. I've never had it before. Looking at similar topics I don't see anything relevant to me. The msg hasn't timed out over the last two days. I tried posting about this on the pfSense forum, but just get Error ... error on their site. Also tried connecting to my box from a different machine, but just get a

This site can't be reached

The box obviously is working because it is successfully acting as a router to the Internet. Is there anything I can check from the console? eg top etc..which might give me an idea about what is wrong...
 

richardtoohey2

Well-Known Member

Reaction score: 260
Messages: 495

Looks like port 80 or port 443 traffic isn't accepted or there's a DNS issue - something to do with your network set-up.

Is the machine listening on ports 80 and 443 (or whatever ports you are using)?

If you try connecting on the box itself to those ports (i.e. using localhost or 127.0.0.1), does that work? e.g. using telnet or wget or similar. If it seems to be working on the box, then is it accepting remote connections? Are the remote connections getting through? Do you have a firewall? Check the logs for whatever programs you are using.

EDIT: but re-reading your title, maybe the connection is being made but you are getting an error (somewhere?) about "CSRF check failed"? If so, what is showing that error? Your web browser? A log somewhere?
 
OP
B

balanga

Son of Beastie

Reaction score: 194
Messages: 3,738

Looks like port 80 or port 443 traffic isn't accepted or there's a DNS issue - something to do with your network set-up.

Is the machine listening on ports 80 and 443 (or whatever ports you are using)?

If you try connecting on the box itself to those ports (i.e. using localhost or 127.0.0.1), does that work? e.g. using telnet or wget or similar. If it seems to be working on the box, then is it accepting remote connections? Are the remote connections getting through? Do you have a firewall? Check the logs for whatever programs you are using.

EDIT: but re-reading your title, maybe the connection is being made but you are getting an error (somewhere?) about "CSRF check failed"? If so, what is showing that error? Your web browser? A log somewhere?
It looks like this in my browser. There was something screwed up on the system, although it seems to have cleared itself up after a couple reboots of the server, so I don't really know what caused it.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 10,898
Messages: 36,805

Check the cookie settings on your browser.
 

OlivierW

Member

Reaction score: 8
Messages: 49

I don't know how pfsense's CSRF tokens are generated, but maybe it is time based.
So, you could have a problem with the date/time on your pfsenses box or your computer: can be a NTP issue and/or CMOS battery.
 
OP
B

balanga

Son of Beastie

Reaction score: 194
Messages: 3,738

I don't know how pfsense's CSRF tokens are generated, but maybe it is time based.
So, you could have a problem with the date/time on your pfsenses box or your computer: can be a NTP issue and/or CMOS battery.
Someone pointed out this page as a possible solution.

Here's how I would go about getting around this:
  1. Open the chrome developer console
  2. Open the network tab
  3. Reload the page
  4. Right click the main page's request
  5. Mouse of "Copy", and then in the side drop out select "Copy as cURL"
  6. Go to https://curl.trillworks.com and past your cURL command in to get a python requests program that will make the same request.

I got as far as 5. but couldn't figure what that meant.
 

covacat

Member

Reaction score: 28
Messages: 85

if you have curl installed you can paste that right in the terminal
basically you make the same request with curl as with chrome
(cant see how the curl cmd line or py program can be of any help)
 
OP
B

balanga

Son of Beastie

Reaction score: 194
Messages: 3,738

I found another suggestion which was to go Incognito. I did that and didn't get the error mentioned in the thread title so I'll mark that as problem solved.
 
Top