Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

admin page: Invalid Form Key, 404 Not Found, Request validation failed for CsrfValidator.php error

‎04-13-2023 03:03 AM
‎04-13-2023 03:03 AM

admin page: Invalid Form Key, 404 Not Found, Request validation failed for CsrfValidator.php error

after enabling SSL/HTTPS secure url, try to access the admin page will give:

Invalid Form Key, pls refresh page;

404 Not Found, oops;

 

In the log file can see the error:

Request validation failed for CsrfValidator.php error

 

[2023-04-13T09:44:51.329240+00:00] main.DEBUG: Request validation failed for action "Magento\Backend\Controller\Adminhtml\Index\Index\Interceptor" {"exception":"[object] (Magento\\Framework\\App\\Request\\InvalidRequestException(code: 0): Invalid request received at /var/www/magento2/vendor/magento/module-backend/App/Request/BackendValidator.php:176)"} []
[2023-04-13T09:45:14.687675+00:00] main.DEBUG: Request validation failed for action "Magento\Framework\App\Action\Forward\Interceptor" {"exception":"[object] (Magento\\Framework\\App\\Request\\InvalidRequestException(code: 0): Invalid request received at /var/www/magento2/vendor/magento/framework/App/Request/CsrfValidator.php:105)"} []
[2023-04-13T09:46:01.131966+00:00] main.DEBUG: Request validation failed for action "Magento\Framework\App\Action\Forward\Interceptor" {"exception":"[object] (Magento\\Framework\\App\\Request\\InvalidRequestException(code: 0): Invalid request received at /var/www/magento2/vendor/magento/framework/App/Request/CsrfValidator.php:105)"} []
[2023-04-13T09:50:38.416737+00:00] main.DEBUG: Request validation failed for action "Magento\Framework\App\Action\Forward\Interceptor" {"exception":"[object] (Magento\\Framework\\App\\Request\\InvalidRequestException(code: 0): Invalid request received at /var/www/magento2/vendor/magento/framework/App/Request/CsrfValidator.php:105)"} []

So what could be the cause?

A quick search shows a lot of people had this issue even back years ago with magento.

 

No its not related to the php.ini max var becasue its already 75000, default is 1000

plus it is saying it is invalid form key, why it is related to the max vars?

 

Some one even posting some temporary work around for this on github:

disable csrf validation entirely in:

 
CsrfValidatorSkip.php
di.xml
 
Any one know the solution?
 
Also what should be the correct combination while config ssl/https for magento? am I doing it correctly? Currently I have:
 
Magento:
redirect to base url: no (because I want to use domain.com instead of www)
base-url use http:// unchanged 
secure-url use https://
front end use secure url: yes
admin use secure url: yes
 
Nginx:
80 to 443 redirection in place
www. to non-www redirect in place
Labels:
0 Kudos
Reply
1 REPLY 1
‎04-19-2023 05:21 AM
‎04-19-2023 05:21 AM

Re: admin page: Invalid Form Key, 404 Not Found, Request validation failed for CsrfValidator.php err

Hello @skkj 

 

There are several reasons why you might be encountering these errors after enabling SSL/HTTPS on your Magento website. Here are some possible solutions:

  1. Clear your browser's cache and cookies and try accessing the admin page again. Sometimes, a corrupted cache can cause issues with the form key validation.

  2. Check your Magento configuration to make sure that the base URL for the secure domain is set correctly. To do this, go to System -> Configuration -> Web -> Secure, and make sure that the "Base URL" field is set to the correct HTTPS URL.

  3. Check your server's SSL certificate to make sure that it's valid and installed correctly. You can use an online SSL checker tool to verify your SSL certificate.

  4. Check your Magento file and folder permissions. Make sure that the necessary files and folders are writable by the web server. This can usually be fixed by running the following command in your Magento root directory:

sudo chmod -R 777 var/ pub/ app/
  1. If none of the above solutions work, you can try disabling the form key validation in Magento. To do this, go to System -> Configuration -> Admin -> Security -> Enable Form Key Validation On Admin and set it to "No".

 

I hope this helps you resolve your issue!

 
Was my answer helpful? You can accept it as a solution.
175+ Professional Extensions for M1 & M2
Need a developer?Just visit Contact Us Now
0 Kudos
Reply