BE-Login: The 'ole «This request was aborted because it appears to be forged»-Problem

[update AG]

Hi all

I'm trying to get a copy of an installation to run on my local machine. Copied the DB and all files from the server.

Besides being painfully slow (which might just be my machine), I can't login to the backend.

I get the infamous «This request was aborted because it appears to be forged»-Error.

Tried EVERYTHING I was able to find in the forum (file/folder permissions in site/assets, deleting said folders, cleared the session-table in the DB and so on…) - I can't get it to work.

PW 3.0.165

Heeeeeeelp ?

[Edit] I also tried disabling the CSRF-Protection in the config, which gets rid of the error, but the login still doesn't work. I just get back to the login page without an error.

[alexm]

@update AG assuming you've tried a different browser and/or a private window so you know there is no issue with cookies?

Have you enabled DB session handling? Or are you using the default file based system? If the latter you should see that the relevant files are created here: /site/assets/sessions/

I'm wondering whether anything else could have a strange effect like the wrong url in httpHosts array in config.php or perhaps a rewrite condition in .htaccess? like https or www.