"CSRF Token Not Valid” error message

The message continually shows and I noticed on the forum that these topics discuss this issue were automatically closed without resolution.

Please Cloudflare, could you shed some light on this?

Is this in the dashboard (https://dash.cloudflare.com), or a cPanel/Wordpress/etc plugin?

It is in the wordpress plugin and also on the Cloudflare dashboard

I’m not familar with the error myself, but found this tip. Due to how WordPress handles the CSRF token. Once a plugin reads it, it is cleared out, thus other plugins are unable to find it. This causes the issue with the Cloudflare plugin not able to find it and throws the invalid exception. This issue is due to other plugins in your WordPress installation taking the CSRF token before Cloudflare can read it. To find the plugin causing the issue please disable all plugins except Cloudflare then enable them one by one, loading the page after each. This will show you which plugin is causing the issue.

1 Like

Continuing the discussion from "CSRF Token Not Valid" error message:

1 Like

I am getting this and can find no resolution. Works fine on another site however not on the one I am getting it on. Please advise.

Hi @von, (just repeating my earlier caveat, I’ve not hit this one myself so relying on filtering what I find). Here are some suggestions:

  1. Usually this is solved by turning off all plugins except Cloudflare then enabling them one-by-one and reloading the page. This will then show you the plugin that is causing the issue.
  2. Verify you’re using the correct API key.
  3. If you use infinitewp, see this post.
  4. Try reinstalling the wordpress plugin and verify what other wordpress plugins you are running.
  5. Deactivate any ad blocker you have installed.
  6. Try in incognito mode.

This topic was automatically closed after 31 days. New replies are no longer allowed.