Forbidden Invalid CSRF Token +monit Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Come Celebrate our 10 Year Anniversary!Setting up monit to work with Varnish and nginxMonit doesn't pick up httpd process after resetmysql monitoring with monitHow to start dovecot?configure Monit application on Linux Centos error messageCan't find httpd.pid to use for Monit apache2 monitoringConfigure Monit to monitor PHP5-FPM on Ubuntu/Nginx setupAwaken monit daemon every few hours for all monitored processesExecute custom monit script upon failure to restart the processMonit not restarting process on kill

Is there a documented rationale why the House Ways and Means chairman can demand tax info?

How did the aliens keep their waters separated?

Windows 10: How to Lock (not sleep) laptop on lid close?

Statistical model of ligand substitution

If A makes B more likely then B makes A more likely"

Problem when applying foreach loop

Estimated State payment too big --> money back; + 2018 Tax Reform

Was credit for the black hole image misattributed?

What's the point in a preamp?

What do you call a plan that's an alternative plan in case your initial plan fails?

Aligning matrix of nodes with grid

Writing Thesis: Copying from published papers

How to politely respond to generic emails requesting a PhD/job in my lab? Without wasting too much time

Two different pronunciation of "понял"

Simulating Exploding Dice

What is the largest species of polychaete?

Communication vs. Technical skills ,which is more relevant for today's QA engineer positions?

Array/tabular for long multiplication

How to dynamically generate the hash value of a file while it gets downloaded from any website?

Can a 1st-level character have an ability score above 18?

Strange behaviour of Check

I'm thinking of a number

Cold is to Refrigerator as warm is to?

What computer would be fastest for Mathematica Home Edition?



Forbidden Invalid CSRF Token +monit



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Come Celebrate our 10 Year Anniversary!Setting up monit to work with Varnish and nginxMonit doesn't pick up httpd process after resetmysql monitoring with monitHow to start dovecot?configure Monit application on Linux Centos error messageCan't find httpd.pid to use for Monit apache2 monitoringConfigure Monit to monitor PHP5-FPM on Ubuntu/Nginx setupAwaken monit daemon every few hours for all monitored processesExecute custom monit script upon failure to restart the processMonit not restarting process on kill



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








2















I have installed monit on AWS ec2 and it working fine. But when I try to restart the nginx service through monit UI,i got an error like "Forbidden Invalid CSRF Token +monit".



My configuration 



check process nginx with pidfile /var/run/nginx.pid
 start program = "/etc/init.d/mysql start"
 stop program = "/etc/init.d/mysql stop"





linux monitoring monit







share|improve this question




























    2















    I have installed monit on AWS ec2 and it working fine. But when I try to restart the nginx service through monit UI,i got an error like "Forbidden Invalid CSRF Token +monit".



    My configuration 



    check process nginx with pidfile /var/run/nginx.pid
     start program = "/etc/init.d/mysql start"
     stop program = "/etc/init.d/mysql stop"





    linux monitoring monit







    share|improve this question
























      2












      2








      2








      I have installed monit on AWS ec2 and it working fine. But when I try to restart the nginx service through monit UI,i got an error like "Forbidden Invalid CSRF Token +monit".



      My configuration 



      check process nginx with pidfile /var/run/nginx.pid
       start program = "/etc/init.d/mysql start"
       stop program = "/etc/init.d/mysql stop"





      linux monitoring monit







      share|improve this question














      I have installed monit on AWS ec2 and it working fine. But when I try to restart the nginx service through monit UI,i got an error like "Forbidden Invalid CSRF Token +monit".



      My configuration 



      check process nginx with pidfile /var/run/nginx.pid
       start program = "/etc/init.d/mysql start"
       stop program = "/etc/init.d/mysql stop"





      linux monitoring monit




      linux monitoring monit






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Oct 15 '18 at 13:08









      Sruthin Kumar TKSruthin Kumar TK

      113




      113




















          1 Answer
          1






          active

          oldest

          votes


















          1














          monit implement double-submit cookie pattern to protect from csrf attacks, it send a cookie called securitytoken with post requests, but up to (at least) version 1.20 didn't take into account the presence of other cookies before the one mentioned.



          Beside upgrading to a newer version where it should be fixed there's a simple workaround, just delete the other cookies using the browser or make securitytoken the first in the list.






          share|improve this answer























            Your Answer








            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "2"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f935582%2fforbidden-invalid-csrf-token-monit%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            1














            monit implement double-submit cookie pattern to protect from csrf attacks, it send a cookie called securitytoken with post requests, but up to (at least) version 1.20 didn't take into account the presence of other cookies before the one mentioned.



            Beside upgrading to a newer version where it should be fixed there's a simple workaround, just delete the other cookies using the browser or make securitytoken the first in the list.






            share|improve this answer



























              1














              monit implement double-submit cookie pattern to protect from csrf attacks, it send a cookie called securitytoken with post requests, but up to (at least) version 1.20 didn't take into account the presence of other cookies before the one mentioned.



              Beside upgrading to a newer version where it should be fixed there's a simple workaround, just delete the other cookies using the browser or make securitytoken the first in the list.






              share|improve this answer

























                1












                1








                1







                monit implement double-submit cookie pattern to protect from csrf attacks, it send a cookie called securitytoken with post requests, but up to (at least) version 1.20 didn't take into account the presence of other cookies before the one mentioned.



                Beside upgrading to a newer version where it should be fixed there's a simple workaround, just delete the other cookies using the browser or make securitytoken the first in the list.






                share|improve this answer













                monit implement double-submit cookie pattern to protect from csrf attacks, it send a cookie called securitytoken with post requests, but up to (at least) version 1.20 didn't take into account the presence of other cookies before the one mentioned.



                Beside upgrading to a newer version where it should be fixed there's a simple workaround, just delete the other cookies using the browser or make securitytoken the first in the list.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Jan 8 at 7:58









                AlexAlex

                1112




                1112



























                    draft saved

                    draft discarded
















































                    Thanks for contributing an answer to Server Fault!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f935582%2fforbidden-invalid-csrf-token-monit%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    How to write a 12-bar blues melodyI-IV-V blues progressionHow to play the bridges in a standard blues progressionHow does Gdim7 fit in C# minor?question on a certain chord progressionMusicology of Melody12 bar blues, spread rhythm: alternative to 6th chord to avoid finger stretchChord progressions/ Root key/ MelodiesHow to put chords (POP-EDM) under a given lead vocal melody (starting from a good knowledge in music theory)Are there “rules” for improvising with the minor pentatonic scale over 12-bar shuffle?Confusion about blues scale and chords

                    Image
                    Why is a set not a partition of itself? Would an 8% reduction in drag outweigh the weight addition from this custom CFD-tested winglet? Labeling matrices/rectangles and drawing Sigma inside rectangle Unexpected Netflix account registered to my Gmail address - any way it could be a hack attempt? 51% attack - apparently very easy? refering to CZ's "rollback btc chain" - How to make sure such corruptible scenario can never happen so easily? Missouri raptors have wild hairdos Can someone explain homicide-related death rates? Why is tomato paste so cheap? What are the implications of the new alleged key recovery attack preprint on SIMON? Effects of ~10atm pressure on engine design Is taking modulus on both sides of an equation valid? Jumping frame contents with beamer and pgfplots Are there any established rules for splitting books into parts, chapters, sections etc? Anatomically Correct Carnivorous Tree Why do I get two different answers when solvi...
                    Read more

                    What if the end-user didn't have the required library?What is setup.py?What is a clean, pythonic way to have multiple constructors in Python?What does Ruby have that Python doesn't, and vice versa?What is the reason for having '//' in Python?How do I create a namespace package in Python?How to package shared objects that python modules depend on?setuptools vs. distutils: why is distutils still a thing?Navigation in Windows 10 vs code not going to virtualenv library when the same library is installed at user levelPython create package for local usePackaging a project that uses multiple python versionsWhy is permission denied on pip install except for when “--user” is included at end of command?

                    Image
                    Can a tourist shoot a gun in the USA? Will a coyote attack my dog on a leash while I'm on a hiking trail? Labeling matrices/rectangles and drawing Sigma inside rectangle How can I answer high-school writing prompts without sounding weird and fake? Is there ever any indication in the MCU as to how Spider-Man got his powers? Jumping frame contents with beamer and pgfplots Would an 8% reduction in drag outweigh the weight addition from this custom CFD-tested winglet? Is it possible to create different colors in rocket exhaust? German characters on US-International keyboard layout Does gravity affect the time evolution of a QM wave function? 51% attack - apparently very easy? refering to CZ's "rollback btc chain" - How to make sure such corruptible scenario can never happen so easily? Why are solar panels kept tilted? Is Germany still exporting arms to countries involved in Yemen? Unexpected Netflix account registered to my Gmail address - any wa...
                    Read more

                    Esgonzo ibérico Índice Descrición Distribución Hábitat Ameazas Notas Véxase tamén "Acerca dos nomes dos anfibios e réptiles galegos""Chalcides bedriagai"Chalcides bedriagai en Carrascal, L. M. Salvador, A. (Eds). Enciclopedia virtual de los vertebrados españoles. Museo Nacional de Ciencias Naturales, Madrid. España.Fotos

                    Image
                    escíncidospenínsula Ibéricaesgonzo comúnJacques von Bedriagaesgonzo comúndimorfismo sexualovovivíparaendémicaPenínsula IbéricaCordilleira CantábricaAsturiasPaís VascoGaliciaRías BaixasMurosCarnotaillas CíesOnsAtlánticoIllas CíesIlla de Onsilla do PesegueiroIlla de Sancti PetriMediterráneoMar MenorIlla de TabarcaGaliciaCantabriaBurgossolosdestrución do hábitatIUCN Abrir o menú principal Procurar Esgonzo ibérico Ler noutra lingua Vixiar esta páxina Editar function mfTempOpenSection(id)var block=document.getElementById("mf-section-"+id);block.className+=" open-block";block.previousSibling.className+=" open-block"; Esgonzo ibérico Estado de conservación Case ameazada Clasificaci...
                    Read more