DARKF3D3 Posted September 13, 2021 Share Posted September 13, 2021 There's a way to disable back office token? I often keep several tabs of the browser opened with back office pages, the problem it's that after a while when reopening these tabs Prestashop show message: "Invalid token: direct access to this link may lead to a potential security breach", so I have to reload all these pages again. This happens on PS1.7.7 (PHP7.3) while on the previous PS version I was using PS1.7.4 (PHP7.1) this didn't happen. So I'm wondering if there's a way to avoid this. 1 Link to comment Share on other sites More sharing options...
DARKF3D3 Posted July 20, 2022 Author Share Posted July 20, 2022 Any help? Link to comment Share on other sites More sharing options...
dbdropper Posted July 17, 2023 Share Posted July 17, 2023 Found it! https://devdocs.prestashop-project.org/8/development/configuration/configuring-prestashop/#disable-the-back-office-token-protection Apache with mod_headers: SetEnv _TOKEN_ disabled Nginx with ngx_http_headers_module: add_header _TOKEN_ disabled; Link to comment Share on other sites More sharing options...
Julien Guézennec Posted January 24 Share Posted January 24 I was running this solution for month, it was nice, but this morning (24/1/24) the backoffice is in error 504... Removed the Apache .htaccess instruction and it work again... #SetEnv _TOKEN_ disabled Anybody have solution to remove the token again ? Prestashop log : *ERROR* v1.7.8.11 2024/01/24 - 09:18:30: Token is not defined ! at line 229 in file modules/ps_metrics/src/Helper/PrestaShopHelper.php Apache log : 2024-01-23 17:14:39Error217.30.10.68[client 217.30.10.68] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.officedental.fr"] [uri "/.env"] [unique_id "Za-l74e3vi0HlsyAzJfW9gAAANg"] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now