Release Support > Release Discussion

CSRF Enable

(1/1)

graceastrid:
how can I enable CSRF protection? couldn't find any instructions in the documentation :-\

JohnDoh:
CSRF protection is baked in, its not something that needs to be enabled. If you want to add extra security have a look at the use_secure_urls config options (and the notes about the URL rewrite rules)

Navigation

[0] Message Index