我正在尝试解决此问题。消息:检测到CSRF攻击
我有两个cdn网址abc.com指向elb1和def.com指向elb2。
两个ELB(elb1和elb2)指向该负载平衡相同EC2实例(EC2-A和EC2-B)
我可以登录到服务器,其从abc.com 但我导航无法登录到从def.com导航的服务器
def.com登录提供以下错误。
由于两个DNS指向相同的EC2。 Web.config文件是相同的。
Message: CSRF attack detected.
Exception type: CMS.Protection.Web.UI.CsrfException
Stack trace:
at CMS.Protection.Web.UI.CsrfProtection.ThrowCsrfException(Exception innerException)
at CMS.Protection.Web.UI.CsrfProtection.OnPostMapRequestHandlerExecute(Object sender, EventArgs eventArgs)
at CMS.Base.AbstractHandler.CallEventHandler[TArgs](EventHandler`1 h, TArgs e)
at CMS.Base.AbstractHandler.Raise[TArgs](String partName, List`1 list, TArgs e, Boolean important)
at CMS.Base.SimpleHandler`2.RaiseExecute(TArgs e)
at CMS.Base.SimpleHandler`2.RaiseExecute(TArgs e)
at CMS.Base.SimpleHandler`2.StartEvent(TArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Message: Error occurred during a cryptographic operation.
Exception type: System.Security.Cryptography.CryptographicException
Stack trace:
at System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.HomogenizeErrors(Func`2 func, Byte[] input)
at CMS.Protection.Web.UI.CsrfProtection.OnPostMapRequestHandlerExecute(Object sender, EventArgs eventArgs)
它看起来像你从外部网站发送请求 –
似乎机器键不匹配。看看这个:https://docs.kentico.com/k10/configuring-kentico/optimizing-website-performance/setting-up-web-farms/configuring-web-farm-servers#Configuringwebfarmservers-配置machineKeyelementinweb.config可以你请指定你正在使用的HF版本? – bayotop
其kentico 10最新版 – SmartestVEGA