I'm having a trouble with a legacy Symfony application:
- The application has been deployed 2 years ago.
- The application was working perfectly until two days ago. Now, every user that try log in get CSRF error (CSRF invalid token)
- No modification has been made, neither software, nor on the server, NOTHING.
It's a critical application and I need to solve it. I have tried:
- Looking in Apache logs. I don't found any relevant information.
- Disable CSRF validation. That had no effect (the error is the same).
- Increase php limits (trying this answer)
Any ideas?
Some facts and versions:
"require": {
"php": ">=5.4.3",
"symfony/symfony": "~2.4",
"doctrine/orm": "~2.2,>=2.2.3",
"doctrine/doctrine-bundle": "~1.2",
"twig/extensions": "~1.0",
"symfony/assetic-bundle": "~2.3",
"symfony/swiftmailer-bundle": "~2.3",
"symfony/monolog-bundle": "~2.4",
"sensio/distribution-bundle": "~2.3",
"sensio/framework-extra-bundle": "~3.0",
"sensio/generator-bundle": "~2.3",
"incenteev/composer-parameter-handler": "~2.0",
"friendsofsymfony/user-bundle": "~2.0@dev",
"mopa/bootstrap-bundle": "v3.0.0-beta3",
"twbs/bootstrap": "v3.0.0",
"knplabs/knp-paginator-bundle": "dev-master",
"knplabs/knp-menu-bundle": "dev-master",
"knplabs/knp-menu": "2.0.*@dev",
"craue/formflow-bundle": "dev-master",
"leafo/lessphp": "0.4.0",
"genemu/form-bundle": "2.2.*",
"lrotherfield/form": "1.1.x-dev",
"stof/doctrine-extensions-bundle": "~1.1@dev",
"liip/imagine-bundle": "dev-master",
"dizda/cloud-backup-bundle": "dev-master",
"antimattr/google-bundle": "dev-master",
"friendsofsymfony/jsrouting-bundle": "@stable",
"pugx/multi-user-bundle": "3.0.*@dev",
"liuggio/excelbundle": "~2.0",
"fresh/doctrine-enum-bundle": "v2.5",
"igorw/file-serve-bundle": "~1.0",
"knplabs/knp-snappy-bundle": "dev-master",
"hakre/dropbox-uploader": "dev-master",
"dropbox/dropbox-sdk": "1.1.*"
},