"access Forbidden. Csrf Attack Is Possible" Message


at the checkout our clients sometimes get a message "Access forbidden. CSRF attack is possible". CS Cart's helpdesk told me that "in most cases the issue with CSRF-attack appears because of the low value of the max_input_vars PHP directive on the server. In this case server truncates the request and if the security_hash parameter gets truncated, the error message appears."

However, we changed the parameter and the message still appears. Anyone faced this problem and knows how to fix it?

Thank you,