Hello,
at the checkout our clients sometimes get a message "Access forbidden. CSRF attack is possible". CS Cart's helpdesk told me that "in most cases the issue with CSRF-attack appears because of the low value of the max_input_vars PHP directive on the server. In this case server truncates the request and if the security_hash parameter gets truncated, the error message appears."
However, we changed the parameter and the message still appears. Anyone faced this problem and knows how to fix it?
Thank you,
Paulina