OpenDocMan Discourse

403 Access Forbidden by CSRFProtector! after clean installation

I just installed opendocman 1.3.7 on a clean opensuse leap 15.2. I followed the install instructions but I had to manually add base_url. I see the login page, but after logging in as admin without a password (as instructed) I get the message " 403 Access Forbidden by CSRFProtector!"

All help to get it working is appreciated!


Within functions.php I commented out the original function base_url() and replaced it with a hardcoded path:

function base_url(){
    return sprintf("http://localhost/opendocman"); 

After that restarted apache2 and it solved the problem. But who wants this kind of fix???

For my testing purposes it is OK, but for everhting else …

PS: install instructions said that at first time login as admin without a password … it should be with password, same as username :slight_smile:

Hello i also try to update to new version 1.3.7 and my address is:


i enter the application without issue, but when i try to select one option the link is to root folder of localhost

We believe this is related to OpenDocMan installations that use a sub-directory approach (ie. http://localhost/opendoc/ vs http://localhost/). We will try to get a patch pushed to master for this.

@opendocman Thank you for your time!

By the way, great software nevertheless!

Thank you! Stay Safe!

This issue should be resolved in the latest release.