How to Enable CSRF (Cross Site Request Forgery) in CodeIgniter

In this post, I will show you enabling CSRF token in your CodeIgniter application. To enable CSRF (Cross Site Request Forgery) protection in CodeIgniter open application/config/config.php file change $config['csrf_protection'] = FALSE; to $config['csrf_protection'] = TRUE;, change below shown other configuration values of csrf as per your needs.

If you create a form (form_open()) using CodeIgniter form helper, you will find a hidden CSRF filed in your form.

If you are not using CI’s form helper, hidden input field will not generate automatically you have to set it manually as shown below, past this inside your form.

You might like this post – AJAX + CSRF Protection in Codeigniter ?

I hope you like this Post, Please feel free to comment below, your suggestion and problems if you face - we are here to solve your problems.

I am Arjun from Hyderabad (India). I have been working as a software engineer from last 7+ years, and its my passion to learn new things and implement them as a practice. Aside from work, I likes gardening and spending time with pets. Protection Status