Fixing VTiger "Illegal request" for links from other domains

Problem

You’ve got a link to your VTiger installation from another domain, but any time you open it, you get an Illegal request error message, even though you are logged in correctly.

Solution

The reason for this error message is that vtiger validates the Referer (i.e. source URL of the request) as a protection layer against certain security issues, for example CSRF (cross-site request forgery). We will disable the referer check. Be sure to understand the implications before you do as suggested.

Disabling involves only editing a single code line. I tested this with VTiger 6.5.0, but likely only minor adjustments have to be made for other versions.

Steps to fix:


Check out similar posts by category: CRM