The following error message:
Forbidden (403) CSRF verification failed. Request aborted More information is available with DEBUG=True
Might occur if you are using an apache / nginx running behind another Apache as a proxy.
To read more about CSRF go to wikipedia. It is basically an interception of a session exploiting the trust a browser has to a site.
So it is an security feature, that is interfered by the proxy.
You have most likely something like:
ProxyPass / https://$yourhost/ ProxyPassReverse / https://$yourhost/
In your apache config. That needs to be extended to:
ProxyPass / https://$yourhost/ ProxyPassReverse / https://$yourhost/ ProxyPreserveHost On
Quote from apache doc:
When enabled, this option will pass the Host: line from the incoming request to the proxied host, instead of the hostname specified in the ProxyPass line.
This option should normally be turned Off. It is mostly useful in special configurations like proxied mass name-based virtual hosting, where the original Host header needs to be evaluated by the backend server.