Request made from incorrect origin



I am having an issue with signin. I put my username and password in and click signin and then I am immediately directed to a 400 response page with the error “Request made from incorrect origin.” I know my password is correct because if i use an incorrect password I am requested to “Retry.” I recently upgraded from 2.1.3 to 2.2.1 using “ghost update”

  • What’s your URL?
  • What version of Ghost are you using? v2.2.1
  • What configuration? Debian 9.5, nginx v1.14.0 (letsencrypt certificate), mariadb v10.1.26, node v6.9.2, PHP v7.0.30
  • What browser? chrome
  • What errors or information do you see in the console? no errors in console
  • What steps could someone else take to reproduce the issue you’re having? unknown


Hey :v:t2:

This was already reported and fixed today, see

The Ghost release 2.2.2 goes out tomorrow early morning, see comment.

You could for now execute ghost update --rollback to jump to your previous Ghost version.

Thanks for your detailed report :wave:


Thanks much for the reply. Github was the only place I didn’t look for this issue but should have.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.