When I try to save settings for some plugins in network (subdirectory multisite) admin. Messages I get:
Cookie nonce is invalid
from the Application password plugin and…
A nonce security check failed, preventing the request from completing as expected. Please try reloading the page and trying again.
…from iThemes Security.
I did some digging and the problem is wp_verify_nonce() always return false. The cookie token never match the expected token. I have no idea why Wordpress is behaving in this way.
Do someone have an idea of what’s causing this issue? How can I solve this?
I using Bedrock and here is my settings (not including database, saltkeys, WP_ENV, etc.):
define('WP_HOME', 'http://my-local-cms.dev');
define('WP_SITEURL', 'http://my-local-cms.dev/backend');
define('CONTENT_DIR', '/app');
define('ADMIN_COOKIE_PATH', '/');
define('COOKIE_DOMAIN', '');
define('COOKIEPATH', '');
define('SITECOOKIEPATH', '');
define('WP_ALLOW_MULTISITE', true);
define('MULTISITE', true);
define('SUBDOMAIN_INSTALL', false);
define('DOMAIN_CURRENT_SITE', 'my-local-cms.dev');
define('PATH_CURRENT_SITE', '/');
define('SITE_ID_CURRENT_SITE', 1);
define('BLOG_ID_CURRENT_SITE', 1);
Edit note 2017-08-30: Info about it’s a subdirectory multisite install.