I am getting the following error in admin. I am able to explore the admin area, but as soon as I try to save a setting i get:
  I have cleared the cache, both server side and browser. rebooted server. Waited a couple of hours, to see if the token refreshes. Nothing seems to fix it.
Even placed the website into safe mode, didn't fix the error.

Any ideas? Unable to do anything in the admin area. Actually I can't do anything on the site at all.

I then went and tried to register another name and get the following after accepting my sites terms.

A POST request was made with a non-recognised security token; this has been blocked as it represents a security threat.

Hi,

It's a weird one. It may be something to do with ModSecurity or Suhosin altering the requests, or our workaround to that being incompatible with our POST token security somehow.

Is it possible I could get admin access to the install to run some tests?

If so please email me at [email protected] and I'll make sure whatever it is is resolved.

Best,
Chris

I had a backup which was only 6 hours old, so I ended up restoring it.
Everything seems ok for the moment. Hopefully it was a once off glitch.

Thankyou very much for the offer, if it happens again I will send through the details.

I believe I've resolved this one now. The session_cookie option is generated at install, and ends up in the compiled JavaScript files. If somehow old compiled JS files from another install are read (e.g. through browser cache, or accidental replacement), it will not match up the cookie name, so fail to get the session ID, so JavaScript will fail to be able to get the correct post token. It only affects certain areas that use JavaScript to generate the post token, like the config. It will be resolved in the next RC, as we'll generate the session_cookie option based on site URL rather than randomly.

Excellent work. Thankyou Chris.