csrf token: CSRF attack detected. for backend in production only

I added the security: true flag to my settings for the backend and was able to log in j开发者_C百科ust fine in my dev env, but not having any luck in production. I keep getting the above error. Any ideas or directions you could point me in?

The error was because in my production env I have no_script_name set to true and the login request was getting forward to the front end app which didn't recognize the token. I set up a subdomain with DirectoryIndex backend.php set in the vhost. Problem solved.