Laravel 11 CSRF Token Exception at AWS EC2

Question

I’ve deployed a Laravel 11 application on AWS EC2 using a load-balanced architecture with three instances:

1. web1 and web2 handle general web traffic
2. web3 is dedicated to running queue-based cron jobs.

The setup is designed to maintain seamless user sessions across all instances. I’ve implemented Redis for caching and session management, and even enabled sticky sessions to bind user sessions to specific instances when necessary. This ensures that if a user starts a session on web1, they should be able to continue without issues when their request is routed to another instance like web2.

However, despite these configurations, I’m encountering a recurring bug: CSRF EXCEPTION when performing actions requiring authentication. This issue persists even though I’ve verified that Redis caching is functioning correctly, sticky sessions are enabled, and session storage is correctly configured in Laravel.

Given the large volume of concurrent users from Android and iOS devices, it’s crucial to identify and resolve the root cause of this session instability. Any insights or similar experiences with session management under high load in a distributed environment would be greatly appreciated.

Screen Shot of the Exception:

Answer 1

Did you already test to move the session to a database to ensure it'll be available to all servers?