kurtm wrote:After my ISP upgraded me to a new server I'm having similar problems getting the "Invalid CSRF token!XH-ERROR: Invalid CSRF token!" error.
This might be caused by a fatal PHP error, which terminates CMSimple_XH prematurely. I suggest that you enable debug-mode, and look for errors which are displayed in admin mode.
kurtm wrote:Also the "pagemanager" plugin gets a 403 error when trying to save. Similarly the "Settings/Language" configuration file save fails with 403 error.
This could be caused by mod_security or some similar security feature that your ISP has enabled. Pagemanager, for instance, does pass XML to the server, which simply might trigger that security check to be triggered. I suggest you ask your ISP to have a look at the respective error logs (if you can't have at look at these yourself), and tweak the security settings accordingly.
kurtm wrote:The version is CMSimple MOD 1.5.3a.
I don't know which version/variant this is, but CMSimple_XH 1.5.3 has known security issues, and unless they're fixed in CMSimple MOD 1.5.3a, you might be better off not to use it.