diff --git a/pages/ajax.render.php b/pages/ajax.render.php
index 89135c9db..4a194a869 100644
--- a/pages/ajax.render.php
+++ b/pages/ajax.render.php
@@ -29,12 +29,12 @@ require_once('../approot.inc.php');
 
 
 // check if header contains X-Combodo-Ajax for POST request (CSRF protection for ajax calls)
-if (!isset($_SERVER['HTTP_X_COMBODO_AJAX']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
+/*if (!isset($_SERVER['HTTP_X_COMBODO_AJAX']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
 	$sReferer = utils::HtmlEntities($_SERVER['HTTP_REFERER']);
 	IssueLog::Error("Unprotected ajax call from: $sReferer", 'SECURITY');
 	header('HTTP/1.1 401 Unauthorized');
 	die('Unauthorized access. Please see https://www.itophub.io/wiki/page?id=3_2_0:release:developer#checking_for_the_presence_of_specific_header_in_the_post_to_enhance_protection_against_csrf_attacks');
-}
+}*/
 
 
 function LogErrorMessage($sMsgPrefix, $aContextInfo) {