CSRF fails when changing domain name

Hello all,

I have built a new website in Laravel to replace a really ancient one made in codeignitor. They are hosted on separate servers running apache.

The laravel site was being hosted on a domain "beta.mywebsite.com" and the old website was hosted on "mywebsite.com". A day ago I tried to do a migration to make the Laravel site the main site. This are the steps I followed:

1. Change the ServerName directives in the apache configuration files from beta.mywebsite.com to mywebsite.com for the Laravel site, and mywebsite.com to classic.mywebsite.com for the old site
2. Change the DNS records to point mywebsite.com to the server hosting the laravel site, and classic.mywebsite.com to the server hosting the old site
3. Restart apache

Visiting mywebsite.com afterwards shows the Laravel site loading correctly. I tried to perform a login on the website, but it threw a CSRF Token Mismatch Exception. Since I only had 15 minutes to perform the switch and I wasn't confident of resolving the issue in that timeframe I panicked and quickly reverted the changes listed above.

The odd thing is, I do not encounter this issue when it was back on "beta.mywebsite.com", only after I made the switch.

I am soon going to perform another attempt at moving to the new domain. Is there something else I am missing here?

I'm trying to point out all the possible causes before performing another attempt at migration. I realized that I forgot to change APP_URL in config/app.php and the .env file. But I doubt that is the case because I had other projects with APP_URL stuck with "http://localhost" all the way from development and production and never got rejected by CSRF.

Any ideas?