• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Still can't get in to web UI using dynFQDN after disabling http_referrer check

Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
15 Posts 10 Posters 9.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    clarknova
    last edited by Nov 12, 2010, 4:22 PM Nov 12, 2010, 4:14 PM

    2.0-BETA4  (i386)
    built on Thu Nov 11 23:42:14 EST 2010
    FreeBSD 8.1-RELEASE-p1

    I can log in using the IP address, but using the hostname (on LAN) or FQDN (dyndns) on WAN causes the http_referrer error, even though I have disabled that function.

    db

    1 Reply Last reply Reply Quote 0
    • S
      singerie
      last edited by Nov 12, 2010, 9:23 PM

      same here

      1 Reply Last reply Reply Quote 0
      • S
        skullripper
        last edited by Nov 13, 2010, 11:12 PM

        I have the same problem.

        1 Reply Last reply Reply Quote 0
        • B
          BlueMatt
          last edited by Nov 13, 2010, 11:23 PM

          http_referrer check is also not effected by the alternate hostnames list, even though the Admin page says it does.

          1 Reply Last reply Reply Quote 0
          • S
            skullripper
            last edited by Nov 14, 2010, 12:34 AM

            i fixed it just changed the name of my PFSense and the domain, i setted the name like the host in no-ip.org and no-ip.org in the domain.

            1 Reply Last reply Reply Quote 0
            • S
              sonicbuddha
              last edited by Nov 14, 2010, 12:40 AM

              2.0-BETA4 (i386)
              built on Sat Nov 13 09:16:47 EST 2010
              FreeBSD 8.1-RELEASE-p1

              I updated today from the Nov 7 release and experienced the HTTP_REFERER error attempting to reach any page but the dashboard.  The dashboard also has problem displaying update status.  Accessing via IP gave me full access.  Disabling HTTP_REFERER test on the admin page did not resolve this issue.  Adding my hostname and FQDN to the Alternative Hostnames list resolved the majority of this issue (I am able to access all pages again), even with the HTTP_REFERER test enabled although the update status in the dashboard still reports an error when not using a FQDN.  My LAN DNS server is first on my DNS list for resolving and my non-FQDN resolves on the command line.  I haven't looked very deeply into this beyond the above but I am available for further details/testing.

              1 Reply Last reply Reply Quote 0
              • D
                Digital
                last edited by Nov 14, 2010, 6:42 PM

                Just experienced similar problem with the following current snapshot:

                2.0-BETA4 (i386)
                built on Sun Nov 14 03:54:29 EST 2010

                1. Disabling HTTP_REFERER enforcement check does not solve the problem - it appears that this setting is not working at all.
                2. When accessing web UI by real IP addresses on any interface - everything works fine.
                3. When trying to access web UI on any interface by any of the virtual IP addresses, getting HTTP_REFERER check error.
                4. Tried to add DNS records to internal zone which pointed to real internal interface IP address and then added that record to "Alternate hostnames" in pfSense settings: HTTP_REFERER error still appeared.

                1 Reply Last reply Reply Quote 0
                • J
                  jlepthien
                  last edited by Nov 14, 2010, 11:50 PM

                  I had the same problem…

                  I am connecting to my box with https://hostname:8443. What I did is enter the FQDN as hostname.domain.local into the 'Alternate Hostnames' field under advanced and then it worked for me. No need to disable the http_referer check...

                  | apple fanboy | music lover | network and security specialist | in love with cisco systems |

                  1 Reply Last reply Reply Quote 0
                  • T
                    TealC
                    last edited by Nov 17, 2010, 9:31 AM

                    I have the same problem. Entering the FQDN didn't help, and neither does disabling the check.

                    I'm currently on
                    2.0-BETA4 (i386)
                    built on Tue Nov 16 19:31:14 EST 2010

                    Also, maybe this is relevant: my Webgui is not running on port 80 or 443, but on port 81 with https enabled.

                    1 Reply Last reply Reply Quote 0
                    • B
                      BlueMatt
                      last edited by Nov 17, 2010, 3:15 PM

                      For me, it works fine, until I connect my second wan (opt5), then I have to use the FQDN to access the router.

                      1 Reply Last reply Reply Quote 0
                      • T
                        TealC
                        last edited by Nov 19, 2010, 9:16 AM

                        Now (2.0-BETA4 (i386) built on Thu Nov 18 23:22:28 EST 2010 ) its working! thx guys!  :)

                        btw, is there a bugtracker of some sorts?

                        1 Reply Last reply Reply Quote 0
                        • P
                          Perry
                          last edited by Nov 19, 2010, 9:32 AM

                          http://redmine.pfsense.org/projects/pfsense/activity

                          /Perry
                          doc.pfsense.org

                          1 Reply Last reply Reply Quote 0
                          • D
                            Digital
                            last edited by Nov 24, 2010, 1:02 AM

                            For build Sun Nov 21 02:37:38 EST 2010 I may confirm the following:

                            • disabling HTTP_REFERER enforcement check allows connecting to pfSense via any IP/hostname
                            • when HTTP_REFERER check is enabled, the error still apears when connecting via virtual IP (I'm using CARP type virtual IPs); when connecting to "real" interface's IP adress - error does not appear

                            IMHO: there's some kind of mistake in HTTP referer check logic - it should consider virtual IPs, but it does not (at least CARP type)

                            1 Reply Last reply Reply Quote 0
                            • E
                              eri--
                              last edited by Nov 24, 2010, 11:00 AM

                              It should as of yesterday.

                              1 Reply Last reply Reply Quote 0
                              • D
                                Digital
                                last edited by Dec 5, 2010, 4:27 PM

                                Had an opportunity to test with the version below - "CARP VIP problem" is gone, thanks!

                                2.0-BETA4 (i386)
                                built on Sat Dec 4 01:44:52 EST 2010

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                  This community forum collects and processes your personal information.
                                  consent.not_received