• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

An HTTP_REFERER error

Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
3 Posts 3 Posters 24.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • I
    indeec
    last edited by Aug 16, 2012, 5:51 PM

    First of all hello everybody.

    I maked a fresh pfsense install with the latest build and get an error when try to log in the web interface:

    An HTTP_REFERER was detected other than what is defined in System -> Advanced (http://192.168.2.1:8080/). You can disable this check if needed in System -> Advanced -> Admin.
    

    I know that this is old bug and there are some workaround. But no one of them help me. I installed pfsense on the VM. Just want to see if i can use it.
    So, my question is: can i switch off the http referer or all security checks from pfsense developer shell or through ssh? I think, if it possible, it can be usefull for many people.

    Thanks.

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Aug 20, 2012, 7:15 PM

      If you access the firewall by its actual IP address that won't be an issue. You must be trying to access it via some other NAT or weird routing way.

      Normally in a VM environment you install from the ISO/OVA, setup a VM behind the firewall to reach the gui on its LAN IP, and go from there.

      If you must reach it via the external IP directly, you can add an "allow all" rule temporarily until you can add a real rule to let you in. There is no need to involve NAT on the firewall to reach the GUI.

      http://doc.pfsense.org/index.php/I_locked_myself_out_of_the_WebGUI,_help!#Remotely_Circumvent_Firewall_Lockout_by_Temporarily_Changing_the_Firewall_Rules

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • L
        Lee Sharp
        last edited by Aug 29, 2012, 1:39 AM

        It also happens if you have a domain names defined in a hosts file, or even on the firewall itself.  Go to System -> Advanced and check "Disable HTTP_REFERER enforcement check" and depending on your environment you may want to check "Disable DNS Rebinding Checks" as well.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          [[user:consent.lead]]
          [[user:consent.not_received]]