[SOLVED] Can not login to WebGUI from FQDN, only from IP



  • I have setup an FQDN and the inlog page is shown OK. However I can not login into the WebGUI.
    Strange is that if I look on IP ( which allows me to enter the WebGUI ) in the logging it is showing that login is succesfull?

    To test I created an extra account ( admin group ), so I can see in logging that the second account on FQDN URL is shown as succesfully logged in despite the fact I can not pass the login screen. Login pages is re-displayed.

    What am I missing here?

    Extra info: I only have a WAN port ( no LAN )

    Tom



  • What are the settings in System: Advanced: Admin Access ?

    In particular "Alternate Hostnames" setting may be of interest.

    Alternate Hostnames for DNS Rebinding and HTTP_REFERER Checks
    Here you can specify alternate hostnames by which the router may be queried, to bypass the DNS Rebinding Attack checks. Separate hostnames with spaces.



  • Still no luck.

    The correct hostnames is installed, and I tested with all the posibilities from:

    DNS Rebind Check
    Browser HTTP_REFERER enforcement

    But why is it saying in  System Logs: I twice for 1 login attempt )

    Oct 31 09:54:58 php-fpm[87931]: /index.php: Successful login for user 'tomr' from: xxx.xxx.xxx.xxx
    Oct 31 09:54:58 php-fpm[87931]: /index.php: Successful login for user 'tomr' from: xxx.xxx.xxx.xxx


  • Banned

    Dude, your browser is fscking you up. Clear the cookies, cache or try from different one (or perhaps from 'anonymous' mode window).



  • Thanks for the reactions  ;D

    Indeed it was a browser / cookie porbleem.

    However my problem was that it om multiple browsers on multiple computers I had the same  problem.
    Also I did deleted cookies only from 1 week old, however it seems that I tried more then a week ago. ::)

    Never the less, problem solved. :)


  • Banned

    I don't think it's just me? The "modern" browsers start to behave in completely idiotic ways when it comes to forms/usernames/passwords/logins:

    • offering to save credentials for fields that are not username/password at all
    • trying to autofill saved credentials on completely wrong places
    • unwantedly filling in complete crap on clicking submit
    • various cookies SNAFUs
    • now Mozilla has come with a "wonderful" idea to scream about lack of HTTPS on login forms

    :( >:( >:(


Log in to reply