WebUI Access showing unauthorized

spiney · 5 July 2021 20:57

I’m getting an unauthorized access in the browser, and I’m seeing the following in the logs:

(W) 2021-07-05T16:26:16 - WebUI: Referer header & Target origin mismatch! Source IP: ‘::ffff:10.42.1.44’. Referer header: ‘http://portainer-i3/’. Target origin: ‘10.42.1.10:8090’
(W) 2021-07-05T16:26:16 - WebUI: Invalid Host header, port mismatch. Request source IP: ‘::ffff:10.42.1.44’. Server port: ‘8080’. Received Host header: ‘10.42.1.10:8090’
(W) 2021-07-05T16:26:48 - WebUI: Referer header & Target origin mismatch! Source IP: ‘::ffff:10.42.1.44’. Referer header: ‘http://portainer-i3/’. Target origin: ‘10.42.1.10:8090’
(W) 2021-07-05T16:26:48 - WebUI: Invalid Host header, port mismatch. Request source IP: ‘::ffff:10.42.1.44’. Server port: ‘8080’. Received Host header: ‘10.42.1.10:8090’

I have added the following to the config file:
WebUI\HostHeaderValidation=false

Upon restarting the container, the config file appears to be repopulated with the default configuration, and the configuration directive I added is removed.

How can I stop that from happening?

Thanks in advance!

j0nnymoe · 5 July 2021 20:59

It’s because you’re opening up the webui via the link given via portainer. Type the IP:port into the web browser manually. As you can see Portainer is injecting headers which qbittorrent doesn’t like.

spiney · 5 July 2021 21:24

Oh my word… I can’t believe it was that simple.

Thanks for the reply!

system · 10 July 2021 21:25

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.