FreePBX | Register | Issues | Wiki | Portal | Support

Using Reverse Proxy breaks Ajax - ajaxRequest declined - Referrer - GET /admin/ajax.php?command=authping HTTP/1.1" 403 43


(Onedutch) #1

Hello,

I fresh installed 14.0.5.2 on a CentOS7 system with a dedicated WAN ip with the help of page (newbies are not allowed to add website links)

Connecting to the WAN ip over http (port 80) works flawless. Just like others , i found some sites, i would like to use a reveser proxy. So a client connects to an FQDN freepbx.WEBSITE (notice the https) this is the reverse proxy with an other WAN ip as the freepbx CentOS host. The Reverse proxy forwards the request to the CentOS WAN ip over http 80. CentOS only accepts request from the reverse proxy IP.

Logging on works fine, after logging on You see the red bar at the top of the screen "ajaxRequest declined - Referrer " in the apache2 access log you will find a 403 (denied) GET /admin/ajax.php?command=authping " 403 43

I enabled freepbx.WEBSITE (so port 80 no ssl) no change, didn’t work either. Consulting the other webpages with similair issues i did find a answer. On the page ( community-dot-freepbx-dot-org/t/can-one-disable-freepbxs-bad-referrer-check/22136/3) SkykingOH mentions a setting on the “advanced settings module” unsure which setting.

After reading and reading, I think the Ajax component is ‘hardcoded’ expecting a referrer from the localhost CentOS and or the CentOS ip and not the https freepbx.WEBSITE . In the apache2 access log you see other GET requests working flawless /admin/config.php for example.

The apache2 error log mentions : [authz_core:error] [pid 15237] [client IPfromReverseProxy:40205] AH01630: client denied by server configuration: /var/www/html/admin/index.html

Anyone has any clue? Perhaps it has something to do with the ?

Best Regards,
Tom


(Andrew Nagy) #2

Go to advanced settings and disable referer checks