We have a ZKTeco MB10 Attendance Device
I have successfully installed it, and connected to the BioTime 9.5 that we are hosting on a VPS,
I have pointed a subdomain record to the the VPS ip address and I can access the bioTime using checkinpany
This works fine on http
And I am using nginx as a reverse proxy as seen here.
nginx config file
server {
listen 80;
server_name checkinpany;
location / {
proxy_pass http://127.0.0.1:9040;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Now the issue is with SSL if I try to get https. I cannot login to BioTime web login anymore
nginx config file:
server {
listen 443 ssl;
server_name checkinpany;
ssl_certificate C:\win-acme\certs\checkinpany-chain.pem;
ssl_certificate_key C:\win-acme\certs\checkinpany-key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:9040;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
While using https://
In the Nginx Access Logs I get this
82.xxx.xx.xxx - - "GET /login/?next=/ HTTP/1.1" 200 11958
82.xxx.xx.xxx - - "PATCH /base/system_verify/ HTTP/1.1" 403 1019
using https I get 403 for /base/system_verify/
I don't know what's the issue and how can I resolve it any insights or help will be appreciated
We have a ZKTeco MB10 Attendance Device
I have successfully installed it, and connected to the BioTime 9.5 that we are hosting on a VPS,
I have pointed a subdomain record to the the VPS ip address and I can access the bioTime using checkinpany
This works fine on http
And I am using nginx as a reverse proxy as seen here.
nginx config file
server {
listen 80;
server_name checkinpany;
location / {
proxy_pass http://127.0.0.1:9040;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Now the issue is with SSL if I try to get https. I cannot login to BioTime web login anymore
https://checkinpany
nginx config file:
server {
listen 443 ssl;
server_name checkinpany;
ssl_certificate C:\win-acme\certs\checkinpany-chain.pem;
ssl_certificate_key C:\win-acme\certs\checkinpany-key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:9040;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
While using https://
In the Nginx Access Logs I get this
82.xxx.xx.xxx - - "GET /login/?next=/ HTTP/1.1" 200 11958
82.xxx.xx.xxx - - "PATCH /base/system_verify/ HTTP/1.1" 403 1019
using https I get 403 for /base/system_verify/
I don't know what's the issue and how can I resolve it any insights or help will be appreciated
Share Improve this question edited Mar 23 at 9:08 Martin 3741 gold badge5 silver badges17 bronze badges asked Mar 12 at 16:00 Arbaz Ahmed MughalArbaz Ahmed Mughal 111 bronze badge1 Answer
Reset to default 0you're encountering a 403 Forbidden error when making a PATCH request to /base/system_verify/, it is likely caused by a CSRF verification failure. This usually happens when your HTTPS domain is not recognized as an allowed host in the BioTime configuration.
Solution:
You need to explicitly add your domain to CSRF_TRUSTED_ORIGINS in BioTime’s settings. To do this:
1. Open the file: {biotime_directory}\mysite\settings\components\common.py
2. Locate (or add) the CSRF_TRUSTED_ORIGINS setting and include your domain:
CSRF_TRUSTED_ORIGINS = [
"https://yoursite"
]
Add any other relevant domains then restart the services.
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1744742025a4591084.html
评论列表(0条)