I managed to solve almost all the problems, I just need to solve the hostname part. By default it comes as “*”, that is, it accepts all hosts, however I am running my server on a VPS in another country, but I have a VPN server running on my server and I want it to only accept connections from the external IP itself the server.
I’ve tried to leave it blank, I’ve tried to put my external IP, and nothing works, only *. I want to know how I change and make it work.
The host header sent by the client is not allowed
Have you tried the
--webservice-interface= option? You can use that to force Duplicati to bind only to a certain interface.
I’ve tested it but it doesn’t work
The server is a VPS running ArchLinux and the duplicati is in a docker. I am using ngnix with SSL to access via URL, which is configured in the Ngnix Proxy manager and points to the container
# Aponte o servidor para o caminho original do diretório de configuração
# Força diretrório temporário ser no /tmp
# tamanho máximo do arquivo
#--max-file-size=50mb # Valor padrão 50mb
#- CLI_ARGS= #optional
- ./volumes/appdata/config:/config #Contém todos os arquivos de configuração relevantes.
- /Becapes/backups:/backups #Caminho para armazenar backups locais.
- /home/tales:/source #Caminho para a origem dos arquivos para backup.
# - 8200:8200
I don’t use Arch but on Debian and its derivatives (maybe others?) there is an
/etc/default/duplicati file that has daemon options where you can adjust things like what interface it listens on. But I don’t think it would really apply to Duplicati running in a docker containers, as it only has one “interface” anyway.
Maybe you need to block it at the nginx reverse proxy level? I don’t have experience with that, so I can’t really help you…
How does the VPN server fit into the picture? Other descriptions sound like you
https direct to nginx.
Maybe the config would tell me, but I don’t use
nginx… The servers and interfaces are not very clear:
Does “IP itself the server” mean the external IP of the server at your end, going across open Internet?
Duplicati isn’t a firewall. Don’t expose it to the Internet directly even if you think you told it to be secure.
If you can SSH to the remote, an option may be to browse on a port-forwarded connection, e.g. by -L.
nginx admin, you likely know host headers better than I do, but this is a remote hostname, right?
Although I’m not sure the help expresses it well, I think you’re telling Duplicati what host headers to take.
That’s not even an IP thing, I think. You should configure the hostname you will use on URL to Duplicati.
What the host header checker is trying to do, I think, is to protect Duplicati from a DNS rebinding attack.
I have same issue, I added Duplicati as
iframe of Home assistant (DNS: xxx.duckdns.org).
When I use local IP (
192.168.x.x:8123/duplicati) to access, it works.
But when I use
xxx.duckdns.org/duplicati It show login failed.
Did you find any clue?