Upgraded from 2.0.33 to 2.0.45; now GUI fails

I have Duplicati installed on an Ubuntu server, with Apache acting as a reverse proxy to make it accessible via a friendly URL (backups.home.mydomain.com). Having just upgraded to 2.0.45, accessing via backups.home.mydomain.com now yields “The host header sent by the client is not allowed”. I can still access the GUI via localhost:8200.

With this setup, I have never had to set the option “allow remote access” and do not want to open up port 8200 to my entire network.

Having read other similar posts, I have tried clearing my Chrome cache, but it hasn’t helped.

How can I re-enable the GUI via Apache?

Hello @marfea and welcome to the forum!

I don’t know about Apache, but tightened remote security, and you’re getting the standard symptom:

Duplicati upgrade - “The host header sent by the client is not allowed”

A suitable setting for Server option below might do the trick. I think it’s separate from --webservice-interface

–webservice-allowed-hostnames: The hostnames that are accepted, separated with semicolons. If any of the hostnames are “*”, all hostnames are allowed and the hostname checking is disabled.

I’m not clear on how host headers flow through proxies. In non-proxy case, IP address is also a workaround.