with valid certs.. admin login.html is availble but admin ports are blocked.. forced redirect?

[bcookatpcsd]

Prerequisites

• [X] I have checked the Wiki and Discussions and found no answer

• [X] I have searched other issues and found no duplicates

• [X] I want to report a bug and not ask a question or ask for help

• [X] I have set up AdGuard Home correctly and configured clients to use it. (Use the Discussions for help with installing and configuring clients.)

Platform (OS and CPU architecture)

Linux, AMD64 (aka x86_64)

Installation

GitHub releases or script from README

Setup

On one machine

AdGuard Home version

v0.107.46

Action

curl -I https://dns.domain.io

HTTP/2 302
access-control-allow-origin: http://dns.domain.io
content-type: text/html; charset=utf-8
location: /login.html
vary: Origin
date: Tue, 02 Apr 2024 16:21:22 GMT

curl -v -I https://dns.domain.io:3005

* Host dns.domain.io:3005 was resolved.
* IPv6: (none)
* IPv4: 50.60.70.80
*   Trying 50.60.70.80:3005...
* connect to 50.60.70.80 port 3005 from ab.cd.ef.gh port 34788 failed: Connection refused
* Failed to connect to dns.domain.io port 3005 after 8 ms: Couldn't connect to server
* Closing connection
curl: (7) Failed to connect to dns.domain.io port 3005 after 8 ms: Couldn't connect to server

Expected result

Not a redirection to the login page..

Actual result

I did not expect to see the login.html page.. from the non admin port..

Additional information and/or screenshots

Is there a log of login attempts?

[tjharman]

Can you please share how you've setup your encryption settings? I don't quite follow what's going on here - what's port 3005?

[bcookatpcsd]

adguard yaml..

http:
  pprof:
    port: 6060
    enabled: false
  address: 0.0.0.0:3005
  session_ttl: 1h

further down..

tls:
  enabled: true
  server_name: dns.domain.io
  force_https: false
  port_https: 443
  port_dns_over_tls: 0
  port_dns_over_quic: 0
  port_dnscrypt: 0
  dnscrypt_config_file: ""
  allow_unencrypted_doh: false
  certificate_chain: ""
  private_key: ""
  certificate_path: /etc/lego/certificates/dns.domain.io.crt
  private_key_path: /etc/lego/certificates/dns.domain.io.key
  strict_sni_check: false

If you just put the server name/ip into the browser you are offered the login page..

(rhetorically..) what is the point of port 3000?

[ghost]

Hi @bcookatpcsd, thanks for the report.

If this is setup in Docker for example, some configuration may have to be done there too. Could you please tell me more about your setup environment?

[ghost]

Hi @bcookatpcsd, I've closed this issue due to lack of activity. Please let me know if it's still affecting you, and you'd like it reopened.