Closed 0FiRE0 closed 1 year ago
Hello @0FiRE0,
Can you share your compose file please ?
Don't know if it's related but we have a stacktrace with an UnboundLocalError exception.
cc @TheophileDiot
Hi @fl0ppy-d1sk @TheophileDiot ,
Sure thing, please find below the docker-compose.yml
file:
BTW, I am using the local hosts
file to resolve the addresses rather than using actual DNS resolution.
version: '3'
services:
mybunker:
image: bunkerity/bunkerweb:1.4.3
networks:
- bw-services
- bw-ui
ports:
- 80:8080
volumes:
- bw-data:/data
- bw-confs:/etc/nginx
environment:
- SERVER_NAME=bwadm.example.com
- MULTISITE=yes
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
- bwadm.example.com_USE_UI=yes
- bwadm.example.com_USE_REVERSE_PROXY=yes
- bwadm.example.com_REVERSE_PROXY_URL=/admin/
- bwadm.example.com_REVERSE_PROXY_HOST=http://myui:7000
- bwadm.example.com_REVERSE_PROXY_HEADERS=X-Script-Name /admin
- bwadm.example.com_REVERSE_PROXY_INTERCEPT_ERRORS=yes
labels:
- "bunkerweb.UI"
myui:
image: bunkerity/bunkerweb-ui:1.4.3
depends_on:
- mydocker
networks:
- bw-ui
- bw-docker
volumes:
- bw-data:/data
- bw-confs:/etc/nginx
environment:
- DOCKER_HOST=tcp://localhost:2375
- ADMIN_USERNAME=admin
- ADMIN_PASSWORD=admin
- ABSOLUTE_URI=http://bwadm.example.com/admin/
mydocker:
image: tecnativa/docker-socket-proxy
networks:
- bw-docker
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
bw-services:
bw-ui:
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
bw-docker:
volumes:
bw-data:
bw-confs:
Additionally for more details, below is the payload of the POST
request:
csrf_token=IjkyMWIxN2Jlo4QyYTU3OTA3MjVmYjA5ODI5MGM5YTQzYTc5ZWNhMmMi.YyorHw.andRFM10y3uauGH34cqt9VOIPwk&OLD_SERVER_NAME=example-site.com&operation=edit&SERVER_NAME=example-site.com&USE_ANTIBOT=no&ANTIBOT_URI=%2Fchallenge&ANTIBOT_RECAPTCHA_SCORE=0.7&ANTIBOT_RECAPTCHA_SITEKEY=&ANTIBOT_RECAPTCHA_SECRET=&ANTIBOT_HCAPTCHA_SITEKEY=&ANTIBOT_HCAPTCHA_SECRET=&USE_AUTH_BASIC=off&AUTH_BASIC_LOCATION=sitewide&AUTH_BASIC_USER=changeme&AUTH_BASIC_PASSWORD=changeme&AUTH_BASIC_TEXT=Restricted+area&USE_BAD_BEHAVIOR=off&BAD_BEHAVIOR_STATUS_CODES=400+401+403+404+405+429+444&BAD_BEHAVIOR_BAN_TIME=86400&BAD_BEHAVIOR_THRESHOLD=10&BAD_BEHAVIOR_COUNT_TIME=60&USE_BLACKLIST=off&BLACKLIST_IP=&BLACKLIST_RDNS=.shodan.io+.censys.io&BLACKLIST_RDNS_GLOBAL=yes&BLACKLIST_ASN=&BLACKLIST_USER_AGENT=&BLACKLIST_URI=&USE_BROTLI=off&BROTLI_TYPES=application%2Fatom%2Bxml+application%2Fjavascript+application%2Fjson+application%2Frss%2Bxml+application%2Fvnd.ms-fontobject+application%2Fx-font-opentype+application%2Fx-font-truetype+application%2Fx-font-ttf+application%2Fx-javascript+application%2Fxhtml%2Bxml+application%2Fxml+font%2Feot+font%2Fopentype+font%2Fotf+font%2Ftruetype+image%2Fsvg%2Bxml+image%2Fvnd.microsoft.icon+image%2Fx-icon+image%2Fx-win-bitmap+text%2Fcss+text%2Fjavascript+text%2Fplain+text%2Fxml&BROTLI_MIN_LENGTH=1000&BROTLI_COMP_LEVEL=6&USE_BUNKERNET=off&USE_CORS=off&CORS_ALLOW_ORIGIN=*&CORS_EXPOSE_HEADERS=Content-Length%2CContent-Range&CORS_MAX_AGE=86400&CORS_ALLOW_CREDENTIALS=off&CORS_ALLOW_METHODS=GET%2C+POST%2C+OPTIONS&CORS_ALLOW_HEADERS=DNT%2CUser-Agent%2CX-Requested-With%2CIf-Modified-Since%2CCache-Control%2CContent-Type%2CRange&USE_CLIENT_CACHE=off&CLIENT_CACHE_ETAG=on&CLIENT_CACHE_ETAG=off&CLIENT_CACHE_CONTROL=public%2C+max-age%3D15552000&BLACKLIST_COUNTRY=&WHITELIST_COUNTRY=&USE_CUSTOM_HTTPS=off&CUSTOM_HTTPS_CERT=&CUSTOM_HTTPS_KEY=&USE_DNSBL=off&ERRORS=&USE_GZIP=off&GZIP_TYPES=application%2Fatom%2Bxml+application%2Fjavascript+application%2Fjson+application%2Frss%2Bxml+application%2Fvnd.ms-fontobject+application%2Fx-font-opentype+application%2Fx-font-truetype+application%2Fx-font-ttf+application%2Fx-javascript+application%2Fxhtml%2Bxml+application%2Fxml+font%2Feot+font%2Fopentype+font%2Fotf+font%2Ftruetype+image%2Fsvg%2Bxml+image%2Fvnd.microsoft.icon+image%2Fx-icon+image%2Fx-win-bitmap+text%2Fcss+text%2Fjavascript+text%2Fplain+text%2Fxml&GZIP_MIN_LENGTH=1000&GZIP_COMP_LEVEL=5&INJECT_BODY=&REMOVE_HEADERS=Server+X-Powered-By+X-AspNet-Version+X-AspNetMvc-Version&STRICT_TRANSPORT_SECURITY=max-age%3D31536000&COOKIE_FLAGS=*+HttpOnly+SameSite%3DLax&COOKIE_AUTO_SECURE_FLAG=on&COOKIE_AUTO_SECURE_FLAG=off&CONTENT_SECURITY_POLICY=object-src+%27none%27%3B+form-action+%27self%27%3B+frame-ancestors+%27self%27%3B&REFERRER_POLICY=strict-origin-when-cross-origin&PERMISSIONS_POLICY=accelerometer%3D%28%29%2C+ambient-light-sensor%3D%28%29%2C+autoplay%3D%28%29%2C+battery%3D%28%29%2C+camera%3D%28%29%2C+cross-origin-isolated%3D%28%29%2C+display-capture%3D%28%29%2C+document-domain%3D%28%29%2C+encrypted-media%3D%28%29%2C+execution-while-not-rendered%3D%28%29%2C+execution-while-out-of-viewport%3D%28%29%2C+fullscreen%3D%28%29%2C+geolocation%3D%28%29%2C+gyroscope%3D%28%29%2C+hid%3D%28%29%2C+idle-detection%3D%28%29%2C+magnetometer%3D%28%29%2C+microphone%3D%28%29%2C+midi%3D%28%29%2C+navigation-override%3D%28%29%2C+payment%3D%28%29%2C+picture-in-picture%3D%28%29%2C+publickey-credentials-get%3D%28%29%2C+screen-wake-lock%3D%28%29%2C+serial%3D%28%29%2C+usb%3D%28%29%2C+web-share%3D%28%29%2C+xr-spatial-tracking%3D%28%29&FEATURE_POLICY=accelerometer+%27none%27%3B+ambient-light-sensor+%27none%27%3B+autoplay+%27none%27%3B+battery+%27none%27%3B+camera+%27none%27%3B+display-capture+%27none%27%3B+document-domain+%27none%27%3B+encrypted-media+%27none%27%3B+execution-while-not-rendered+%27none%27%3B+execution-while-out-of-viewport+%27none%27%3B+fullscreen+%27none%27%3B++%27none%27%3B+geolocation+%27none%27%3B+gyroscope+%27none%27%3B+layout-animation+%27none%27%3B+legacy-image-formats+%27none%27%3B+magnetometer+%27none%27%3B+microphone+%27none%27%3B+midi+%27none%27%3B+navigation-override+%27none%27%3B+payment+%27none%27%3B+picture-in-picture+%27none%27%3B+publickey-credentials-get+%27none%27%3B+speaker-selection+%27none%27%3B+sync-xhr+%27none%27%3B+unoptimized-images+%27none%27%3B+unsized-media+%27none%27%3B+usb+%27none%27%3B+screen-wake-lock+%27none%27%3B+web-share+%27none%27%3B+xr-spatial-tracking+%27none%27%3B&X_FRAME_OPTIONS=SAMEORIGIN&X_CONTENT_TYPE_OPTIONS=nosniff&X_XSS_PROTECTION=1%3B+mode%3Dblock&CUSTOM_HEADER=&AUTO_LETS_ENCRYPT=off&EMAIL_LETS_ENCRYPT=&USE_LETS_ENCRYPT_STAGING=off&USE_LIMIT_REQ=off&USE_LIMIT_CONN=off&LIMIT_CONN_MAX_HTTP1=10&LIMIT_CONN_MAX_HTTP2=100&LIMIT_REQ_RATE=2r%2Fs&LIMIT_REQ_URL=%2F&REDIRECT_HTTP_TO_HTTPS=no&AUTO_REDIRECT_HTTP_TO_HTTPS=yes&ALLOWED_METHODS=GET%7CPOST%7CHEAD&MAX_CLIENT_SIZE=10m&SERVE_FILES=off&ROOT_FOLDER=&HTTPS_PROTOCOLS=TLSv1.2+TLSv1.3&HTTP2=on&HTTP2=off&LISTEN_HTTP=on&LISTEN_HTTP=off&USE_OPEN_FILE_CACHE=off&OPEN_FILE_CACHE=max%3D1000+inactive%3D20s&OPEN_FILE_CACHE_ERRORS=yes&OPEN_FILE_CACHE_MIN_USES=2&OPEN_FILE_CACHE_VALID=30s&USE_MODSECURITY=off&USE_MODSECURITY_CRS=off&MODSECURITY_SEC_AUDIT_ENGINE=RelevantOnly&REMOTE_PHP=&REMOTE_PHP_PATH=&LOCAL_PHP=&LOCAL_PHP_PATH=&USE_REAL_IP=off&USE_PROXY_PROTOCOL=off&REAL_IP_FROM=192.168.0.0%2F16+172.16.0.0%2F12+10.0.0.0%2F8&REAL_IP_HEADER=X-Forwarded-For&REAL_IP_RECURSIVE=on&REAL_IP_RECURSIVE=off&REDIRECT_TO=&REDIRECT_TO_REQUEST_URI=off&USE_REVERSE_PROXY=on&USE_REVERSE_PROXY=off&REVERSE_PROXY_INTERCEPT_ERRORS=on&REVERSE_PROXY_INTERCEPT_ERRORS=off&USE_PROXY_CACHE=off&PROXY_CACHE_METHODS=GET+HEAD&PROXY_CACHE_MIN_USES=2&PROXY_CACHE_KEY=%24scheme%24host%24request_uri&PROXY_CACHE_VALID=200%3D24h+301%3D1h+302%3D24h&PROXY_NO_CACHE=%24http_pragma+%24http_authorization&PROXY_CACHE_BYPASS=0&REVERSE_PROXY_AUTH_REQUEST_SET=&REVERSE_PROXY_AUTH_REQUEST=&REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=&REVERSE_PROXY_AUTH_REQUEST=&REVERSE_PROXY_AUTH_REQUEST=&REVERSE_PROXY_KEEPALIVE=off&REVERSE_PROXY_BUFFERING=on&REVERSE_PROXY_BUFFERING=off&REVERSE_PROXY_HEADERS_CLIENT=&REVERSE_PROXY_HEADERS=&REVERSE_PROXY_HEADERS=&REVERSE_PROXY_WS=off&REVERSE_PROXY_URL=&REVERSE_PROXY_HOST=https%3A%2F%2Fproxied-site.com%3A443&GENERATE_SELF_SIGNED_SSL=off&SELF_SIGNED_SSL_EXPIRY=365&SELF_SIGNED_SSL_SUBJ=%2FCN%3Dwww.example.com%2F&USE_UI=off&USE_WHITELIST=on&USE_WHITELIST=off&WHITELIST_IP=20.191.45.212+40.88.21.235+40.76.173.151+40.76.163.7+20.185.79.47+52.142.26.175+20.185.79.15+52.142.24.149+40.76.162.208+40.76.163.23+40.76.162.191+40.76.162.247+54.208.102.37+107.21.1.8&WHITELIST_RDNS=.google.com+.googlebot.com+.yandex.ru+.yandex.net+.yandex.com+.search.msn.com+.baidu.com+.baidu.jp+.crawl.yahoo.net+.fwd.linkedin.com+.twitter.com+.twttr.com+.discord.com&WHITELIST_RDNS_GLOBAL=yes&WHITELIST_ASN=32934&WHITELIST_USER_AGENT=&WHITELIST_URI=
I found a temporary workaround to solve the infinite looping (but this is just a workaround not an actual solution). It is by commenting the lines causing the error.
Just follow the following steps:
myui
docker instance and login as a root
user sudo docker exec -it -u root bunkerweb_myui_1 bash
/opt/bunkerweb/ui/main.py
file in your text editor (vi
was used in our case) vi /opt/bunkerweb/ui/main.py
#
at the beginning of the each line (refer to the below screenshot):wq
exit
sudo docker restart bunkerweb_myui_1
Note: The file will get back to its original state once the container is re-created, if you want to keep the modification use persistent storage instead.
Hi @0FiRE0, i'll have a look and keep you updated about this
Hello @0FiRE0,
It should be fixed in the last v1.4.4 release.
Description After configuring a service for the first time as a Reverse Proxy in the Web UI, each time the service gets modified afterwards it stucks in an infinite loop of loading without getting any results.
Screenshot below:
How to reproduce
Configuration:
Logs The logs generated by BunkerWeb. DON'T FORGET TO REMOVE PRIVATE DATA LIKE IP ADDRESSES !