search

greenbone / gsa

Greenbone Security Assistant - The web frontend for the Greenbone Community Edition
GNU Affero General Public License v3.0
212 stars 95 forks source link

Access to WEB-console GSA via hostname #524

Closed 2dvz closed 6 years ago

2dvz commented 6 years ago
Hello. In version 7.0.3, access to GSA through the hostname was lost. The web interface is accessible only by IP address. Error: "The request contained an unknown or invalid host header. If you are trying to access GSA through your host name or proxy server, make sure that the GSA is configured this way." This is a bug or feature ? ### Expected behavior Access to WEB-console GSA via hostname. ### Current behavior Access to WEB-console GSA via IP address. ### Steps to reproduce 1. Open URL https://scan01.local:4444 2. Error. 3. Open URL https://10.0.0.10:4444 4. No error. ### OpenVAS / GVM versions **gsa:** (7.0.3) **gvm:** (7.0.3 / -) **openvas-scanner:** (5.1.2) **gvm-libs:** - **openvas-smb:** - ### Environment **Operating system:** Ubuntu 16.04 LTS **Installation method / source:** (packages) ### Logfiles ```gsad main: DEBUG:2018-04-09 13h46.14 utc:35837: Accepting 5 host addresses in Host headers gsad main: DEBUG:2018-04-09 13h46.14 utc:35837: - fe80::215:5dff:fe96:fa5c%eth0 gsad main: DEBUG:2018-04-09 13h46.14 utc:35837: - 127.0.0.1 gsad main: DEBUG:2018-04-09 13h46.14 utc:35837: - 10.0.0.10 gsad main: DEBUG:2018-04-09 13h46.14 utc:35837: - localhost gsad main: DEBUG:2018-04-09 13h46.14 utc:35837: - ::1 gsad main: DEBUG:2018-04-09 13h46.14 utc:35837: GSAD started successfully and is listening on port 4444 gsad main: DEBUG:2018-04-10 06h36.22 utc:35829: ============= url: /?r=1 gsad main: DEBUG:2018-04-10 06h36.22 utc:35829: validate_host_header: header: 'scan01.local:4444' -> host: 'scan01.local' gsad main: DEBUG:2018-04-10 06h36.22 utc:35829: connectiontype=2 ```
cfi-gb commented 6 years ago

@2dvz Please see the following in your filled out issue template:

  1. be aware that this is not a support forum. If you have any questions see http://openvas.org/ for available support options.

In https://lists.wald.intevation.org/pipermail/openvas-discuss/2018-April/011929.html you fill find some notes on how to configure / start your GSA to allow accessing it via a hostname.

Edit Duplicate of https://github.com/greenbone/gsa/issues/505 as well

bjoernricks commented 6 years ago

See #318 and --allow-header-host parameter of gsad (gsad --help)

2dvz commented 6 years ago

Thank you! What I need.