OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • 24.7 Production Series »
  • [NOOB] CSRF check failed. [SOLVED] => ReInstall
« previous next »
  • Print
Pages: 1 [2]

Author Topic: [NOOB] CSRF check failed. [SOLVED] => ReInstall  (Read 2314 times)

MarieSophieSG

  • Full Member
  • ***
  • Posts: 172
  • Karma: 5
  • Your avrge girl playing wi/ computers and engineri
    • View Profile
Re: [NOOB] CSRF check failed.
« Reply #15 on: October 12, 2024, 01:41:23 am »
Quote from: cookiemonster on October 12, 2024, 12:07:28 am
Previous:
> On all 5 clients all at the same time ?
No, this web dev tools is useful to delete specific cookies and to analyse the browser-server conversation. Just the one machine being used to diagnose is sufficient.

Sorry, my meaning was about the suggestion that it could be a client-side problem rather than central OPNsense, my reaction was: On all five client at the same time ? (if it was a coockie or browser problem)

Anyway, as I SSH'd reboot, which was refused, and even opt. 5 OFF, so I hard switched it off and I just took the box out of its shelf, went back to the wokbench, screen+keyboard => reinstall

I saw many weird messages at first, and a long time hanging, clamAV was still installed and running (despite being removed from the GUI), etc .. so that convinced me to do a fresh reinstall

Much quicker than the first, on the user side :-p

Now all access back up and running ... will do a backup right away in this "stock running" state, and then I will resume my tentative to have all laptops accessing both NAS as by default, LANs don't communicate with each others
« Last Edit: October 12, 2024, 08:02:38 pm by MarieSophieSG »
Logged
Hunsn RS39 (N5105, 4x i225) 24.7.5_0 testing
LAN1 = swtch1 Laptop1 MX23, NAS, Laptop2 Win10
LAN2 = WiFi router AP, Laptop2, tablet, phone, printer, IoT, etc.
LAN3 = Swtch2 Laptop3 Suse; Laptop4 Qube-OS/Win10, printer
Pretending to be tech Savvy with a HomeLab :-p

MarieSophieSG

  • Full Member
  • ***
  • Posts: 172
  • Karma: 5
  • Your avrge girl playing wi/ computers and engineri
    • View Profile
Re: [NOOB] CSRF check failed. [SOLVED] => ReInstall
« Reply #16 on: October 12, 2024, 01:16:08 pm »
While going through all set-up, I saw:
Code: [Select]
Enable HTTP Strict Transport Security
HTTP Strict Transport Security (HSTS) is a web security policy mechanism that helps to protect websites against protocol downgrade attacks and cookie hijacking.
And

Code: [Select]
Disable HTTP_REFERER enforcement check
When this is unchecked, access to the web GUI is protected against HTTP_REFERER redirection attempts. Check this box to disable this protection if you find that it interferes with web GUI access in certain corner cases such as using external scripts to interact with this system. More information on HTTP_REFERER is available from Wikipedia.

Which I may have triggered in the previous config, not sure but it rings me some bell, I think I did the first HSTS ...
Could that be the reason ?
Logged
Hunsn RS39 (N5105, 4x i225) 24.7.5_0 testing
LAN1 = swtch1 Laptop1 MX23, NAS, Laptop2 Win10
LAN2 = WiFi router AP, Laptop2, tablet, phone, printer, IoT, etc.
LAN3 = Swtch2 Laptop3 Suse; Laptop4 Qube-OS/Win10, printer
Pretending to be tech Savvy with a HomeLab :-p

cookiemonster

  • Hero Member
  • *****
  • Posts: 1823
  • Karma: 95
    • View Profile
Re: [NOOB] CSRF check failed. [SOLVED] => ReInstall
« Reply #17 on: October 12, 2024, 04:45:02 pm »
yes, I was going to suggest to change as a test that but it was a chicken and egg situation.
Glad you're fine again.
Logged
  • Print
Pages: 1 [2]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • 24.7 Production Series »
  • [NOOB] CSRF check failed. [SOLVED] => ReInstall
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2