Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

cPanel + reverse proxy = invalid security token

Discussion in 'General Discussion' started by EternalGlory, Jul 21, 2018.

  1. EternalGlory

    EternalGlory Registered

    Joined:
    Jul 21, 2018
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Earth
    cPanel Access Level:
    DataCenter Provider
    The system almost works, but I get the error in various places when logging into webmail and performing certain actions on WHM:

    HTTP error 401
    Invalid Security Token

    Lots of XSRF errors in the console:
    Code:
    Blocked a frame with origin "https://webmail.example.com" from accessing a frame with origin "https://cpanel.example.com". Protocols, domains, and ports must match.
    
    Refused to display 'https://cpanel.example.com/cpsess12345678/3rdparty/squirrelmail/src/webmail.php?login=1&post_login=12345678' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
    
    Additionally, I get unstyled pages in WHM where it is attempting to pull styles and content from cPanel but fails to do so due to the aforementioned errors.


    So far tried:
    • Old hack for disabling XSS (xsrftoken=false), doesn't work on new cpanel
    • Disable cookie based IP validation
    • Force update
    • Strip xss related headers using nginx
    • Delete cache directory
    • Praying to Lord Krishna
    Still doesn't work.
     
    #1 EternalGlory, Jul 21, 2018
    Last edited by a moderator: Jul 25, 2018
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,500
    Likes Received:
    1,964
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @EternalGlory,

    It looks to relate to the use of your third-party reverse proxy application and proxy subdomains. The easiest way to solve the issue is to disable proxy subdomains and access cPanel/WHM/Webmail using the traditional ports (e.g. 2083, 2087, 2096). Beyond that, I recommend reporting this issue to the developer of the specific reverse proxy application you are using to see if they can offer a solution or workaround to solve the issue.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice