Reverse proxy problems

DavidA2014 · June 8, 2023, 1:52pm

Hi, we have been running Jenkins fairly successfully with the nginx reverse proxy but the nginx configuration seems to be causing some problems. To investigate, we disabled nginx but are now getting lots of these messages:

## HTTP ERROR 403 No valid crumb was included in the request

And ‘Manage Jenkins’ shows:

It appears that your reverse proxy set up is broken.

We have CSRF Protection > Crumb Issuer set to Default Crumb Issuer.

The setting of CSRF Protection > Crumb > Enable Proxy Compatibility seems to make no difference.

The log shows lots of errors like this:

Jun 08, 2023 1:50:23 PM WARNING hudson.security.csrf.CrumbFilter doFilter

No valid crumb was included in request for /administrativeMonitor/hudson.diagnosis.ReverseProxySetupMonitor/test by admin. Returning 403.

Any suggestions how to fix this please?

poddingue · June 14, 2023, 8:49am

Hello @DavidA2014 ,

To me, the It appears that your reverse proxy set up is broken. means the URL you use in your browser does not match with the one configured in Manage Jenkins/System/Jenkins URL.

Is your reverse proxy (in this case, nginx) properly configured to pass the necessary headers and cookies required for Jenkins’ CSRF protection?
As far as I know, you may need to ensure that the X-FORWARDED_FOR header is being correctly passed from the reverse proxy to Jenkins.

Topic		Replies	Views
No Valid Crumb Error After Plug-in Installation Using Jenkins	13	17922	October 16, 2024
Tomcat + Jenkins 2.346.3 CRUMB error on 1st startup Ask a question	10	1297	November 8, 2022
Jenkins HTTP Status 403-Forbidden Error Ask a question	10	19541	January 15, 2024
Upgrade from 2.204.6 to 2.289.3 failed on CSRF Using Jenkins	6	1386	August 10, 2022
Reverse Proxy Test does not handle URL correctly Ask a question	17	7102	December 10, 2024

Reverse proxy problems

Related topics