https://connect.hyland.com/t5/alfresco-archive/4-2-f-possible-csrf-attack-noted-when-asserting-referer-header/m-p/305640#M258770 <HTML><HEAD></HEAD><BODY><SPAN>Hello everyone,</SPAN><BR /><BR /><SPAN>I have a problem after put my alfresco behind apache httpd:</SPAN><BR /><BR /><SPAN>&lt;VirtualHost *:80&gt;</SPAN><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ProxyPass /share </SPAN><A href="http://127.0.0.1:8181/share" rel="nofollow noopener noreferrer">http://127.0.0.1:8181/share</A><BR /><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ProxyPassReverse /share </SPAN><A href="http://127.0.0.1:8181/share" rel="nofollow noopener noreferrer">http://127.0.0.1:8181/share</A><BR /><SPAN>&lt;/VirtualHost&gt;</SPAN><BR /><BR /><SPAN>Error:</SPAN><BR /><BR /><SPAN> 2014-10-06 02:07:24,839&nbsp; ERROR [alfresco.web.site] [http-bio-8181-exec-2] javax.servlet.ServletException: Possible CSRF attack noted when asserting referer header '</SPAN><A href="http://XXX.XXX.XXX.XX/share/page/" rel="nofollow noopener noreferrer">http://XXX.XXX.XXX.XX/share/page/</A><SPAN>'. Request: POST /share/page/dologin, FAILED TEST: Assert referer POST /share/page/dologin :: referer: '</SPAN><A href="http://XXX.XXX.XXX.XX/share/page/" rel="nofollow noopener noreferrer">http://XXX.XXX.XXX.XX/share/page/</A><SPAN>' vs server &amp; context: </SPAN><A href="http://127.0.0.1:8181/" rel="nofollow noopener noreferrer">http://127.0.0.1:8181/</A><SPAN> (string) or </SPAN><A href="http://localhost:8181" rel="nofollow noopener noreferrer">http://localhost:8181</A><SPAN> (regexp)han</SPAN><BR /><BR /><SPAN>If I try access directly it's work but if I try access behind httpd show me the error above.</SPAN><BR /><BR /><SPAN>Someone have idea about how I can solve this problem?</SPAN><BR /><BR /><SPAN>Thanks.</SPAN><BR /></BODY></HTML> Mon, 06 Oct 2014 10:19:29 GMT rodrigorapozo 2014-10-06T10:19:29Z https://connect.hyland.com/t5/alfresco-archive/4-2-f-possible-csrf-attack-noted-when-asserting-referer-header/m-p/305640#M258770 Hello everyone,I have a problem after put my alfresco behind apache httpd:&lt;VirtualHost *:80&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ProxyPass /share http://127.0.0.1:8181/share&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ProxyPassReverse /share http://127.0.0.1:8181/share&lt;/VirtualHost&gt;Error: 2014-10-06 02:07:24,839&nbsp; ERROR [alfresco.web.site] [http-bio-8181- Mon, 06 Oct 2014 10:19:29 GMT https://connect.hyland.com/t5/alfresco-archive/4-2-f-possible-csrf-attack-noted-when-asserting-referer-header/m-p/305640#M258770 rodrigorapozo 2014-10-06T10:19:29Z https://connect.hyland.com/t5/alfresco-archive/4-2-f-possible-csrf-attack-noted-when-asserting-referer-header/m-p/305641#M258771 <HTML><HEAD></HEAD><BODY><SPAN>Have you tried to include </SPAN><A href="http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypreservehost" rel="nofollow noopener noreferrer">http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypreservehost</A><SPAN> directive?</SPAN><BR /><BR /><SPAN>You can also proxy using AJP protocol.</SPAN></BODY></HTML> Mon, 06 Oct 2014 12:48:30 GMT https://connect.hyland.com/t5/alfresco-archive/4-2-f-possible-csrf-attack-noted-when-asserting-referer-header/m-p/305641#M258771 angelborroy 2014-10-06T12:48:30Z https://connect.hyland.com/t5/alfresco-archive/4-2-f-possible-csrf-attack-noted-when-asserting-referer-header/m-p/305642#M258772 <HTML><HEAD></HEAD><BODY><SPAN>Hi, </SPAN><BR /><BR /><SPAN>AJP is not capable of dealing with heavy load. So if you have much traffic, try to go for a Filter instead.</SPAN><BR /><BR /><SPAN>Best,</SPAN><BR /><SPAN>Tim</SPAN></BODY></HTML> Wed, 13 Jul 2016 13:08:00 GMT https://connect.hyland.com/t5/alfresco-archive/4-2-f-possible-csrf-attack-noted-when-asserting-referer-header/m-p/305642#M258772 timharder 2016-07-13T13:08:00Z