Unable to remotely access dashboard
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MicroStack |
Fix Released
|
Medium
|
Pen Gale |
Bug Description
I've installed microstack on a remote server. If I use sshuttle to vpn to that network and attempt to load the dashboard I get the following stack trace:
DisallowedHost at /
Invalid HTTP_HOST header: '192.168.9.37'. You may need to add u'192.168.9.37' to ALLOWED_HOSTS.
Request Method: GET
Request URL: http://
Django Version: 1.11.14
Exception Type: DisallowedHost
Exception Value:
Invalid HTTP_HOST header: '192.168.9.37'. You may need to add u'192.168.9.37' to ALLOWED_HOSTS.
Exception Location: /snap/microstac
Python Executable: /snap/microstac
Python Version: 2.7.12
Python Path:
['.',
'',
'/snap/
'/snap/
'/snap/
'/snap/
'/snap/
'/snap/
'/snap/
'/snap/
Server time: Thu, 14 Feb 2019 19:26:45 +0000
Changed in microstack: | |
status: | Fix Committed → Fix Released |
Right now, this is working as intended, since everything runs with default passwords, and we don't want to open up laptops running microstack to attack.
But I think that we should provide hooks to lock microstack down, security wise, and open it up to outside traffic, as there are many scenarios where this would be useful. We'll use this bug to publicly track the feature.