I do also randomly get login attempt warnings with my router IP. Maybe a tablet or other device on my LAN are causing it.
When I test from WAN I get the correct public client IP (not the router IP). But all devices coming from my LAN subnet gets the router IP in the ban-log.
I don’t really understand why…
Oops, I fixed this.
I did not check it, I’m not sure it’s all, it seems to me that we need to change more, I do not have time to mess with it at the moment, I would love if someone could do it
Are you still experiencing this issue? I’ve not seen it happens for a long time now.
Still happening here (not IOS related)
There are also other cases (bugs, to be sure, but a whitelist would make these significantly less annoying).
Today I was browsing the media sources
from the UI, and when I tried clicking a couple of files (images), I was all of a sudden banned. No login attempts (I mean, I can’t speak for what was going on under the hood), just trying to view a file in a browser tab where I was already logged in.
You could use the following g to get some more insights on what‘s going on related to authentication
- successful ones: https://github.com/custom-components/authenticated
- failed ones: Command line Sensor - Home Assistant
I created a notification automation based on those two sensors to get notified bout logins from new IPs and new failed logins.
That of course does not help to find out WHY a device created a failed login, but it helps a bit to sort things out.
I regularly see failed attempts (all from trusted devices) and rarely my devices get locked out (maybe once every 2 to 3 months), something seems to be a bit broken with the whole authentication thing in HA.
This feature is needed as Home Assistant’s IP ban feature is all but broken currently.
I’ve witnessed all clients (iOS, Android, Chrome on PC) having valid logins get banned due to authentication failures with a threshold set as high as 45 attempts before ban. Regardless if connecting to the internal IP or external url which first goes through caddy-docker-proxy.
It seems to be related to stale cache/authentication, as it happens very reliably after performing a Home Assistant major version update if you leave a dashboard open while Home Assistant restarts the new container.
It seems to be correlated to the cards utilized on the dashboards, with those that will automatically attempt reconnects (like the Frigate card) reliably banning clients quickly.
I am also experiencing the same problem where my phone and tablets(both Android devices) are getting banned. I was shocked to see there was not an IP Allowlist option for HTTP, which does breaks the IP Ban option.
I have always had this issue of getting my IP banned but it was infrequent enough that I lived with it but I recently migrated from ZoneMinder to Frigate and started experiencing this issue frequently.
Now I have to disable the IP Ban option, this is a security issue.
I am behind cloudflare, when some people get banned, cloudflare Ip is getting banned… Not speaking about my ios/android devices getting banned sometimes
Confirming i have the same issue, internal IP keeps getting banned for no apparent reason and i have to remove the ban every few days
Same here - bans my tablet every 3rd day
From info found elsewhere, it seems linked to UI cards displaying camera pictures. There is a bug somewhere with the associated tokens or something like that, and if you leave a view/tab with such a card displayed, then come back after a while, it causes an unauthorised access attempt.
I avoided most of the bans by removing all camera cards from the main view, but it still occurs when I (or a family member) leaves a view with cameras open and forget to switch back to the main tab without cameras.
On a tablet used as a kind of wall dashboard, always displaying cameras, I managed to have the view refreshing (reloading) every 5 minutes, and it seems to be a valid workaround.
It is definitely that bug that should get solved, but a withelist would help in the meantime.
i’m experiencing the same problem with the Dwains dashboard. everytime i open it it bans my ip (external or internal)
I just ran in this issue, it’s a really useful request
sub’d… dealing with ip ban daily now.
had to get everyone in the family to restart their phones to clear my issue.
FWIW I’ve been experiencing this for the past few months. The things that I know have changed:
- Keeping Home Assistant upgraded (aka I’m running the latest softwares)
- Moved to using Cloudflared for remote access
The only issue I’ve had is regarding the IP bans.
My internal IPs are being banned for some devices, that use internal access only, and some are being banned from use of the Android companion app. When it’s internal I am seeing the internal IP, like 192.168.x.x, and externally I’m seeing my static external IP.
Given that both external and internal IP’s are being banned I’m apprehensive to say that it’s something to do with Cloudflared but it is a bit suspicious since it started happening only after changing to using Cloudflared. That said, though, it wasn’t an instant affect. I had been running Cloudflared for a month or so before I started seeing these bans.
Yup, I added some camera cards in a new tab and it started happening, never happened before.
I also have this issue. Started about 2 weeks ago on version 2022.2.6. Cant remember doing anything to my setup the last month or so. It only happens to one device which is a wall mounted android tablet.
I don’t have a camera card and I am not using Cloudflare.
Update:
I believe my problems was caused by a custom component (Weather Card) that made Chrome constantly crashing (up to 30 times per minute!) and restarting on my tablet, and sometimes when it restarted it was not correctly authorized.
ditto all that shows in the logs is this, 3 of these and then my phone locked out, ( would say it happens now 4 times a day, reinstalled the app and still the same.
2022-06-07 17:28:14 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from RedmiNote9Pro-MarksP.mydomain.co.uk (::ffff:c0a8:240). (okhttp/4.9.1)
2022-06-07 17:28:14 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from RedmiNote9Pro-MarksP.mydomain.co.uk (::ffff:c0a8:240). (okhttp/4.9.1)
2022-06-07 17:28:14 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from RedmiNote9Pro-MarksP.mydomain.co.uk (::ffff:c0a8:240). (okhttp/4.9.1)
2022-06-07 17:28:14 WARNING (MainThread) [homeassistant.components.http.ban] Banned IP ::ffff:c0a8:240 for too many login attempts
For me the trouble is that the banned IP is 127.0.0.1 due to too many login attempts what makes Nabu Casa stop to work. It have happened twice in the last 2 months.
Luckily local IP address keeps working and it is easy to solve, but it may be a problem if it caughts me out of home since Nabu Casa is my remote login method.