After the Authentication Providers update that started the deprecation of Legacy API Password, my system is getting pounded by hundreds of errors that show something on my host IP is attempting to log into Home Assistant.
Login attempt or request with invalid authentication from 10.0.0.1
and
Login attempt or request with invalid authentication from 127.0.0.1
And the Notification within Home Assistant regularly shows:
Login attempt failed
Login attempt or request with invalid authentication from 10.0.0.1
My config currently shows this:
auth_providers:
- type: homeassistant
And I’ve gone through everything I can think of to ensure the legacy API password is not being used, but have come up short. Here are some other details about my configuration:
HA hosted in Docker on Synology NAS
Using MySQL db in Docker on Synology NAS for recorder
Using Unifi device tracker platform
Using Nabu Casa
Also have reverse proxy set up through Synology NAS (so SSL certificate and port management is managed there).
Any ideas or suggestions for what I can do to remove this error?
You’ve got almost identical setup as mine. I’m also getting 127.0.0.1 auth problem from time to time. I suspect someone is trying to log on via external IP via reverse proxy. The problm is that I think it’s the reverse proxy to blame for not showing the real, public IP of the person trying to log on.
Did you find a solution for this? There must be a way to force ngnx in Synology to pass the real IP instead of 127.0.0.1 to Home Assisatnt
haven’t figured it out yet, but I still get these all the time. I can tell it’s coming from me, so there’s still something in my config that is off…or not working with Nabu Casa in this configuration…
If it’s a reverse proxy, see the http: section in config, specifically trusted_proxies and x_forwarded_for - then you will see the real ip address. I also use the custom_component authenticated which makes a sensor showing ip address of last auth plus keeps a log file.
Correct! I introduced these to my setup shortly after posting this question. I’ve made some research and these things solved my problem. I can confirm to others that it’s working fine. Thanks for the reply anyway