[homeassistant.components.http.ban] Login attempt or request with invalid authentication

To be able to access HQ from the Internet using the Mobile App, I forwarded port 8123 to port 8123 on my DMZ reverse proxy, which is now reachable as https://somedomain:8123. The reverse proxy is allowed to open an http connection to my ha_server (not HTTPS!).

In my HA config is just:
with no further options.

When connecting locally to http://ha_server:8123 the login works with TOPT.
When connecting from the Internet to https://somedomain:8123 after succesful authentication (otherwise i keeps asking for the right answer!) I get “Unable to connect to Home Assistant. Retry” in the browser.

In the Logfile [homeassistant.components.http.ban] Login attempt or request with invalid authentication from <ip_of_dmz_proxy>

I already tried:

  • base_url https://somedomain:8123 -> no effect
  • trusted_proxies: -> config check fails
    - ip_of_dmz_proxy
  • use_x_forwarded_for: true -> config check fails

It would be great if someone has an idea how to solve this with a reverse proxy in the middle (I want the traffic to be encrypted on the Internet!).

I found the solution:

You need to upgrade the reverse proxy connection to a websocket connection.

1 Like