I’m having the same problem but the above solution didn’t fix the issue. I notice there is a note at the bottom of that custom config page that suggests that set_header won’t work if inputted here?
I did as the note suggested:
But the issue still persists. Sigh.
Same issue here. My Android companion app doesn’t work outside of local LAN. However geo tracking does work (so there is some connection to HA).
Anybody already found how to solve this?
Same config, same issue. Works fine if I use the external URL in a browser (request authentication, and loggin in works fine) but fails with the app.
It seems the app doesn’t request authentication.
Internally I use a trusted network value, so no authentication asked, and the app works fine.
i fixed this by logging out of the app. Disabling wifi so i was sure i was not accessing locally. Then entered the URL i use for HA (so no auto-detect). And login.
After this everything is working for local and remote through app.
For me it work went i set the Connection header like this.
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
Could you help me with a print screen please? thanks!
had similar problem and did it as you mentioned and it worked 
For me the solution was to enable Websockets support in the proxy host settings in NGINX.
I found the soultion on reddit by iEatSponge:
This took me an hour to fix. I’m running home assistant in a docker container with nginx proxy manager in a separate container. I had everything set up properly, except I needed to check “Enable Webhooks Support” for my proxy host in nginx.
You don’t need to add the custom configuration. Hope it works for you
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;
to nginx under location worked for me
Thank you! That was the right solution for me.
NGINX running on opnSense Firewall, and HA exposed to the Internet via that.
This did it for me! Thanks
I don’t have Nginx or duckdns addon and I am getting this error when I’m accessing from my Android app outside of my LAN while connected to Wireguard VPN. Why do I need a certificate if I’m accessing http localhost:8123 URL? I also have a nabu casa URL which should take care of the certificate if I’m not connected to Wireguard. Is there a way to whitelist the wireguard public IP?
How did you configure this in the opnsense nginx? Where is the setting for websockets?
Not sure if this is exactly the same issue, but from nowhere I started to have a similar issue with the same error message in the logs.
Anywhere from just seconds after I logged in to after a minute or two my gateway IP was blocked when I logged in with my regular desktop browser resulting in me being locked out from Home Assistant. The only (temporary) fix was to clear ip_bans.yaml and restart Home Assistant, but the gateway IP would again be blocked as soon as I logged in.
My nginx config already had the proxy_set_header configuration suggestion in this thread, so that didn’t solve. But then I saw this post on GitHub:
I realized that this started to happen after I had logged in to Home Assistant and clicked to save the credentials in the keychain and use Safari autofill. All the login attempts after that using the autofill were IP blocked shortly after login.
I cleared ip_bans.yaml, restarted Home Assistant, logged out and then logged in by entering the login credentials manually instead of using autofill. To my surprise it worked, no more IP banning. One day later and the session/authentication is still working, and I could reproduce this on both my machines that both had this issue.
So using a password manager autofilling the login credentials appear to somehow create a successful login but one that isn’t persistent.
This fixed my issue!
I deleted the saved password in my Android Firefox, and everything worked.
Odd.
Thanks martin!
Thanks man! Worked like a charm!
I was facing the same issue on my Synology NAS
Here’s my (similar) working setup in reverse proxy configuration:
[quote=“martin_h, post:21, topic:373848”]
Can you please tell me where this file exists?
