I’m trying to get a new HA installation to work with an IIS reverse proxy. I’ve spent all day on this, read countless posts but am getting a problem that I haven’t seen reported anywhere.
I’m using the VM installation running on Hyper-V (Windows Server 2019). I updated to the latest software before I started configuring anything, Home Assistant OS 5.8 and Home Assistant 2020.12.0.
If I try to access HA via the proxy I get a “400: Bad Request” page.
When I check the log, I see:
‘2020-12-14 17:01:29 ERROR (MainThread) [homeassistant.components.http.forwarded] Invalid IP address in X-Forwarded-For: 192.168.2.123:63146’
The IP is the address of my workstation.
I do not understand this error message! What is “Invalid” about it? I have no issues logging in directly to the HA server from the same IP.
As a test, I deliberately tried putting in the wrong IP for the “trusted_proxies”. Then I could login fine! However the log brought up lots of errors all of the format:
‘2020-12-14 16:36:52 WARNING (MainThread) [homeassistant.components.http.forwarded] Received X-Forwarded-For header from untrusted proxy 172.16.1.1, headers not processed.’
What appeared to be happening is that the HA server was ignoring the x_forwarded_for value and treating all the requests as though they were originating from the IIS server.
Does anybody have any suggestions how I can fix this?
I fixed the issue myself so am posting a follow-up in case anybody experiences the same problem.
It finally dawned on my why I got the “Invalid IP” error; it was because x_forwarded_for included the port as well as the IP. HA doesn’t like this!
Application Request Routing in IIS allows you to specify the option “Include TCP port from the client IP”, once I had disabled this then my reverse proxy configuration worked. I have never had an issue with this with other software, who seem to accept the client IP with the port but HA clearly doesn’t support this. I just need to check that changing this setting doesn’t break any of my other proxied sites.
I had this working with IIS and Hyper-V in Home Assistant Core version: core-2021.6.6.
When I upgraded to core-2021.7.x and core-2021.8.x I am getting the same error as reported above in my log files.
In my configuration file I have the following: