I have read through this guide, but am still having issues.
I have an Apache server handling reverse proxy for several internal servers, and all is working as expected. When accessing Home Assistant through the proxy, I can reach the login screen, but login fails with “Unable to connect to Home Assistant”.
Any help would be appreciated!
The following appears in the logs:
Logger: homeassistant.components.http.ban
Source: components/http/ban.py:80
Integration: HTTP ([documentation](https://www.home-assistant.io/integrations/http), [issues](https://github.com/home-assistant/core/issues?q=is%3Aissue+is%3Aopen+label%3A%22integration%3A+http%22))
First occurred: October 16, 2023 at 11:36:02 AM (10 occurrences)
Last logged: 11:26:57 AM
* Login attempt or request with invalid authentication from 163.116.249.34 (163.116.249.34). Requested URL: '/auth/token'. (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36)
* Login attempt or request with invalid authentication from 99-121-115-212.lightspeed.gdrpmi.sbcglobal.net (99.121.115.212). Requested URL: '/auth/token'. (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
Here is the http block in my configuration.yaml:
http:
ssl_certificate: /config/certs/<domain>.com/fullchain.pem
ssl_key: /config/certs/<domain>.com/privkey.pem
use_x_forwarded_for: true
trusted_proxies:
- <proxy server ip>
- 127.0.0.1
And here is the relevant entry in my apache config file:
<VirtualHost *:443>
SSLEngine on
ServerName hass.<domain>.com
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyPreserveHost On
ProxyRequests off
ProxyPass / https://<homeassistant_ip>:8123/
ProxyPassReverse / https://<homeassistant_ip>:8123/
ProxyPass /api/websocket ws://<homeassistant_ip>:8123/api/websocket
ProxyPassReverse /api/websocket ws://<homeassistant_ip>:8123/api/websocket
RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://<homeassistant_ip>:8123/$1 [P,l]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) https://<homeassistant_ip>:8123/$1 [P,l]
SSLCertificateFile /etc/letsencrypt/live/<domain>.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/<domain>.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>