Environment
- EDR Console: 6.2.4 and Higher
- EDR Server: 6.2.3 and Higher
Symptoms
Cause
Nginx is not forwarding the custom port in the header for CSRF
Resolution
- Open /etc/cb/nginx/conf.d/includes/headers.includes
- Find the following line
proxy_set_header Host $host;
- Edit to:
proxy_set_header Host $host:$server_port;
- Save and restart just the nginx service
CentOS 6: service cb-nginx restart
CentOS 7: sudo systemctl restart cb-nginx
Additional Notes
- Copy and pasting can cause additional hidden characters
- The change forces Nginx to send the port in the header to match what the CSRF originally had seen
Related Content