RadOD Posted May 17, 2020 Share Posted May 17, 2020 (edited) My syslog is overrun with wrong csrf_token errors generated from the unassigned devices plug in. This starts immediately after reboot with only one web browser page open so the faq does not seem to be relevant: https://forums.unraid.net/topic/46802-faq-for-unraid-v6/?do=findComment&comment=545988 It did not stop after uninstalling the plugin. It did not stop after reboot after uninstalling the plugin. There is no UnassignedDevices.php - at least in /boot/config/plugins/unassigned.devices May 17 08:11:06 NAS root: error: /plugins/unassigned.devices/UnassignedDevices.php: wrong csrf_token Edited May 17, 2020 by RadOD add Quote Link to comment
JorgeB Posted May 17, 2020 Share Posted May 17, 2020 https://forums.unraid.net/topic/46802-faq-for-unraid-v6/?do=findComment&comment=545988 Quote Link to comment
RadOD Posted May 17, 2020 Author Share Posted May 17, 2020 5 minutes ago, johnnie.black said: https://forums.unraid.net/topic/46802-faq-for-unraid-v6/?do=findComment&comment=545988 Yes, thank you. You might notice is you read the second sentence is that I have seen that. However, as of right now I am only using one browser on one computer after a fresh reboot. So do you mean I have to go find any and every instance of an open webpage on any computer I might have left open somewhere at any point in the past? And any phone or tablet that has ControlR? Because this could cover a seriously lot of hardware and a lot of square miles to find! Quote Link to comment
JorgeB Posted May 17, 2020 Share Posted May 17, 2020 2 minutes ago, RadOD said: So do you mean I have to go find any and every instance of an open webpage on any computer I might have left open somewhere at any point in the past? And any phone or tablet that has ControlR? If it's running yes. Quote Link to comment
RadOD Posted May 17, 2020 Author Share Posted May 17, 2020 netstat -vatn was able to find the source of the problem. Seems like there should be a server side solution to prevent this. After a time a client anywhere with a bad CSRF token causes parts of Unraid to stop working - possibly from spamming the syslog. How does this work with multiple users? Do administrators email all their users asking them to close their forgotten browswer tabs? Quote Link to comment
itimpi Posted May 17, 2020 Share Posted May 17, 2020 8 hours ago, RadOD said: netstat -vatn was able to find the source of the problem. Seems like there should be a server side solution to prevent this. After a time a client anywhere with a bad CSRF token causes parts of Unraid to stop working - possibly from spamming the syslog. How does this work with multiple users? Do administrators email all their users asking them to close their forgotten browswer tabs? Only the root user (i.e. Administrators) can successfully log into the Unraid Web GUI in the first place. Quote Link to comment
AndyT86 Posted November 1, 2020 Share Posted November 1, 2020 (edited) I Tried what you said. I got this: Ignoring all the 0.0.0.0: tcp 0 0 192.168.1.226:80 192.168.1.25:22943 ESTABLISHED tcp 0 0 192.168.1.224:80 192.168.1.25:21784 ESTABLISHED tcp 0 0 192.168.1.226:80 192.168.1.25:22443 ESTABLISHED tcp 0 0 192.168.1.226:80 192.168.1.25:20441 TIME_WAIT tcp 0 0 192.168.1.226:80 192.168.1.25:22952 ESTABLISHED tcp 0 824 192.168.1.226:80 192.168.1.25:22442 ESTABLISHED tcp 0 0 192.168.1.226:80 192.168.1.25:22842 ESTABLISHED tcp 0 0 192.168.1.226:445 192.168.1.25:22246 ESTABLISHED tcp 0 0 192.168.1.226:80 192.168.1.25:22440 ESTABLISHED tcp 0 0 192.168.1.226:80 192.168.1.25:22942 ESTABLISHED tcp 0 0 192.168.1.226:80 192.168.1.25:22441 ESTABLISHED *.226 is the server. as well as *.224 and some others- it has 6 NICs in total, at least 4 in use, one for BMC, 1 10Gb Direct Connection (both included in that 4- so 2 on general LAN, 1 direct 10gb to my usual PC, and 1 BMC on the LAN - a server controller that goes to BIOS and not OS). *.25 is my desktop. so the question I have is- now what? What do I do with this information. Do I need to aggressively shut down all the other LAN connections? ***** I should add- removing the plugin made things drammatically worse. Way more errors. That error- which totally innundated the log and ensured I could do nothing else until this was fixed- was - Nov 1 16:06:14 Unraid nginx: 2020/11/01 16:06:14 [error] 9257#9257: *36088 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.1.25, server: , request: "POST /plugins/unassigned.devices/UnassignedDevices.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "unraid.local", referrer: "http://unraid.local/Main" For completeness, the error with it installed is: Nov 1 16:14:46 Unraid root: error: /plugins/unassigned.devices/UnassignedDevices.php: wrong csrf_token This is irritating. And while not unfamiliar with linux, I am no pro, so I am out of my depth here. Edited November 1, 2020 by AndyT86 additional information Quote Link to comment
Squid Posted November 1, 2020 Share Posted November 1, 2020 Both of the errors are telling you that you have another browser tab (or device) actively sitting on the GUI for Unraid. csrf is an important security feature, and are assigned randomly at each reboot of the server. Quote Link to comment
AndyT86 Posted November 4, 2020 Share Posted November 4, 2020 Thanks, I did figure it out. I am not sure what worked. But restarting the Client PC seemed to bag them all. FWIW there were no visible tabs open than the one. But there must have been something lingering. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.