412 Precondition Failed
Published 9 months ago
Published 9 months ago
Hazal Alenazi
Updated 9 months ago
0
Dears,
I hope my topic find you well,
Recently I face an issue after we integrate SafeLine WAF showing status code 412 and keep requesting like around 500 request in 15s, I disabled all ATTCKS options and in Custom NGINX Config I added this:
'''
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_request_buffering off;
proxy_buffering off;
proxy_redirect off;
proxy_pass_request_headers on;
'''
And AUDITED MODE in enable, and still get this error code.
If anyone face this issue before may help me? or can explain this behaver that would be appreciated.
Regards,
Hazal Alenazi
Carrie-SafeLine
Updated 9 months ago
0
Hi Hazal, the status code 412 is not returned by SafeLine. It's from the upstream server. You need to checks the logs of your upstream server
Hazal Alenazi
Updated 9 months ago
Hi Carrie,
I checked the upstream logs and find this error message "message":"CSRF check failed","exception":{},"CustomMessage":"CSRF check failed"
and add this below to custom NGINX Config after reaching there Nextcloud support:
proxy_set_header OCS-APIRequest $http_ocs_apirequest;
fastcgi_param HTTP_OCS_APIREQUEST $http_ocs_apirequest;
Also, they clarify that Nextcloud has its own CSRF Protection.
Regards,
Hazal Alenazi