On Wed, Aug 6, 2025 at 11:38 AM Shakir Idrisi <sha...@webuzo.com> wrote:
> Hi, > > I referred to the documentation, but my Nginx setup doesn’t have the > proxy_params file. So I manually added the proxy_set_header lines. However, > after logging in, pgAdmin4 was showing a blank page. > > *To fix it, I changed: proxy_set_header Host $host*; > *to: proxy_set_header Host $http_host;* > > After this change, it began to work. I just want to confirm — is this the > correct approach, or is it working by chance due to a header mismatch? > Both are different, and $host should be used. You can refer https://stackoverflow.com/questions/39715510/nginx-when-to-use-proxy-set-header-host-host-vs-proxy-host for more understanding. > > On Wed, Aug 6, 2025 at 11:00 AM Khushboo Vashi < > khushboo.va...@enterprisedb.com> wrote: > >> Hi, >> >> Please refer >> https://www.pgadmin.org/docs/pgadmin4/9.6/server_deployment.html#nginx-configuration-with-gunicorn >> for nginx configuration. >> >> >> On Wed, Aug 6, 2025 at 10:56 AM Shakir Idrisi <sha...@webuzo.com> wrote: >> >>> Hi, >>> >>> Apologies for the interruption. May I kindly ask if the configuration I >>> provided in my previous reply is correct? >>> >>> On Tue, Aug 5, 2025 at 4:57 PM Shakir Idrisi <sha...@webuzo.com> wrote: >>> >>>> Hi, >>>> >>>> I updated the configuration and it's now working. >>>> I'm using it *$http_host* instead of *$host* for the *Host *header. >>>> Just want to confirm — is this the correct and recommended way? >>>> >>>> location ^~ /pgadmin4/ { >>>>> >>>>> proxy_pass http://unix:/tmp/pgadmin4.sock; >>>>> proxy_set_header Host $http_host; # here i have changed $host to >>>>> $http_host >>>>> proxy_set_header X-Real-IP $remote_addr; >>>>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; >>>>> proxy_set_header X-Forwarded-Proto $scheme; >>>>> proxy_set_header X-Forwarded-Host $host; >>>>> proxy_set_header X-Script-Name /pgadmin4; >>>>> proxy_http_version 1.1; >>>>> >>>>> >>>>> proxy_read_timeout 300; >>>>> proxy_connect_timeout 60; >>>> >>>> } >>>> >>>> On Tue, Aug 5, 2025 at 2:55 PM Shakir Idrisi <sha...@webuzo.com> wrote: >>>> >>>>> Hi, >>>>> >>>>> Do you have any updates or suggestions that could help me further >>>>> debug this issue? >>>>> >>>>> On Tue, Aug 5, 2025 at 10:23 AM Shakir Idrisi <sha...@webuzo.com> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> Yes I have tried that conf which you have provided. >>>>>> I have mentioned that in my last reply that it is not working. >>>>>> Still getting blank page after login on https. >>>>>> >>>>>> On Tue, Aug 5, 2025, 9:53 AM Yogesh Mahajan < >>>>>> yogesh.maha...@enterprisedb.com> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> I have already provided the nginx configuration. Have you tried it? >>>>>>> Issues is clearly with Nginx config. >>>>>>> >>>>>>> Thanks, >>>>>>> Yogesh Mahajan >>>>>>> EnterpriseDB >>>>>>> >>>>>>> >>>>>>> On Mon, Aug 4, 2025 at 4:34 PM Shakir Idrisi <sha...@webuzo.com> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> I’ve tried the suggested changes, but I’m still encountering the >>>>>>>> same issue — a blank page appears after logging in over HTTPS. >>>>>>>> >>>>>>>> As a workaround, I modified the config_local.py file and set: >>>>>>>> *WTF_CSRF_CHECK_DEFAULT = False* >>>>>>>> >>>>>>>> With this change, pgAdmin works correctly on HTTPS. However, I >>>>>>>> understand that disabling CSRF protection is not recommended in a >>>>>>>> production environment, so I’m looking for a more secure solution. >>>>>>>> >>>>>>>> Here’s a snippet of my current *config_local.py* for reference: >>>>>>>> >>>>>>>> DATA_DIR = '/var/lib/pgadmin4' >>>>>>>> SQLITE_PATH = '/var/lib/pgadmin4/pgadmin4.db' >>>>>>>> SESSION_DB_PATH = '/var/lib/pgadmin4/sessions' >>>>>>>> STORAGE_DIR = '/var/lib/pgadmin4/storage' >>>>>>>> AZURE_CREDENTIAL_CACHE_DIR = >>>>>>>> '/var/lib/pgadmin4/azurecredentialcache' >>>>>>>> KERBEROS_CCACHE_DIR = '/var/lib/pgadmin4/kerberoscache' >>>>>>>> >>>>>>>> SCRIPT_NAME = '/pgadmin4' >>>>>>>> >>>>>>>> LOG_LEVEL = 'DEBUG' >>>>>>>> CONSOLE_LOG_LEVEL = 50 # INFO = 20, WARNING = 30, ERROR = 40, >>>>>>>> CRITICAL = 50 >>>>>>>> FILE_LOG_LEVEL = 20 >>>>>>>> LOG_FILE = '/var/lib/pgadmin4/log/pgadmin4.log' >>>>>>>> >>>>>>>> Could you please help me identify the correct settings to securely >>>>>>>> enable CSRF protection while ensuring pgAdmin functions properly over >>>>>>>> both >>>>>>>> HTTP and HTTPS under /pgadmin4? >>>>>>>> >>>>>>>>>
