[NextCloudPi] Invalid Origin error

I’m not sure what I did, but I think I broke the NCP web interface a little. Everything else seems to be working fine – SSH, my WordPress install, NextCloud, encryption, NAS, etc. but when I try to do anything in the NCP web panel, I get “Invalid origin” errors (e.g., in nc-backup, letsencrypt, etc.). The System Info page looks good - everything appears Up and Running.

Unfortunately, I don’t know what I might have done and Google searches reveal nothing on the error. The last thing I did was play around with Certbot to get my domain up and running smoothly (which it is now).

Thanks for any help in the right direction!

I am not exactly sure of what you mean, but there is some protection in ncp-web that verifies the origin. Do you have a screenshot of the error? what URL/IP/Domain are you using for ncp-web?

First of all, thanks so much for NCP! It’s been a wonderful tool and I definitely appreciate all the work you’ve put into it.

As for the URL, I’m using 192.168.1.4:4443

There’s not much to see from the picture other than the words “Invalid origin” in all the boxes, no matter if I’m turning something on or off.

invalid_origin

I just want to point out, though, that this is likely something I did while playing around in SSH, so don’t feel you need to spend time on this :slight_smile: I was wondering if someone else had ran into this problem as well and there was an easy fix… for now, ncp-config works just fine.

are you using HTTPS? I mean, is it https://192.168.1.4:4443 what you type in your browser?

You’re absolutely right! I guess playing with the SSL certificates broke something. I created self-signed one using:

openssl req -x509 -out localhost.crt -keyout localhost.key
-newkey rsa:2048 -nodes -sha256
-subj ‘/CN=localhost’ -extensions EXT -config <(
printf “[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth”)

and added the following lines to /etc/apache2/sites-available/ncp.conf (underneath DocumentRoot):

SSLEngine on
SSLCertificateFile “localhost.crt”
SSLCertificateKeyFile “localhost.key”

(and restarted Apache).

Learning…

Thanks :blush: