altramarine 21 Posted December 14, 2016 Share Posted December 14, 2016 Emby 3.0.8500.0 CentOS 7.3.1611 nginx server in reverse proxy (with SSL cert) that forwards emby destined traffic to a different local server running emby I am trying to isolate an issue and would appreciate any guidance I can get. Today I tried accessing my emby server using emby app on iPhone6 (iOS10.1.1). While I was able to play videos and browse content, attempting to view photos resulted in an icon of a square instead of a photo. Nginx access log shows the following when I first connect to emby server via https : [14/Dec/2016:01:59:35 -0700] "GET /emby/system/info/public HTTP/1.1" 200 154 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" [14/Dec/2016:01:59:35 -0700] "GET /emby/system/info/public HTTP/1.1" 200 154 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" [14/Dec/2016:01:59:35 -0700] "GET /emby/users/public HTTP/1.1" 200 4 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" [14/Dec/2016:01:59:36 -0700] "OPTIONS /emby/Branding/Configuration HTTP/1.1" 200 0 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" [14/Dec/2016:01:59:36 -0700] "GET /emby/Branding/Configuration HTTP/1.1" 200 36 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" and the following when I attempt to view a photo: [14/Dec/2016:01:51:46 -0700] "OPTIONS /emby/Users/260d5779fde8465591853f596758c2c4/Items/61f2a22a9cad3b242c5d98cd6d88c043 HTTP/1.1" 200 0 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" [14/Dec/2016:01:51:46 -0700] "GET /emby/Users/260d5779fde8465591853f596758c2c4/Items/61f2a22a9cad3b242c5d98cd6d88c043 HTTP/1.1" 200 761 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" [14/Dec/2016:01:51:46 -0700] "OPTIONS /emby/Users/260d5779fde8465591853f596758c2c4/Items?MediaTypes=Photo&Filters=IsNotFolder&ParentId=31204eb0e8186def5dbf69b73dce1986&SortBy=SortName HTTP/1.1" 200 0 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" [14/Dec/2016:01:51:46 -0700] "GET /emby/Users/260d5779fde8465591853f596758c2c4/Items?MediaTypes=Photo&Filters=IsNotFolder&ParentId=31204eb0e8186def5dbf69b73dce1986&SortBy=SortName HTTP/1.1" 200 63351 "http://localhost:12344/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Mobile/14B100" However, when I open firefox browser on the same iPhone and access emby that way, it displays photos fine and I get the following in the nginx access log: [14/Dec/2016:01:58:08 -0700] "GET /web/index.html HTTP/1.1" 200 767 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /emby/Branding/Css.css?v=3.0.8500.0 HTTP/1.1" 200 0 "https://mydomainame.com/web/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /web/bower_components/emby-webcomponents/strings/en-US.json?v=1481705889011 HTTP/1.1" 200 16192 "https://mydomainame.com/web/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /web/strings/en-US.json?v=1481705889011 HTTP/1.1" 200 128133 "https://mydomainame.com/web/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /emby/Plugins/SecurityInfo HTTP/1.1" 200 67 "https://mydomainame.com/web/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /web/bower_components/emby-webcomponents/fonts/material-icons/2fcrYFNaTjcS6g4U3t-Y5ZjZjT5FdEJ140U2DJYC3mY.woff2 HTTP/1.1" 200 45648 "https://mydomainame.com/web/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /emby/system/info/public HTTP/1.1" 200 154 "https://mydomainame.com/web/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /emby/users/public HTTP/1.1" 200 4 "https://mydomainame.com/web/index.html" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /emby/users/public HTTP/1.1" 200 4 "https://mydomainame.com/web/login.html?serverid=f3d883f7b33446e89838c99d0415d8bc" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:58:09 -0700] "GET /emby/Branding/Configuration HTTP/1.1" 200 36 "https://mydomainame.com/web/login.html?serverid=f3d883f7b33446e89838c99d0415d8bc" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" and this when I view the same photo: [14/Dec/2016:01:51:03 -0700] "GET /emby/Users/260d5779fde8465591853f596758c2c4/Items/61f2a22a9cad3b242c5d98cd6d88c043 HTTP/1.1" 200 761 "https://mydomainame.com/web/itemlist.html?parentId=31204eb0e8186def5dbf69b73dce1986" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" [14/Dec/2016:01:51:03 -0700] "GET /emby/Users/260d5779fde8465591853f596758c2c4/Items?MediaTypes=Photo&Filters=IsNotFolder&ParentId=31204eb0e8186def5dbf69b73dce1986&SortBy=SortName HTTP/1.1" 200 63351 "https://mtdomainame.com/web/itemlist.html?parentId=31204eb0e8186def5dbf69b73dce1986" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) FxiOS/5.3 Mobile/14B100 Safari/602.2.14" what is this http://localhost:12344 emby ios app is looking for? I do not have anything of sorts in my network. I know for a fact emby app was working fine before. The 2 major changes that may have affected it are: servers running emby and nginx were updated from CentOS7.3.1511 to 7.3.1611 I re-installed emby server a week ago, but everything else is working fine. (Kodi, Chrome/Firefox browser) Any ideas? Many thanks! Link to comment Share on other sites More sharing options...
Luke 37071 Posted December 14, 2016 Share Posted December 14, 2016 Hi, can you please attach the complete emby server log? thanks. the localhost:12344 is an http server mounted inside the ios app. 1 Link to comment Share on other sites More sharing options...
altramarine 21 Posted December 15, 2016 Author Share Posted December 15, 2016 Thanks for the info about the address. I stopped and restarted the emby server and replicated the issue, then grabbed the log. Here is the log file: http://dpaste.com/3SAE8ZQ I hope that has sufficient info. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted December 16, 2016 Share Posted December 16, 2016 This is confirmed by me as well.. on beta iphone app. Images show when bypassing reverse proxy though. Not sure the cause yet. Also seems to affect the users logo in the top right (second image). Only full sized images when clicked on have an issue for me, thumbnails show up fine. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted December 16, 2016 Share Posted December 16, 2016 (edited) Looks like when using HTTPS ONLY... I would venture to say when using HTTPS via the IOS app this happens regardless of nginx. Edited December 16, 2016 by pir8radio Link to comment Share on other sites More sharing options...
Luke 37071 Posted December 16, 2016 Share Posted December 16, 2016 Thanks for the report. Link to comment Share on other sites More sharing options...
altramarine 21 Posted January 3, 2017 Author Share Posted January 3, 2017 hey @@pir8radio, were you able to bypass this issue? I just added emby app on my ipad using http/internal IP and images show fine to reinforce that this behavior is https specific. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted January 3, 2017 Share Posted January 3, 2017 hey @@pir8radio, were you able to bypass this issue? I just added emby app on my ipad using http/internal IP and images show fine to reinforce that this behavior is https specific. No, I think this is an app issue that they will have to fix.. Link to comment Share on other sites More sharing options...
CloseTurkey 2 Posted March 4, 2018 Share Posted March 4, 2018 Im also having this issue in a reverse proxy environment. Is this being actively investigated? I can see this post is over a year old Link to comment Share on other sites More sharing options...
Luke 37071 Posted March 4, 2018 Share Posted March 4, 2018 @@pir8radio is this still an issue for you? Link to comment Share on other sites More sharing options...
CloseTurkey 2 Posted March 4, 2018 Share Posted March 4, 2018 Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted March 4, 2018 Share Posted March 4, 2018 (edited) @@pir8radio is this still an issue for you? No, I have not had this issue for a long time. I'm not sure when it got fixed. Edited March 4, 2018 by pir8radio Link to comment Share on other sites More sharing options...
Luke 37071 Posted March 4, 2018 Share Posted March 4, 2018 thanks for the feedback. Link to comment Share on other sites More sharing options...
Harbinger1080 3 Posted May 17, 2018 Share Posted May 17, 2018 (edited) I just experienced this myself tonight... I have fail2ban ban IPs after 5 403 responses in 10 minutes, and this issue tripped it. This device was remote from my network. just a quick sample from the nginx access log: XX.XXX.XXX.XXX - - [16/May/2018:18:01:55 -0400] "GET /system/info/public HTTP/1.1" 403 162 "http://localhost:12344/index.html""Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E302" XX.XXX.XXX.XXX - - [16/May/2018:18:05:00 -0400] "GET /system/info/public HTTP/1.1" 403 162 "http://localhost:12344/index.html""Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E302" XX.XXX.XXX.XXX - - [16/May/2018:18:12:22 -0400] "GET /system/info/public HTTP/1.1" 403 162 "http://localhost:12344/index.html""Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E302" XX.XXX.XXX.XXX - - [16/May/2018:18:14:27 -0400] "GET /system/info/public HTTP/1.1" 403 162 "http://localhost:12344/index.html""Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E302" XX.XXX.XXX.XXX - - [16/May/2018:18:14:27 -0400] "GET /system/info/public HTTP/1.1" 403 162 "http://localhost:12344/index.html""Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E302" XX.XXX.XXX.XXX - - [16/May/2018:18:14:27 -0400] "GET /system/info/public HTTP/1.1" 403 162 "http://localhost:12344/index.html""Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E302" Edited May 17, 2018 by Harbinger1080 Link to comment Share on other sites More sharing options...
Luke 37071 Posted May 17, 2018 Share Posted May 17, 2018 Did you resolve it? Link to comment Share on other sites More sharing options...
Harbinger1080 3 Posted May 17, 2018 Share Posted May 17, 2018 Did you resolve it? I did not-- I'm not sure what the fix is? I unblocked the IP in fail2ban, but I don't really understand the root cause. Is it an outdated/bad version of the IOS app? Link to comment Share on other sites More sharing options...
Luke 37071 Posted May 17, 2018 Share Posted May 17, 2018 Have you tried disabling fail2ban altogether? Link to comment Share on other sites More sharing options...
Harbinger1080 3 Posted May 17, 2018 Share Posted May 17, 2018 Yes, if I disable fail2ban it doesn't block the IP address and the device can connect. However, I do want to block IPs that repeatedly hit 403 responses, as those are frequently bots probing my IP. I'm more interested in why so many hits like that come through to my server? Link to comment Share on other sites More sharing options...
Luke 37071 Posted May 17, 2018 Share Posted May 17, 2018 So many hits like what exactly? Link to comment Share on other sites More sharing options...
Luke 37071 Posted May 17, 2018 Share Posted May 17, 2018 Those 403 urls you posted above are just the app trying to connect with previously saved credentials that may no longer be valid. i wouldn't block those with fail2ban. Link to comment Share on other sites More sharing options...
Harbinger1080 3 Posted May 17, 2018 Share Posted May 17, 2018 Those 403 urls you posted above are just the app trying to connect with previously saved credentials that may no longer be valid. i wouldn't block those with fail2ban. Ah, maybe that's it then-- the device may not have been used for a while and credentials were old. I'll double check-- thanks! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now