Emby client on chrome shows "Forbidden" and site not secure

[Leonard OBoyle 0]

I have Emby server on a RasPi3 on my local network. I can access the server via ssh and 

when I curl --basic http://localhost:8096 -v

I get:

* Rebuilt URL to: http://localhost:8096/

*   Trying 127.0.0.1...

* TCP_NODELAY set

* Connected to localhost (127.0.0.1) port 8096 (#0)

> GET / HTTP/1.1

> Host: localhost:8096

> User-Agent: curl/7.58.0

> Accept: */*

> 

< HTTP/1.1 302 Found

< Location: web/index.html

< Server: Microsoft-NetCore/2.0

< Date: Thu, 13 Dec 2018 00:09:07 GMT

< Transfer-Encoding: Chunked

< 

* Connection #0 to host localhost left intact

 

Emby client on Chrome shows "Forbidden" and site not secure.

Cant figure this out.

[Luke 36992]

Hi, what url is in the address bar?

[Leonard OBoyle 0]

I got confused in documenting the situation. Here goes again.

From the server side (DietPi) , using the localhost URL , the client on DietPi works but I still get a

@connection not secure message.

Server side:

root@DietPi:~# curl --basic http://localhost:8096 -v
* Rebuilt URL to: http://localhost:8096/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8096 (#0)
> GET / HTTP/1.1
> Host: localhost:8096
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 302 Found
< Location: web/index.html
< Server: Microsoft-NetCore/2.0
< Date: Thu, 13 Dec 2018 18:36:36 GMT
< Transfer-Encoding: Chunked
<
* Curl_http_done: called premature == 0
* Connection #0 to host localhost left intact

 

When use a client on a separate machine I get

a Not secure message and Forbidden on the web page.

From the same PC

curl  -- basic http://192.168.1.14:8096

yields   Forbidden

 

I hope this is more clear.
 

[Luke 36992]

 

 

@connection not secure message.

 

This is normal because you're on http. You would have to setup https on your Emby Server if you'd like SSL. 

 

Can you show a screenshot of the browser contents from another machine? Thanks.

[Leonard OBoyle 0]

Screen on client PC attached

[Luke 36992]

Hi there, did you forget to attach it?

[Leonard OBoyle 0]

  Oops  - here it is

[Luke 36992]

Can you please try just putting this in the browser address bar:

http://192.168.1.14:8096

Let us know how that goes. Thanks.

[Leonard OBoyle 0]

Screenshot from http://192.168.1.14:8096

[Luke 36992]

So essentially you're able to able to access the web interface from the local machine, but not other devices, is that correct? This would sound firewall related, no?

[Leonard OBoyle 0]

Yes, you are right but I dont know how to debug this. My router indicates that address is "allowed" - any pointers to debug this will be appreciated.

[Leonard OBoyle 0]

I installed the PLEX  server on the same machine on 192.168.1.14:32400 and it works fine from a different machine.

[Luke 36992]

Can you attach the emby server log? thanks.

[Leonard OBoyle 0]

Latest log file

embyserver.txt

[Luke 36992]

As a test, can you try the beta package and see if that makes any difference? thanks.

[Leonard OBoyle 0]

Accidentally found the answer. The date/time on the RasPi server was wrong. After I set it to the correct time, all is OK. Thanks for the help.

I have another problem now though - the server stops intermittently . I'll try to capture in the logs and repost a new topic.

[Luke 36992]

Thanks for the feedback. Yes please provide a log from that and we're happy to help. Thanks.

[pcmills70 0]

I know I'm late to the party, but I just ran into this problem myself. I wanted to quickly share my experience. On my server, I host a few different services via Docker using Yacht. All of my other services were working fine, and Emby was the only one throwing the FORBIDDEN message. After a couple of days, I finally stumbled upon the answer to my situation.  I use Tailscale, a mesh vpn that uses Wireguard. After turning it off, then back on, it all started working again.

tailscale down

tailscale up

So my recommendation if you get the FORBIDDEN message is to reset your VPN if you use one.

[Luke 36992]

Thanks for the feedback.