Django 403 CSRF forbidden

The following error message:

Forbidden (403)
CSRF verification failed. Request aborted
More information is available with DEBUG=True

Might occur if you are using an apache / nginx running behind another Apache as a proxy.
To read more about CSRF go to wikipedia. It is basically an interception of a session exploiting the trust a browser has to a site.

So it is an security feature, that is interfered by the proxy.
You have most likely something like:

ProxyPass / https://$yourhost/
ProxyPassReverse / https://$yourhost/

In your apache config. That needs to be extended to:

ProxyPass / https://$yourhost/
ProxyPassReverse / https://$yourhost/
ProxyPreserveHost On

Quote from apache doc:

When enabled, this option will pass the Host: line from the incoming request to the proxied host, instead of the hostname specified in the ProxyPass line.

This option should normally be turned Off. It is mostly useful in special configurations like proxied mass name-based virtual hosting, where the original Host header needs to be evaluated by the backend server.

Apple OSX Maveric QNAP TimeMachine Probleme

Wer mit OSX 10.9 Probleme hat ein TimeMachine backup zu erstellen und den folgenden Fehler bekommt:

com.apple.prefs.backup.remoteservice[602]: Error while confirming network destination: Error Domain=NSOSStatusErrorDomain Code=64 "Der Vorgang konnte nicht abgeschlossen werden. (OSStatus-Fehler 64.)" (kOTSerialFramingErr / EHOSTDOWN: / Host is down)

bzw


NetAuthSysAgent[1071]: ERROR: AFP_GetServerInfo - connect failed 64

Kann mal versuchen den AFP Server manuell als TimeMachine Destination zu nutzen mit dem folgenden Kommando:


sudo tmutil setdestination afp://$QNAPTIMEMACHINEUSER:$QNAPTIMEMACHINEPASSWORD@$QNAPIPADRESS/TMBackup