ubuntu-16.04openvas

Greenbone Security Assistant 7.0.3 Host HTTP Header


Recently I've set up an Amazon EC2 instance of Ubuntu 16.04 that was authorized to scan an IP block. The version of GSA that I have installed is 7.0.3. Currently, I can locally access GSA through the EC2 instance or remotely using my public Amazon elastic IP.

Additionally, I've allowed external access to GSA's listening port from my IP block. Currently, I can access GSA without any problems using my instances static public IP over HTTPS.

The problem that I'm currently running into is accessing GSA using a FQDN.

For example, I want to be able to use https://gsa.mydomain.com My local DNS server has an A record with the FQDN and my EC2 instances public IP.

On my instance, I ran the following command.

sudo gsad --allow-header-host gsa.mydomain.com

However, browsing to https://gsa.mydomain.com produces the following error.

"The request contained an unknown or invalid Host header. If you are trying to access GSA via its hostname or a proxy, make sure GSA is set up to allow it."

Neither restarting GSA services or my instance had no effect.

Clearly, DNS is working but the host header command is not.

Any thoughts on how I can make this happen?

Additionally, for reference, I used the following URL

https://github.com/greenbone/gsa/pull/318


Solution

  • In ubuntu/debian edit /etc/default/openvas-gsa file and set ALLOW_HEADER_HOST=HOSTNAME where HOSTNAME is your host name in the browser address line.