Page 1 of 1

Wish to enable only api access externally. Using cloudflare tunnel, which I think messes it up

Posted: May 2nd, 2024, 11:44 pm
by dir
I only want to enable API (add nzbs) access externally. So I set external Internet Access to API (no config).
I'm using cloudflare tunnels, which means in order to access my sabnzbd server, I go to 'sabnzbd.blah.com'. This gets routed through their tunnel and over to my cloudflared, which then forwards it to my sabnzbd server. But of course sabnzbd reports:

Code: Select all

Refused connection with hostname "sabnzbd.blah.com" from: ::ffff:192.168.1.129 (X-Forwarded-For: nnnn:nnnn:nnn:nnnn::) 
and my web browser that's trying to go to sabnzbd.blah.com shows

Code: Select all

access denied - hostname verification failed: https://sabnzbd.org/hostname-check
My understanding that I need to add my external FQDN to host_whitelist. But if I do this, I gain full web UI access to sabnzbd, not just the API access I'd set up.

I suspect the problem is that adding 'sabnzbd.blah.com' to host_whitelist somehow ignores the 'External Internet Access' setting of 'API (no config)'. I've also tried setting this to API (Add NZB files) without success.

Is there a way to only enable API access externally when using cloudflare tunnels?