Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

Login failed because of invalid referer header


I am deploying F5 after Azure Application Gateway:

My setup:

internet > Azure Application Gateway (http://<Public IP:8443>) > F5 (https://Private IP:8443)

I am able to access the F5 default login page through Azure App GW . But, when i put the user and password it is giving below error :



This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.



When i check the console F5 log in tail -f /var/log/httpd/httpd_errors it is giving below error:

May 29 13:07:45 localhost.localdomain err httpd[11975]: [f5_auth_cookie:error] [pid 11975] [client x.x.x.x:29516] Login failed because of invalid referer header., referer: http://<PUBLIC IP of APPGW>:8443/tmui/login.jsp

1. I am able to login F5 bypassing Application Gateway without any issue.

2. I got this article and tried multiple value for referer header but no luck.

3. I am runinng 17.x version software

Can someone please help if i am missing something here 



Hi Srj73,

Can you change the service to https on Azure Application Gateway? This warning seems to occur because there is no TLS and referer header contains http.

Now, I changed to HTTPS  on AzureGW

Same error i am getting:


May 29 14:49:31 localhost.localdomain err httpd[3993]: [f5_auth_cookie:error] [pid 3993] [client <private ip>:47018] Login failed because of invalid referer header., referer: https://<Public IP of AZGW>/tmui/login.jsp

Hi Srj73,

I tested using a different proxy instead of AzureGW.

  • There was no problem with the default settings.
  • When I changed the referer header in proxy, I got the same error.
err httpd[28597]: [f5_auth_cookie:error] [pid 28597] [client] Login failed because of invalid referer header., referer:
  • When I deleted the referer header in proxy, I got the below error.
err httpd[29765]: [f5_auth_cookie:error] [pid 29765] [client] Login is not permitted without a valid referer header or forwarded header when sys db variable systemauth.permitloginwithoutheaders is disabled.

The following method can be applied as a workaround.

  • Remove Referer header on AzureGW.
  • Change db parameter.
tmsh modify sys db systemauth.permitloginwithoutheaders value enable
  • Save config and restart httpd service.
tmsh save sys config
tmsh restart sys service httpd


Now, I have done few change

1. AppGW (port:https [earlier http on 8443]) > F5 (port:https[earlier https on 8443]) (This step is different and New Today)

2. Enabled systemauth.permitloginwithoutheaders (yesterday i enabled it during troubleshooting)

3. deleted the Refereal Header, (yesterday, i tried this step)


then it started giving below error


"May 29 17:02:31 localhost.localdomain err httpd[17412]: [auth_pam:error] [pid 17412] [client] AUTHCACHE Error processing cookie VKJ4PU96LUgjepNSy1L6HUVOWJNWwr0v7s3C69RO - Cookie impersonation detected from client IP to client IP"


4. Then as per article i done the step

5. Now, I am able to access the device



So everything works properly, now?