Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

XSRF check failed - Confluence Docker behind Nginx-proxy with SSL

admin
admin May 3, 2019

When request HTTPS-POST on rest api, it returns 403 XSRF check failed. How should I config it correctly.

I am trying to use confluence docker behind nginx-proxy with SSL. I cannot find a complete blog or post which guide step by step. I have tried with HTTP, everything works well after turning off collaborative Editing.

My current setting works well at HTTPS - GET. It can load create/update page and save the post.  However it fails with HTTPS-POST on rest api.

Trial 1: current setting

Screenshot 2019-05-03 at 4.57.33 PM.png

Result: most works well. it can edit and save page.
except HTTP-POST /rest i.e. cannot insert image, cannot save draft.

 

Trial 2:

setting --env SCHEME and SECURE which are contribute to server.xml.

- CATALINA_CONNECTOR_SCHEME=https
- CATALINA_CONNECTOR_SECURE=true

Result:  everything returns 502

 

REFERENCE

Confluence Installation Guide

https://confluence.atlassian.com/doc/confluence-installation-guide-135681.html

atlassian/confluence-server

https://hub.docker.com/r/atlassian/confluence-server

Cross Site Request Forgery (CSRF) protection changes in Atlassian REST

https://confluence.atlassian.com/kb/cross-site-request-forgery-csrf-protection-changes-in-atlassian-rest-779294918.html?_ga=2.228715164.1845038987.1556781362-627796801.1556781362

Running Confluence behind NGINX with SSL

https://confluence.atlassian.com/doc/running-confluence-behind-nginx-with-ssl-858772080.html

 

Collaborative Editing Related

Possible Confluence and Synchrony Configurations

https://confluence.atlassian.com/conf613/possible-confluence-and-synchrony-configurations-964961556.html

Administering Collaborative Editing

https://confluence.atlassian.com/conf613/administering-collaborative-editing-964961548.html

Troubleshooting Collaborative Editing

https://confluence.atlassian.com/doc/troubleshooting-collaborative-editing-858772087.html

Collaborative Editing and Synchrony Troubleshooting

https://confluence.atlassian.com/confkb/collaborative-editing-and-synchrony-troubleshooting-858584399.html

Answer
Watch
Like Be the first to like this
1559 views

1 answer

0 votes
Stephen Sifers
Stephen Sifers
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 8, 2019

Hello Wayne,

Thank you for sending over very detailed notes, instructions, and screenshots for your issue. The key item I’m interested in is that you said you’re able to have a GET call response but your POST calls fail now with a 502 response. This is telling us that you’re able to respond with information but unable to pass information through your proxy. While I’m not adept with nginx, I have used reference material in the past to help others in similar situations. We do have a specific article which covers configuring nginx to proxy requests to Confluence. We would suggest reviewing this article to see if it helps with your Confluence instance accepting connections. You may find this article at How to use NGINX to proxy requests for Confluence.

If you’re still having the issue please do let us know and we will give a best effort to figure out what the cause might.

Regards,
Stephen Sifers

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
atlassian, jira, marketing project management, jira for marketers, agile marketing, campaign planning, marketing workflows, jira templates, atlassian learning, marketing collaboration, project tracking, marketing teams, jira training

Streamline Marketing in Jira 🖼️

Plan, prioritize, and deliver marketing projects seamlessly. See how Jira supports your team's success. Start today!

Start now! 🚦
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.