HTML5 client use few different technics to prevent potential security breaches by hacker activities. But by usage of third part custom load balancers or specific unknown (reverse)proxies such requests may be wrongly considered as potential security breach and so causing false positive non working state. To disable these checks entirely do also following.



1. Locate *\Clients\webserver\settings.bin and open it with Notepad

2. add as last lines following content

ip_equality_check=false

websockets_origin_host_match=false

x_ip_forward_header_match=false

approve_by_client_cookie=false

approve_by_cookie=false
browser_user_agent_check=false
timing_equality_check=false

page_refresh_from_same_ip=false

 


4. save that file and restart html5 server in AdminTool GUI to take these changes effect.

5. Close the browser completely to clear its temporary cache and retry again, that is mandatory step!




Sometimes it is not necessary to disable all checks above so you can disable only those checks that cause incompatibility on your side, especially "ip_equality_check", "websockets_origin_host_match" and "approve_by_client_cookie" may be most problematic settings. This can be caused by Load Balancers that generate new IP path to your target server through different servers, or when proxy passes Websocket connection not "as is" but as separate Websockets client instance with future data showeling, or when the path of HTTP request gets rewritten and doesn't match with in-browser-address path. Sometimes users browsers go through different proxies on customers side, as example some Androids go through Google's proxy servers for HTTP requests but at same time direct for Websockets connection, that causes finally IP mismatching since such behavior may be the indication of possible hacker activities and gets prevented by HTML5 client already on the stage before sending users data to server.