Matomo behind IIS proxy, login fails

dhealy · August 29, 2019, 9:04am

I have successfully installed Matomo on IIS 10 on Windows Server 2012, sitting behind a reverse proxy (IIS 8 on Windows Server 2012 using IIS’s Application Request Routing module).

However I can’t login to Matomo once installed.

The installer has correctly detected it is behind a proxy and has added

proxy_client_headers[] = "HTTP_X_FORWARDED_FOR"

to /config/config.ini.php, however trying to sign in to Matomo I am seeing the following message:

The Referer header appears correct - it’s set to the domain used for the site binding on the proxy - and I can also see that the MATOMO_SESSID cookie is set to this domain.

So I’m unsure why logging in is failing.

Has anyone successfully set up Matomo behind an IIS proxy?

matthieu · August 30, 2019, 7:25am

Hi there,
Yes, many people setup Matomo behind a IIS proxy, it should work fine.
Can you try to add instead proxy_host_headers[] = HTTP_X_FORWARDED_HOST ?

dhealy · August 30, 2019, 10:49am

Hi Matthieu,

I have replaced proxy_client_headers[] = "HTTP_X_FORWARDED_FOR"
with proxy_host_headers[] = "HTTP_X_FORWARDED_HOST" in my config.ini.php as suggested.

However I am still seeing “Error: Form security failed” on login.

Output from Firefox’s Developer Tools Network tab below:

dhealy · August 30, 2019, 10:50am

Same from the Storage tab, showing the MATOMO_SESSID cookie being stored:

lTmxrb5ICR

matthieu · August 30, 2019, 11:02am

HI @dhealy can you reach out to us via Contact the Piwik team - Analytics Platform - Matomo
and describe issue and a link to this forum post and we’ll proceed and help troubleshoot, if possible. Thanks

dhealy · August 30, 2019, 11:19am

Thanks Matthieu, I have sent a message through the contact form as requested.