Added note about disabling CSRF in Web UI options

2025-12-17 14:08:03 -06:00 · 2021-09-17 15:42:44 -07:00
parent 65f163c378
commit 635aee7a1f
1 changed files with 2 additions and 0 deletions
--- a/IIS-ARR-Reverse-Proxy.md
+++ b/IIS-ARR-Reverse-Proxy.md
@@ -48,6 +48,8 @@ The result should look similar to this in your web.config (Note: you must use th
            </outboundRules>
 ```

+Additionally you must untick **Enable Cross-Site Request Forgery (CSRF) protection** in qBittorrent's Web UI options for the reverse proxy to work.
+
 You can use HTTPS to access the URL via IIS and it will use HTTP to communicate with qBittorrent. There is no need for HTTPS on localhost. 

 Note: If you find yourself seeing `WebAPI login failure. Reason: IP has been banned, IP: 127.0.0.1` and needing to restart qBittorrent, you may want to set the ban after failure count to `0` which will disable it.