Recently I started having problems accessing my DD-WRT web interface via a subdomain of mine. For some reason the web interface would not apply any of the CSS styles and thus making it completely useless. After viewing page's source code using Chrome browser, I found out that clicking on any css links resolved in 400 Bad Request Cross Site Action detected!.
After some googling, I've stumbled upon a forum post that provided a solution, which is quite simple: remove the referer header from the request.
Here is how I did it:
- Enable mod_header:
sudo a2enmod headers sudo service apache2 restart
Add the following virtual host to your apache's config:
<VirtualHost *:80> ServerName mysubdomain.mysite.com ProxyPass / http://192.168.10.1/ ProxyPassReverse / http://192.168.10.1/ RequestHeader unset referer </VirtualHost>
Reload Apache's configuration:
sudo service apache2 reload
This solution was found in this forum post.