400 Bad Request for draytek web admin via Tunnel

Hi All, I’ve had a search around and couldn’t find any answers so asking here.

I have several Cloudflare Tunnels with multiple Public hostnames on each, all working flawlessly. All except one. I have a DrayTek router to which I want to access the web admin pages remotely.

The tunnel for this site is working and other web services on the same tunnel at that site work fine.

The Web Admin pages of the router are SSL only and on standard port 443. The initial login page connects and loads OK, but when trying to login I am presented with “400 Bad Request !!!, Your client sent a query that this server could not understand.” Local access to the same page/process works OK.

Given that the tunnel is established and working, the public hostname is configured and accessible and that the login page for this device loads OK. What else could/should I be checking or testing?

The full error quoted on the error page generated by the router is " HTTP/1.0 302 Found Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Location: / Set-Cookie: SESSION_ID_VIGOR=AwMmQ3NDFkZmNiYTgzNDk3ZD;path=/ Content-type: text/html This document has moved here."

Any advice and suggestions welcome, thanks

Hi @gavinhatton

The 400s, we suspect that the origin is responding with a 400 as it doesn’t like the request when it is proxied by Cloudflared. This is likely attributed to the Host Header.

The 400 will only be logged in the Cloudflared logs, if it is coming from the server and it has Debug logging enabled.