Ethereum client-go RPC response 403 "invalid host specified"

Question

I'm running ethereum/client-go docker image with the following flags:

docker run -p 8545:8545 ethereum/client-go --rpcapi personal,db,eth,net,web3 --rpc --rpcaddr 0.0.0.0 --rpccorsdomain * --rinkeby

This image is running on machine A and I can query the RPC within it. But when I try to query it from machine B I receive the following response:

Request:

curl -X POST http://<machine_A_address>:8545 -H "Content-Type: application/json" --data '{"jsonrpc":"2÷.0","method":"eth_coinbase","params":[],"id":64}' --verbose

Response:

< HTTP/1.1 403 Forbidden
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Wed, 18 Apr 2018 14:58:44 GMT
< Content-Length: 23
< 
invalid host specified
* Connection #0 to host ... left intact

How can I query the ethereum client hosted on machine A from machine B ? Where I can find the ethereum client logs so I can debug it ?

Answer 1

or use --http.vhosts=* when --rpcvhosts=* is not a supported option

If you are running a private node, then you want to keep this setting off, but if you are forking the mainnet node then you want to turn this option on. In addition, if you want to restrict peers on your node, then use --netrestrict=CIDR netmask. The CIDR netmask is in the format 12.168.1.0/24

Use a VPN with Tunnel and VLan to create a new subnet to GETH and set the --netrestrict to the VLAN subnet.

Answer 2

Since --rpcvhosts is deprecated, you need to specify the flag --http.vhosts=<YOUR_DOMAIN>.

If you need an easy walkaround, you can set --http.vhosts=*, but this solution is a bad security practice.

Answer 3

Adding --rpcvhosts=* this flag solved the issue