Possible cross-site request forgery with IP address


RT has detected a possible cross-site request forgery for this request, because the Referrer header supplied by your browser (10.x.x.x:80) is not allowed by RT’s configured hostname ( or whitelisted hosts (localhost:80,10.x.x.x:80). A malicious attacker may be trying to perform actions on your behalf. If you did not initiate this request, then you should alert your security team.

I added the following:

To this file:

I also tried this one:

I rebooted the server

I also tried adding both of them at the same time

None of these solved my issue

Any suggestions?
Thank you!


if you’re using qw then you should be separating things with spaces.
I.e. both of these are valid:


thank you for the easy fix