I have vaultwarden installed on my unraid server as a docker container along with android and Firefox clients. I’ve noticed that I have to relogin to these clients almost every day or every few days despite clicking ‘remember me’ and never logging out. And when I login in again, it requests my 2fa again as well. Any idea what might be going on here? TIA
What is your setup on the server side?
Is the date/time correct on all devices and the server?
Sorry for late reply. Vaultwarden runs as a docker container on my unraid server, which is then externally exposed using traefik reverse proxy. I’ve got some some security headers middleware running on the traefik reverse proxy. Could this cause the problem? The date and time should be accurate but I’m not sure how to check this. My phone and laptop definitely have the same date and time
First place to start is
/admin/diagnostics., that will tell you a bunch of stuff.
Some security headers could cause issues, bit also items like ModSecurity or WAF could cause issues for example.
Check the logs of both the browser (F12), and of Vaultwarden and see what it reports.
Ok I’ll have a look tonight when I get home. I don’t run modsecurity however I do run crowdsec but I have the vaultwarden collection installed so I assumed this was ok
I just checked diagnostics page and the only errors were in the domain section: no match and no https
I fixed the https error by correcting the domain url to include https
As for the no match error, I was using IP Address rather than domain name to access the container. Should I not do this? I read on the hardening guide something about not allowing IP address access to admin page
Check the logs to see what it reports.
There are a lot of ‘unable to download icon’ errors but i assume these are unimportant. Besides those, there are two other repeated errors:
[rocket::server][WARN] Received SIGTERM. Requesting shutdown.
[error][ERROR] 2FA token not provided
Could either of these point to the problem? Thanks again for your help
I’m still having this problem with bitwarden constantly logging out. My Android app logs out almost everyday and the only error in the log seems to be the 2FA token not provided. When I looked this error up, it’s apparently related to the reverse proxy changing the headers. I run Traefik with security headers middleware so turned this off but I still have the problem. I’m also running crowdsec and geoblock middleware but these don’t change headers as far as I know. Anything else I can try?