Problem

After upgrade to B2Bi 2.6 UP 2022-10, it is no more possible to access to the UI.
HTTP ERROR 400 Host not allowed

URI:/ui/
STATUS:400
MESSAGE:Host not allowed

Resolution

According to the security guide it is mandatory to edit <B2Bi_installation_directory>/Interchange/webapps/jettyCn.xml file
https://docs.axway.com/bundle/B2Bi_26-UP2022-10_Se...

Important information about the way to configure is :

Define the host header whitelist
Defining the host header whitelist lets you ensure that requests coming from hosts not included in the whitelist are rejected. Even if the user does not define the host header whitelist, the format of the host is validated, eliminating the possibility to inject a script in the host header.

To define the whitelist:

1. Go to <B2Bi_installation_directory>/Interchange/webapps, and open the jettyCn.xml file.

2. Locate the <New id="Handlers" class="com.cyclonecommerce.clustercontroller.httpserver.AxwayContextHandlerCollection"> section.

3. Follow the instruction to uncomment and fill in the <Set name="allowedHosts">localhost;subdomain.domain.com;192.168.0.10;*parentdomain.com</Set> section with the hosts you want to accept requests from.

If the hostname is not defined in the jettyCn.xml file, the following error is returned: HTTP ERROR 400 Host not allowed.

Note You can specify host names and IP addresses. To specify the subdomains of a domain, prefix the parent domain with a *.