diff --git a/internal/nodes/http_request_websocket.go b/internal/nodes/http_request_websocket.go
index d6a3991..7b209b1 100644
--- a/internal/nodes/http_request_websocket.go
+++ b/internal/nodes/http_request_websocket.go
@@ -1,6 +1,7 @@
 package nodes
 
 import (
+	"errors"
 	"github.com/iwind/TeaGo/logs"
 	"io"
 	"net/http"
@@ -11,6 +12,7 @@ import (
 func (this *HTTPRequest) doWebsocket() {
 	if this.web.WebsocketRef == nil || !this.web.WebsocketRef.IsOn || this.web.Websocket == nil || !this.web.Websocket.IsOn {
 		this.writer.WriteHeader(http.StatusForbidden)
+		this.addError(errors.New("websocket have not been enabled yet"))
 		return
 	}
 
@@ -23,6 +25,7 @@ func (this *HTTPRequest) doWebsocket() {
 		if err == nil {
 			if !this.web.Websocket.MatchOrigin(u.Host) {
 				this.writer.WriteHeader(http.StatusForbidden)
+				this.addError(errors.New("websocket origin '" + requestOrigin + "' not been allowed"))
 				return
 			}
 		}
diff --git a/internal/nodes/origin_utils.go b/internal/nodes/origin_utils.go
index 22f3087..7a29934 100644
--- a/internal/nodes/origin_utils.go
+++ b/internal/nodes/origin_utils.go
@@ -24,7 +24,9 @@ func OriginConnect(origin *serverconfigs.OriginConfig) (net.Conn, error) {
 		// TODO 支持指定特定网卡
 		// TODO Addr支持端口范围，如果有多个端口时，随机一个端口使用
 		// TODO 支持使用证书
-		return tls.Dial("tcp", origin.Addr.Host+":"+origin.Addr.PortRange, &tls.Config{})
+		return tls.Dial("tcp", origin.Addr.Host+":"+origin.Addr.PortRange, &tls.Config{
+			InsecureSkipVerify: true,
+		})
 	}
 
 	// TODO 支持从Unix、Pipe、HTTP、HTTPS中读取数据