ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. reverse proxy
    Log in to post
    • All categories
    • EddieJennings

      Reverse Proxy for Single Public Facing Server
      IT Discussion • reverse proxy networking best practices • • EddieJennings

      16
      3
      Votes
      16
      Posts
      423
      Views

      scottalanmiller

      @eddiejennings said in Reverse Proxy for Single Public Facing Server:

      @dashrender said in Reverse Proxy for Single Public Facing Server:

      @eddiejennings said in Reverse Proxy for Single Public Facing Server:

      @dashrender said in Reverse Proxy for Single Public Facing Server:

      That's pretty easy to do when you're self hosted, but if you're doing something like Vultr instances, I'm guessing it's a bit harder - unless Vultr allows for the creation of VMs that only exist on a private network.

      True and that why I specifically mentioned a self-hosting scenario. I think I have a thread from the past asking about whether or not people bother with reverse-proxy for things hosted in Vulture or the like.

      I don't think that it makes a difference.

    • EddieJennings

      Reverse Proxy for VPS VMs
      IT Discussion • vps reverse proxy best practice security • • EddieJennings

      4
      0
      Votes
      4
      Posts
      351
      Views

      EddieJennings

      I like the idea of the web application firewall, and that looks like something that can setup on the same VM as what would be running Nextcloud, etc.

    • WLS-ITGuy

      Reverse Proxy install question
      IT Discussion • fedora server reverse proxy vsphere 6.7 • • WLS-ITGuy

      24
      0
      Votes
      24
      Posts
      340
      Views

      scottalanmiller

      @WLS-ITGuy said in Reverse Proxy install question:

      @scottalanmiller said in Reverse Proxy install question:

      @WLS-ITGuy said in Reverse Proxy install question:

      @scottalanmiller said in Reverse Proxy install question:

      @WLS-ITGuy said in Reverse Proxy install question:

      @scottalanmiller said in Reverse Proxy install question:

      @WLS-ITGuy said in Reverse Proxy install question:

      @wrx7m said in Reverse Proxy install question:

      @WLS-ITGuy What version of vsphere are you running?

      6.7u2

      They say it is supported...

      https://blogs.vmware.com/guestosguide/2019/05/red-hat-enterprise-linux-8.html

      REHL 8 is - But using the drop down and selecting Fedora it says it isn't.

      Either way, I'll just use REHL 8 and be done.

      The drop down list told you RHEL isn't, either. Yet we know it is. ESXi is just broken.

      That one doesn't actually tell me it isn't supported:

      alt text

      But the other RHEL one does. So clearly it's broken if it gives conflicting information. In one case, RHEL isn't supported, then RHEL 8 is. But RHEL 8 is still RHEL.

      I understand. I guess they don't update the dropdown in the software 😄

      Then best to not use it and not to consider anything from it. Just skip it and protect yourself.

    • scottalanmiller

      Configure Nginx as Reverse Proxy for ScreenConnect to Enable Lets Encrypt
      IT Discussion • linux fedora centos nginx reverse proxy screenconnect • • scottalanmiller

      4
      7
      Votes
      4
      Posts
      1287
      Views

      scottalanmiller

      @wrx7m said in Configure Nginx as Reverse Proxy for ScreenConnect to Enable Lets Encrypt:

      Less to that than I thought there would be.

      It's surprisingly simple and basic. It's really just passing one port to another, and using SSL. About the most basic setup you can have.

    • wirestyle22

      Reverse Proxy w/ SSL Cert on LAN with No External Forwarding
      IT Discussion • nginx reverse proxy • • wirestyle22

      7
      0
      Votes
      7
      Posts
      234
      Views

      F

      If you get external DNS to go to the nginx proxy you could probably allow all traffic to the URL path that lets encrypt needs and then create a whitelist for everything else.

    • IRJ

      NGINX Reverse Proxy Help - Error code: SSL_ERROR_RX_RECORD_TOO_LONG
      IT Discussion • kibana nginx ssl reverse proxy • • IRJ

      4
      1
      Votes
      4
      Posts
      2195
      Views

      IRJ

      @black3dynamite said in NGINX Reverse Proxy Help - Error code: SSL_ERROR_RX_RECORD_TOO_LONG:

      In the server block, add ssl_protocols TLSv1.2; and reload nginx

      no joy. Incognito mode did not work either.

    • stacksofplates

      Traefik Reverse Proxy
      IT Discussion • traefik reverse proxy • • stacksofplates

      3
      4
      Votes
      3
      Posts
      199
      Views

      stacksofplates

      @flaxking said in Traefik Reverse Proxy:

      Are you currently using it in production?

      Not at work. I'm using it for projects outside of that though. My docker compose stack at home uses it.

    • Oksana

      Configure a reverse proxy on Kemp LoadMaster and ensure advanced load balancing
      Starwind • reverse proxy http https kemp loadmaster • • Oksana

      2
      2
      Votes
      2
      Posts
      577
      Views

      jt1001001

      we use Kemp to publish Skype for Business and SharePoint. Their guides are excellent!

    • scottalanmiller

      NGinx Configuration Block for Zimbra Reverse Proxy
      IT Discussion • nginx zimbra reverse proxy proxy • • scottalanmiller

      2
      1
      Votes
      2
      Posts
      1056
      Views

      dbeato

      @scottalanmiller said in NGinx Configuration Block for Zimbra Reverse Proxy:

      Someone was looking for this specifically so...

      server { client_max_body_size 80M; server_name my.domain.com; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_redirect off; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass https://myip:443/; proxy_redirect off; # Socket.IO Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } listen 80; ssl_stapling on; ssl_stapling_verify on; ssl_session_cache shared:SSL:10m; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/my.domain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/my.domain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }

      Remember to create one for the Admin console on port 7071.

    • scottalanmiller

      Collabora CODE and NextCloud Integration Shows Blank Editing Page and Spinning Circle
      IT Discussion • nextcloud nextcloud 14 collabora collabora code nginx reverse proxy • • scottalanmiller

      5
      3
      Votes
      5
      Posts
      1940
      Views

      travisdh1

      @Romo said in Collabora CODE and NextCloud Integration Shows Blank Editing Page and Spinning Circle:

      Just got it working, it was indeed a DNS issue. When launching the docker container I added the --add-host name:ip option to add an entry to the hosts file that pointed to the internal ip of our nextcloud server and that made it properly work.

      0_1543340489749_collabora-2.png

      Its now properly working 😃

      I'll have to try that tonight!

    • travisdh1

      Cloudflare and Nginx reverse proxy background.
      IT Discussion • cloudflare nginx reverse proxy • • travisdh1

      6
      0
      Votes
      6
      Posts
      649
      Views

      travisdh1

      @taurex said in Cloudflare and Nginx reverse proxy background.:

      @travisdh1 Are there any benefits of configuring your own reverse-proxy if it's running behind CloudFlare that is essentially the one already? I know they offer their own Origin CA certs that you can install on your web servers to encrypt the traffic between CF and your cloud. As long as you're happy to stick with CloudFlare, there will be no need to run cron jobs with certbot renewals every 3 months.

      As @JaredBusch said, you can run self-signed certs with CloudFlare just fine. This was for my home lab, so I purposely do things the hard way sometimes, just to see what it's like. That's why I originally tackled this anyway. Running a reverse proxy mostly so I don't have to pay for nearly 30 IP addresses on the box I rent for it.

    • scottalanmiller

      Anyone Using Collabora and NextCloud Behind NGinx?
      IT Discussion • nextcloud nginx reverse proxy collabora libreoffice libreoffice online collabora code • • scottalanmiller

      3
      2
      Votes
      3
      Posts
      693
      Views

      travisdh1

      @scottalanmiller said in Anyone Using Collabora and NextCloud Behind NGinx?:

      Not sure how I should have things configured. I believe that I followed all of the instructions properly, but it is not working and there are no really clear instructions for a dual server scenario. All of the official stuff lists single server and Apache.

      The one thing I remember having issues with was that it wants to communicate over the same "channel" in between the Collabora and NextCloud servers, so if the external browser connection is https, then it's not happy and throws errors if the back end isn't communicating over https as well. Getting that https channel setup with the recommended Drupal container and instructions for that didn't seem to work, and was such a pain I gave up trying to get it fixed at the time.

    • E

      FTP Connection in the HAproxy
      IT Discussion • reverse proxy haproxy ftp • • Emsanator

      12
      0
      Votes
      12
      Posts
      8054
      Views

      JaredBusch

      https://serverfault.com/questions/663855/haproxy-for-load-balancing-vsftpd-servers

    • E

      302 Moved Error
      IT Discussion • nginx web reverse proxy • • Emsanator

      12
      1
      Votes
      12
      Posts
      1080
      Views

      E

      @jaredbusch said in 302 Moved Error:

      That auto generated stuff is only sending stuff to the Apache host on the same box as Nginx.

      Thanks for your valuable comments.

      I solved this problem.
      I've erased all routing on Nginx/Apache :smiling_face_with_smiling_eyes: ,

      I created a virtual server for HAproxy, I installed HAproxy and currently all virtual servers routing process was completed.

      Only I have one problem with HAproxy conf. file, I do not know how to do FTP Routing.
      if you want to see the topic, please visit this topic.

    • JaredBusch

      Install Nginx as a Reverse Proxy on Fedora 27
      IT Discussion • nginx fedora certbot fedora 27 reverse proxy guides real instructions how to • • JaredBusch

      106
      10
      Votes
      106
      Posts
      11723
      Views

      black3dynamite

      @brandon220 said in Install Nginx as a Reverse Proxy on Fedora 27:

      Another question:
      When you access Nextcloud with https and the site check shows that everything passes

      passed.PNG

      But, when you place it behind Nginx, it "breaks"

      fail.PNG

      I am trying to understand what is happening behind the scenes to cause the error. Is anyone else seeing this happen on their instances?

      If you want to remove that warning, add the following in the server block

      location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; }
    • JaredBusch

      Solved SELinux blocking Nginx by default on Fedora 27
      IT Discussion • selinux fedora 27 nginx reverse proxy • • JaredBusch

      3
      2
      Votes
      3
      Posts
      2852
      Views

      JaredBusch

      This behavior is different than the last time I setup a reverse proxy like this. But that was also on CentOS 7 and not Fedora. So policy could be different.

    • bigbear

      Best Practices - Securing your Windows Server 2016 VM on Vultr
      IT Discussion • fail2ban vultr iaas windows windows server windoes server 2016 security hosting reverse proxy vpn zerotier directaccess rds azure • • bigbear

      55
      0
      Votes
      55
      Posts
      7084
      Views

      U

      @syko24 free... and useless:

      Limitations of the free license:

      The free license is limited to five locks per day which means the free edition defends your system against five unique attacks per day. [...] The free license does not contain reporting (like the PRO edition does).

      Also, no official support for Windows Server 2016.

      https://cyberarms.net/download-pricing/installation-configuration.aspx

    • JaredBusch

      Solved Problem with Nginx conf file
      IT Discussion • nginx reverse proxy troubleshooting • • JaredBusch

      19
      1
      Votes
      19
      Posts
      2295
      Views

      JaredBusch

      @black3dynamite said in Problem with Nginx conf file:

      Comparing the two configs

      CRM under location / does not have this:
      proxy_set_header X-Forwarded-Proto $scheme;

      That probably went missing when I was troubleshooting. I was copy pasting in pieces and removing them trying to figure out why it was not working.

    • Ambarishrh

      Træfɪk, a modern reverse proxy
      IT Discussion • reverse proxy træfɪk docker • • Ambarishrh

      1
      1
      Votes
      1
      Posts
      514
      Views

      No one has replied

    • scottalanmiller

      Deploying an NGinx Reverse Proxy with SSL on a LAMP Server with SaltStack
      IT Discussion • lamp proxy reverse proxy nginx salt saltstack devops web server lets encrypt ssl tls https https2 • • scottalanmiller

      42
      2
      Votes
      42
      Posts
      4626
      Views

      stacksofplates

      This way you can share the config(s) under conf.d between multiple machines using the same roles (or whatever Salt calls them) and have different main NGINX server settings.