Rad'Val's questions -server

Rad'Val

Asked: 2018-11-28 09:46:13 +0800 CST

Is it possible to set up nginx as a reverse proxy that also forwards the proxied server's certificates?

0

I'm having a bunch of virtual hosts served behind a nginx reverse proxy. At the end of each there is a server that has valid certificates for the given virtual domain.

E.g.

api.example.com -> proxy_pass https://api.example.com; # which resolves locally to a docker instance that has the certificates for api.example.com

Now, my problem is that, the proxy server itself seems to be needing its own certificates and I don't understand why. Since domain names and subdomains don't get encrypted over https, why can't I simply forward the certificate of each proxied server? Or can I? How?

This is what I have so far:

server {
    listen      80;
    listen [::]:80;
    server_name *.example.com;

    location / {
        proxy_pass http://$http_host$uri$is_args$args;
    }
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name *.example.com;

    location / {
        proxy_pass https://$http_host$uri$is_args$args;
    }
}

But the second directive requires certificates.

Rad'Val

Asked: 2012-05-15 13:11:50 +0800 CST

Does adding an user to the apache group creates a security hole?

3

Beginner question. I saw this mentioned on a website, considered a bad practice,but can't remember where and why. So, if I have an user which has access to files that Apache shouldn't have access, and I add this user to the Apache group, would that make a security hole. If yes, why (Apache shouldn't be able to access the sensitive files if for example the permission is 700) ?

Rad'Val

Asked: 2012-04-30 12:06:52 +0800 CST

Allow access only to specific request

1

I have an iOS app that communicates with an Apache 2.2 server. I would like to restrict the access to several directories so that only the app will be able to access them (no browser access, no crawlers, etc). What are my options?

Rad'Val

Asked: 2012-04-30 07:40:14 +0800 CST

How can I add a public_html directory into a user's home directory?

4

I have Apache 2.2 installed. I want to set up my server so that for each user I create there is a public_html directory in which that user can put it's web content. Now, of course, making the directory is just a matter of mkdir, but how do I tell Apache to "watch" over that directory's contents (and serve them if required)

Rad'Val

Asked: 2011-09-23 14:05:12 +0800 CST

How to modify your $PATH on unix?

2

I used PATH = /Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/:$PATH

But still my programs refuse to search in the given dir first. Do I need to do something else?

Rad'Val

Asked: 2011-09-21 03:43:42 +0800 CST

How to install the latest g++ version on CentOS

4

I tried yum install gcc-c++, however, the repos have an old version (4.1) which causes lots of problems and stops me from building a library. I would like to update it to latest. How can I do that?

Is it possible to set up nginx as a reverse proxy that also forwards the proxied server's certificates?

Does adding an user to the apache group creates a security hole?

Allow access only to specific request

How can I add a public_html directory into a user's home directory?

How to modify your $PATH on unix?

How to install the latest g++ version on CentOS

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?