Re: reverse proxy with dns control
On Thu, Apr 14, 2022 at 07:02:28AM -0400, arx wrote: Hi there, > the important thing for me is the dns, the port is static and no server do > the check, > the problem that I don't know how it is calls the variable with what name > the client makes the request (the dns that is invoked in the GET method by > the client) present in access.log > > [14/Apr/2022:12:22:57 +0200] "GET /favicon.ico HTTP/1.1" 404 548 > "http://DNS:PORT/; "Mozilla/5.0 ( log_format (http://nginx.org/r/log_format) describes what is written to access.log (access_log on the same page). The part you mention there is $http_referer; but you probably want to use $host. See http://nginx.org/en/docs/http/request_processing.html, so that you do not have to use $host. > I have to check on dns, and when I go to put the condition (as in the > previous example it gives me a syntax error) I believe you will be much happier if you do something like """ server { listen port; server_name good-name-one good-name-two good-name-three; location / { # proxy_pass or whatever is wanted. For testing: return 200 "Ok - host $host is allowed\n"; } } server { listen port default_server; return 200 "No - host $host is not allowed\n"; } """ where "port" is changed to the correct number in each case. Set the "good names" that you want to allow, and see that you get the "no" or "ok" message for the different names that you test. And then change the "return" lines to do what you want. Good luck with it, f -- Francis Dalyfran...@daoine.org ___ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
Re: reverse proxy with dns control
I succeeded, practically the directives roxy_buffering off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; they had to be placed on top location "if ($host ~ testdns) { and under location / { now I should make an external file with all allowed dns I would like someone to help me with the syntax Posted at Nginx Forum: https://forum.nginx.org/read.php?2,293951,293959#msg-293959 ___ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
Re: reverse proxy with dns control
the important thing for me is the dns, the port is static and no server do the check, the problem that I don't know how it is calls the variable with what name the client makes the request (the dns that is invoked in the GET method by the client) present in access.log [14/Apr/2022:12:22:57 +0200] "GET /favicon.ico HTTP/1.1" 404 548 "http://DNS:PORT/; "Mozilla/5.0 ( I have to check on dns, and when I go to put the condition (as in the previous example it gives me a syntax error) Posted at Nginx Forum: https://forum.nginx.org/read.php?2,293951,293958#msg-293958 ___ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
Re: reverse proxy with dns control
On Wed, Apr 13, 2022 at 07:43:48AM -0400, arx wrote: Hi there, > for security problems on my server, I should create a reverse proxy that > allows only those who use the dns provided by me to be able to pass. > practically I make a list with the incoming dns and I pass only those to my > main server behind the reverse. > is it possible to do this? I think you might be looking for two server{} blocks; one with "listen port default_server" that will not talk to the backend; and one with "listen port" without "default_server", and with "server_name" with the names that you want, that will talk to the back-end service. See, for example, http://nginx.org/en/docs/http/server_names.html#miscellaneous_names where using the config either side of "In catch-all server examples", requests for four names to port 80 will be handled in one server{} block, and requests for any other names to port 80 will be handled in the other server{} block. Cheers, f -- Francis Dalyfran...@daoine.org ___ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
Re: reverse proxy with dns control
like something like that server { listen port; location / { if ($http_host ~ "dnsinput:port") { proxy_buffering off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass dnsoutput:port; } } } it gives me syntax error I get the input from the file GET /favicon.ico HTTP/1.1" 404 548 "http://dnsinput:port/; in access.log Posted at Nginx Forum: https://forum.nginx.org/read.php?2,293951,293956#msg-293956 ___ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
reverse proxy with dns control
Hi guys, for security problems on my server, I should create a reverse proxy that allows only those who use the dns provided by me to be able to pass. practically I make a list with the incoming dns and I pass only those to my main server behind the reverse. is it possible to do this? thank you all Posted at Nginx Forum: https://forum.nginx.org/read.php?2,293951,293951#msg-293951 ___ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org