oh, i forgot to add, each of these sites would be proxy-forwarded to
different apache2 instances, which in turn would be using different
DocumentRoot for each of the sites.
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,290480,290481#msg-290481
hi.
i'm aware of the reuseport directive, but i'm wondering how it would be
possible to host more than 2 sites on the same IP and port, distinguishing
between the sites only by means of the actual server name as it's entered
into the browser..
specifically, i want to host example.com, v2.example.
On Thu, Jan 14, 2021, at 02:45, Maxim Dounin wrote:
>
> Another question is how often it is used properly. Given it
> requires update of two headers, at least one of them being very
> rare, I would assume the answer is "almost never". But again, it
> has nothing to do with $proxy_add_x_for
Hello!
On Wed, Jan 13, 2021 at 11:39:13PM +0900, nanaya wrote:
> On Wed, Jan 13, 2021, at 22:53, Maxim Dounin wrote:
> > It's not "dangerous config", it's incorrect usage of
> > X-Forwarded-For which might be dengerous. In the most simply
> > configuration with a single server the X-Forwarded-
On Wed, Jan 13, 2021, at 22:53, Maxim Dounin wrote:
> It's not "dangerous config", it's incorrect usage of
> X-Forwarded-For which might be dengerous. In the most simply
> configuration with a single server the X-Forwarded-For header
> comes directly from the client, without anything added by n
On Wed, Jan 13, 2021 at 2:04 PM sanjay wrote:
>
> Thanks for the update.
> I have already taken care to hide the "nginx".
>
> With CAPITAL letters, my testcase using "POSTSSS" for request_method, works
> fine.However, for mixed-case and small-case , nginx default rule applies and
> control doe
Hello!
On Wed, Jan 13, 2021 at 06:50:47AM +0900, nanaya wrote:
> On Wed, Jan 13, 2021, at 02:46, Maxim Dounin wrote:
> > The X-Forwarded-For is expected to contain multiple addresses, with
> > the last one being from the last proxy. It is up to the reader of
> > the header to trust or not part
Hello!
On Wed, Jan 13, 2021 at 01:04:26AM -0500, sanjay wrote:
> Thanks for the update.
> I have already taken care to hide the "nginx".
The links I've provided explain why you shouldn't do this. In
particular, because this has nothing to do with security, and
because it is an easy way to