on for access to resources
> subscribed to a company (but that's outside the scope of NGINX and is more my
> opinion as a security guy).
>
> Thomas
>
>
> -Original Message-
> From: nginx On Behalf Of Mauro Tridici
> Sent: Friday, June 30, 2023 10:18 AM
Dear Users,
my boss asked me to implemented a proxy service in order to allow corporate
users to access electronic resources, subscribed by our company, also from
outside the corporate network (you know, users can work both from office and
from home).
Unfortunately, I’m a newbie and I’m a litt
sounds like a reasonable plan, though
> many others exist.
>
> You can do this using nginx + vouch to hook into an idp like Okta, and
> introduce an identity layer into your connection to secure authentication and
> authorization up.
>
> Ldap over internet is a horrible i
many others exist.
>
> You can do this using nginx + vouch to hook into an idp like Okta, and
> introduce an identity layer into your connection to secure authentication and
> authorization up.
>
> Ldap over internet is a horrible idea.
>
> Good luck,
> Payam
>
Dear users,
I am a newbie and would like to know your opinion about a request I received at
work.
I will try to describe the problem.
The company at which I work has several locations located within the same
country. The company has subscribed to an online magazine that can be accessed
after
worry about.
>
> Maxim
>
> On 29.12.2021 21:34, Mauro Tridici wrote:
>> Helo Maxim,
>> thank you very much for the explanation.
>> In your opinion, is this the case to “fix” this behaviour (but I don’t know
>> how, I’m a newbie, sorry) or I should simply ignor
our (if it shouuld be fixed).
>
> What is the meaning of “GET /“? Does It mean that the attacker is trying to
> GET something from the / path of the server (sorry for my stupid question)?
> How can I check and change the current nginx configuration ?
>
> Thank you in
On Wed, Dec 29, 2021 at 03:55:35PM +0100, Mauro Tridici wrote:
>
>> I have an old instance of NGINX (v.1.10.1) running as proxy
>> server on a dedicated hardware platform.
>> Since the proxy service is reachable from internet, it is
>> constantly exposed to cyber attacks
configurations allow GETs to "/".
>
> Justin
>
> On 29/12/2021, 10:20 AM, "nginx on behalf of Mauro Tridici"
> wrote:
>
>CAUTION: The e-mail below is from an external source. Please exercise
> caution before opening attachments, clicking links,
Thank you very much for your reply. I really appreciated it.
I’ll wait for the final gurus feedback too.
Mauro
> On 29 Dec 2021, at 18:03, lists wrote:
>
> That IP space is certified shady. I detect the occasional hack from them. See
>
> https://krebsonsecurity.com/2019/08/the-rise-of-bulletp
Dear Users,
I have an old instance of NGINX (v.1.10.1) running as proxy server on a
dedicated hardware platform.
Since the proxy service is reachable from internet, it is constantly exposed to
cyber attacks.
In my particular case, it is attacked by a lot of Log4j attack attempts from
several m
the log in the upstream server for why it is doing this.
> Perhaps a security module or something that drop connection immediately etc
>
> On Fri, May 21, 2021 at 2:46 PM Mauro Tridici <mailto:mauro.trid...@cmcc.it>> wrote:
>
> Dear Users,
>
> I’m noticing a the
Dear Users,
I’m noticing a these error messages in /var/log/nginx/error.log.
021/05/21 10:57:25 [error] 21145#0: *7 recv() failed (104: Connection reset by
peer) while proxying connection, client: public_ip, server: 0.0.0.0:5044,
upstream: "private_ip:5044", bytes from/to client:321/7709, byte
6AM +0200, Mauro Tridici wrote:
>
> Hi there,
>
> > So, I would like to ask you if I can use NGINX i order to start a port
> forwarding from an internet client to a server machine in my private LAN
> preserving the client IP.
>
> In general, what you want cannot be done (
Dear Users,
I really appreciate NGINX tool and I've been using it for a while, but I’m not
an expert user.
So, I would like to ask you if I can use NGINX i order to start a port
forwarding from an internet client to a server machine in my private LAN
preserving the client IP.
IMPORTANT: the so
15 matches
Mail list logo
