Can’t comment on what’s best for your company.
If you plan to do what you described, sounds like a reasonable plan, though
many others exist.
You can do this using nginx + vouch to hook into an idp like Okta, and
introduce an identity layer into your connection to secure authentication
and author
It may be worthwhile for you to take a step back and read about the
technologies and better understand the capabilities that these software
solutions provide.
It appears as if you are looking to this nginx list ad your own personal
self help repository.
Regards,
Payam
On Sat, Feb 25, 2023 at 1
+1 Francis
Saint, I wonder if this might satisfy your ask indirectly.
Assign a secondary ip address to a nic, and redirect to that ip for your
iframe processing.
Then you can apply a more specific ACL at host or nginx level to control
iframe reachability, or even use a ip address thats only reac
thought about this in Nginx.
>
>
> On Sun, Feb 19, 2023 at 11:00 PM Payam Chychi wrote:
>
>> Yes it does, but you are not providing enough on what you are doing, only
>> what you want to do.
>>
>> Run developer tools and see what your ip address is reported as.
&
> allow 10.1.1.0/16;
> allow 2001:0db8::/32;
> deny all;
>
>
> and it does not work. It uses the remote IP of the caller.
>
>
> So Nginx does not have a way to do this.
>
> Thanks doe confirming it.
>
>
>
> On Sun, Feb 19, 2023 at 10:32 PM Pay
You need to learn two things:
1- learn to read the page and understand what the expected result should be
2- google!
Your problem has been well covered thousands of times before.
Your 404 is expected error code when you are accessing the website from
external.
Also, read
https://nginx.org/en/doc
he answer.
>
> On Fri, Feb 3, 2023, 11:22 AM Payam Chychi wrote:
>
>> Lol, that is the point…. Proxies do stuff to the connection that makes it
>> easy to detect if you know what you are looking for :)
>>
>> As it stands… you are not going to win this one.
>>
&g
Lol, that is the point…. Proxies do stuff to the connection that makes it
easy to detect if you know what you are looking for :)
As it stands… you are not going to win this one.
On Fri, Feb 3, 2023 at 3:57 AM Saint Michael wrote:
> I am sure that it can be done. I am just passing everything to
On Wed, Jan 4, 2023 at 12:33 PM Eduardo Kortright
wrote:
> I have several servers hosting multiple Rails sites, using nginx as a
> reverse proxy. All sites have unique host names and, at least at first,
> nginx returns the content for each site correctly (dynamic content from
> Rails as well as s
On Sun, Nov 20, 2022 at 1:07 PM masber masber wrote:
> dear nginx community,
>
> I would like to communicate with a client with a server application, they
> can't see each other directly and I would like to use an nginx server to
> solve this. The communication goes through HTTPS which is already
Lol
On Sat, Apr 28, 2018 at 9:17 AM Danny Horne via nginx
wrote:
> On 28/04/18 17:15, ScotGram wrote:
> > STOP EMAILING
> > ___
> > nginx mailing list
> > nginx@nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
>
> If you want to unsubscri
On Sun, Feb 25, 2018 at 1:18 PM Francis Daly wrote:
> On Sun, Feb 25, 2018 at 11:34:17AM -0500, sonpg wrote:
>
> Hi there,
>
> > i using nginx to reverse proxy for sharepoint site: ecm.test.com:80 and
> > redirect test.com:80 to https://test.com:443.
> > it show "nginx: [emerg] bind() to 0.0.0.0:
On Fri, Feb 23, 2018 at 4:32 AM Francis Daly wrote:
> On Fri, Feb 23, 2018 at 04:15:31AM -0500, sonpg wrote:
>
> Hi there,
>
> > myserver requires NTLM authentication. I access myserver through nginx
> proxy
> > and provide correct auth info,but the browser prompt auth again.
>
> http://nginx.org
gt; Have a look at nginx -T.
> ---
> *B. R.*
>
> On Wed, Jan 24, 2018 at 7:08 AM, Payam Chychi wrote:
>
>>
>> On Tue, Jan 23, 2018 at 9:22 PM agriz
>> wrote:
>>
>>> Sir,
>>>
>>> I can see any message there.
>>>
On Tue, Jan 23, 2018 at 9:22 PM agriz wrote:
> Sir,
>
> I can see any message there.
> Additionally, There are the sysctl.conf file i modified
>
> net.ipv6.conf.all.accept_ra=2
> net.core.rmem_max = 16777216
> net.core.rmem_default = 31457280
> net.ipv4.tcp_rmem = 4096 87380 16777216
> net.core.w
On Mon, Jan 22, 2018 at 6:02 AM Sékine Coulibaly
wrote:
> Hi,
>
> I'm evaluating Nginx Plus for a UDP Load Balancer but can't make it work.
> The packets are spoofed correctly on the LB side (as seen with tcpdump,
> where I can see packets created, the source IP being the one of the client,
> the
On Fri, Jan 19, 2018 at 9:30 PM blason wrote:
> Hi there,
>
> I guess it was not an issue with NTLM where I am successfully able to
> authenticate with sharepoint the front page loads successfully while
> sub-site pages does not load up and I am not able to figure out the issue.
>
> Will soon sha
On Fri, Jan 19, 2018 at 7:14 AM Jason Whittington <
jason.whitting...@equifax.com> wrote:
> I haven’t done it for sharepoint but I have done it for TFS. If I had to
> guess you are probably being bitten by NTLM.
>
> NTLM authentication authenticates connections instead of requests, and
> this is
On Thu, Jan 18, 2018 at 10:18 PM blason wrote:
> Wow man!! Thanks I am struggling with configuration as Subsites does not
> show anything it shows blank page i.e only for blank page while Front page
> gets open successfully.
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,278193,2
On Thu, Jan 18, 2018 at 10:11 PM blason wrote:
> Hi Guys,
>
> Keen to know if there was any success rate for implementing Nginx as a
> reverse proxy for Sharepoint? I mean I did implement however I am finding
> issues with Sub-sites and wanted to know if there is any solution for the
> same?
>
>
set your worker_process to 1 and try again
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
6:35 +0200] "POST /index2.php
>> HTTP/1.1" 200 37 "-" "Generic Client"
>>
>> Nothing retransmits, SElinux isn't installed and apparmor is stopped.
>>
>> Nothing in dmesg...
>>
>> Thanks a lot,
>>
>>
>> *ANDRE
On Wed, Jun 28, 2017 at 8:41 AM Andrea Soracchi
wrote:
> Hi,
> could you please help me solve this issue? I'm getting crazy!
>
> Before the nginx update my client worked perfectly: it posted files to my
> website without any delay.
>
> How, after nginx update (ubuntu 16.04 LTS) I've got this issu
You can also use ulimit but simple iptable/ipfw/pf will do the job
On Tue, Apr 4, 2017 at 3:13 PM wrote:
> You would probably want to also limit the number of connections per IP
> address, else one IP could lock up the entire site.
>
>
> Original Message
> From: Valentin V. Bartenev
> Sent: T
On Apr 18, 2016, 6:25 PM -0700, Maxim Dounin, wrote:
> Hello!
>
> On Mon, Apr 18, 2016 at 02:28:19PM -0700, Payam Chychi wrote:
>
> > > Maxim Dounin:
> > >
> > > > Just a side note: NTLM auth is broken by design and violates HTTP
> > > > b
Maxim Dounin:
Just a side note: NTLM auth is broken by design and violates HTTP
basic rules. Avoid using it if you can.
to be clear: I don't care if it's named NTLM or ugly_voodoo
The goal is a nginx accesses by a IE/edge browser. Users should not be
bothered with authentication
as they
Look at your proxy cache path... (proxy_cache_path /var/www/test_cache)Are you
sure the path exists and had proper perms/ownership?
Payam
On Feb 29, 2016, 11:03 AM -0800, CJ Ess, wrote:
> Hello! I'm testing out a new configuration and there are two issues with the
> proxy cacheing feature I'm
Hi
If your http server is on linux, why not simply use iptables to limit the speed
per request?
Anyways, yes, you can use nginx to limit transfer speeds.
Nginx has several examples on the wiki
Cherrs,
Payam chychi
On Feb 28, 2016, 10:52 AM -0800, vampeta, wrote:
> Hi guys,
> i would l
elp.
--
Payam Chychi
Solution Architect
On Sunday, January 31, 2016 at 12:56 PM, Reinis Rozitis wrote:
> > Yes, we recently tried downloading file over FTP and encountered the same
> > slow transfer rate.
> >
>
>
> Then it's not really a nginx issue, it seems you just h
if you can help us understand what tests
youve done to determine its nginx.
Thanks
--
Payam Chychi
Network Engineer / Security Specialist
On Sunday, January 31, 2016 at 9:33 AM, Reinis Rozitis wrote:
> This is a bit out of scope of nginx but ..
>
> > could be network issue o
here 4 is
> recommended.
>
> On Thu, Oct 8, 2015 at 2:41 PM, Payam Chychi (mailto:pchy...@gmail.com)> wrote:
> >
> > On 2015-10-08, 1:23 PM, Naseem Al-Naji wrote:
> > > Hi everyone,
> > >
> > > My company, Mulesoft, uses NGINX to help deliver
On 2015-10-08, 1:23 PM, Naseem Al-Naji wrote:
Hi everyone,
My company, Mulesoft, uses NGINX to help deliver our product. We use
your commercialized version, and have noticed poor performance on our
production servers, whereas our staging servers perform much better.
The load balancing on pro
mber of req/site load... something to keep in
mind)
Cheers,
Payam Chychi
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On Tuesday, July 21, 2015 at 9:43 PM, sudharshanr wrote:
> I have a web server sitting behind Nginx. If there is an error, then I want
> to fetch some information from the url and pass it on to a static file as
> parameters. I have configured Nginx to fetch the query parameters from the
> url u
On Wednesday, July 22, 2015 at 2:26 AM, Puneeth Kumar wrote:
> Hi,
> I'm new to Nginx and we are using for reverse proxy.
>
> I'm able to configured Nginx and it's working but I've challenge in
> configuring it for Dynamic proxy_pass. I've tried to use wild characters
> in proxy_pass it's not w
Cacti, great and does everything and more
--
Payam Chychi
Network Engineer / Security Specialist
On Thursday, July 16, 2015 at 5:40 PM, steve wrote:
> I monitor everything using munin, but any MRTG based product ( thanks
> again Tobi Oetiker! ) will do the job.
>
> On 17
Hi,
You would proxy pass to the backend. Lookup how the smtp is done with nginx.
Personally i use nginx for http based and haproxy for any other tcp based load
balancing, ive had some great success in this method.
--
Payam Chychi
Network Engineer / Security Specialist
On Tuesday, July 7
Why redirect instead of a proxy_pass?
--
Payam Chychi
Network Engineer / Security Specialist
On Thursday, May 28, 2015 at 8:50 AM, sampy wrote:
> Francis Daly Wrote:
> ---
> > On Thu, May 28, 2015 at 04:15:08AM -0400,
Hey,
Why not just compare their xforward vs connecting ip, if they dont match and
its a bot, drop it.
--
Payam Chychi
Network Engineer / Security Specialist
On Tuesday, May 5, 2015 at 5:38 AM, meteor8488 wrote:
> Hi All,
>
> Recently I found that someguys are trying to mirror m
On 2014-12-16, 9:32 AM, umarizal wrote:
Anoop Alias Wrote:
---
Are you seeing the same IP in apache?.
If yes then you need the following module in apache
https://github.com/gnif/mod_rpaf or
http://httpd.apache.org/docs/trunk/mod/mod_remoteip.
On 2014-12-15, 4:18 PM, Valentin V. Bartenev wrote:
On Tuesday 16 December 2014 00:05:03 Yury Kirpichev wrote:
Hi,
I've got a problem when tried to proxy spdy traffic to host via https
protocol.
My config is simple like that:
location /https/test {
proxy_set_header X-Real-IP $remote_a
ip.forwarding on?
On 2014-10-08, 2:21 PM, pharasyte wrote:
Hello,
Which distro are you using?
The first thing that comes to mind with this type of issue is that Selinux
is enabled and blocking nginx from making connections to the upstream. You
can test if this is the case by turning Selinux of
Use a resirect, keep it clean, simple, and compliant
Why waste reaources when you dont have to?
--
Payam Chychi
Network Engineer / Security Specialist
On Saturday, July 19, 2014 at 10:47 AM, Anoop Alias wrote:
>
>
>
> The Proxying server does not download the entire file
, im sure there are half a dozen ways of doing this... Just not
without proper plan
--
Payam Chychi
Network Engineer / Security Specialist
On Tuesday, June 17, 2014 at 8:21 PM, Eric Feldhusen wrote:
> That's almost perfect, except I don't have enough access to the development
Hi Steve,
that's a lot of apache nonsense ;) that you shouldn't need
check out:
http://nginx.org/en/docs/http/converting_rewrite_rules.html
another useful link with great commenting:
https://blog.engineyard.com/2011/useful-rewrites-for-nginx/
-Payam
On 2014-03-20, 9:44 PM, Steve Holdoway wrot
Maybe ive misunderstood but cant you very simply do this by injecting a cookie
on the origina req page and then have nginx match, count it and apply rates? Or
maybe im comicating it... If even possible
--
Payam Chychi
Network Engineer / Security Specialist
On Tuesday, October 22, 2013 at 8
Ssl proxy with nginx, copy over the ssl keys from the end site to nginx. Now if
u want ssl from nginx, simply https the connection and sign a cert...
What am i missing here? Are you looking for an actual config sample?
--
Payam Chychi
Network Engineer / Security Specialist
On Wednesday, 21
Serverside cookies for session management tho itl be more of a static
Pre-determined mapping... Aka
Stickysessions
--
Payam Chychi
Network Engineer / Security Specialist
On Sunday, 4 August, 2013 at 1:43 PM, Nulik Nol wrote:
> I am developing a webmail service where the user's i
48 matches
Mail list logo
