this post was submitted on 20 Nov 2023
4 points (83.3% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

I want to setup proxy for my netgear router. Everything works with ip: both with http and https. But when i try to enter the site through nginx proxy it returns 403. It doesnt make sense because login page shows up correctly. I tried to set Origin header like they advise here but it just doesnt work.

https://www.reddit.com/r/nginx/comments/g7a6da/comment/fogiil0/

log from nginx:

192.168.5.2 - - [19/Nov/2023:12:46:02 +0000] "GET /base/images/Registration_on.gif HTTP/1.1" 403 25 "https://netgear.mysite.com/base/cheetah_login.html" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
192.168.5.2 - - [19/Nov/2023:12:46:02 +0000] "GET /base/images/TurnOff_on.gif HTTP/1.1" 403 25 "https://netgear.mysite.com/base/cheetah_login.html" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
192.168.5.2 - - [19/Nov/2023:12:46:02 +0000] "GET /base/images/TurnOff_off.gif HTTP/1.1" 403 25 "https://netgear.mysite.com/base/cheetah_login.html" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"

my config. I use very similar one for other things like vaultwarden, proxmox, edgerouter and many other ones and it works ok.

server {
    server_name netgear.mysite.com;
    listen 80;
    return 301 https://netgear.mysite.com$request_uri;
}

server {
    set $DN netgear.mysite.com;
    server_name netgear.mysite.com;
    #listen 80;

    listen 443 ssl;
    ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers          HIGH:!aNULL:!MD5;
    ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem;

    access_log /var/log/nginx/netgear.mysite.com.access;
    error_log  /var/log/nginx/netgear.mysite.com.error error;

    location / {
        proxy_http_version 1.1;
        proxy_request_buffering off;
        proxy_buffering off; 
        # proxy_set_header        Host $host:$server_port;
        # proxy_set_header        X-Real-IP $remote_addr;
        # proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        # proxy_set_header        X-Forwarded-Proto $scheme;
        
        proxy_pass https://192.168.5.10:443; # tried with http too

        proxy_set_header Origin https://192.168.5.10/; # tried with http too
    }
}

โ€‹

top 1 comments
sorted by: hot top controversial new old
[โ€“] tmat256@lemmings.world 1 points 11 months ago

What is the "action" attribute for the login form? My guess is the url doesn't match and that the form isn't using the origin header properly.