I would like to ask about security of this solution, because I haven't found anything about it on google nor here, so I assume I either entered wrong keywords or came to a solution not very popular or secure.
I have a vps with single IP, but would like to use SSL for at least two virtual hosts, blog.domain, and domain.
What I did was set up a server listening on 443 port, checking which host name is set in $http_host and doing proxy_pass if its on the accepted list. Here is the significant part of the config:
[code]
map $http_host $do_pass {
default 0;
blog.domain 1;
domain 1;
}
server {
listen 443 default ssl;
#I think the name doesn't matter in ssl-only server case
server_name domain;
access_log /var/log/nginx/sslproxy.access.log;
error_log /var/log/nginx/sslproxy.error.log;
location / {
if ( $do_pass = 0 ) {
return 403;
}
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:80;
}
}
[/code]
and in the main config file
[code]
set_real_ip_from 127.0.0.1;
real_ip_header X-Real-IP;
[/code]
I have no doubts about the client-server data safety, but what I would like to know is whether this configuration is more likely to be cracked in any other way.