Welcome! Log In Create A New Profile

Advanced

multiple ssl hosts support using proxy

Posted by piotrekm 
Forum List Message List New Topic
piotrekm
multiple ssl hosts support using proxy
August 08, 2010 09:12AM
I would like to ask about security of this solution, because I haven't found anything about it on google nor here, so I assume I either entered wrong keywords or came to a solution not very popular or secure.

I have a vps with single IP, but would like to use SSL for at least two virtual hosts, blog.domain, and domain.
What I did was set up a server listening on 443 port, checking which host name is set in $http_host and doing proxy_pass if its on the accepted list. Here is the significant part of the config:

[code]
map $http_host $do_pass {
default 0;

blog.domain 1;
domain 1;
}

server {

listen 443 default ssl;

#I think the name doesn't matter in ssl-only server case
server_name domain;

access_log /var/log/nginx/sslproxy.access.log;
error_log /var/log/nginx/sslproxy.error.log;

location / {
if ( $do_pass = 0 ) {
return 403;
}

proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:80;
}
}
[/code]

and in the main config file

[code]
set_real_ip_from 127.0.0.1;
real_ip_header X-Real-IP;
[/code]

I have no doubts about the client-server data safety, but what I would like to know is whether this configuration is more likely to be cracked in any other way.
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 326
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready