Welcome! Log In Create A New Profile

Advanced

Redirect URL before reaching target

Posted by protectera 
Forum List Message List New Topic
protectera
Redirect URL before reaching target
February 19, 2020 04:44PM
Hi,
I have searched around and tried tons of different tips and trix without any success. I have an Nginx reverse proxy installed which are working fine. All my urls are working as they should including redirect to different services on the same server. (That is why I need the reverse proxy)

However I have one issue. My unifi controller send out emails to my customers when an AP or other equipment goes down with a link to unifi.xx.se:8443 and when that is used my letsencrypt certificate will not be in use, but it is in use for both http://unifi.xx.se and https://unifi.xx.se.

I have this configuration in my /etc/nginx/sites-enabled/xx.conf


server {
listen 80;
server_name unifi.xx.se;
return 301 https://$host$request_uri;
}

# For ssl
server {
ssl on;
ssl_certificate /etc/letsencrypt/live/unifi.xx.se/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/unifi.xx.se/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;

default_type application/octet-stream;

listen 443;
server_name unifi.xx.se;

root /var/www/unifi.xx.se;

location ~ /.well-known {
allow all;
}

location / {
include proxy_params;
proxy_pass https://10.42.0.185:8443;
}
}


Is it possible to change the request before sending it further from unifi.xx.se:8443 to unifi.xx.se?
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 321
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready