Welcome! Log In Create A New Profile

Advanced

cannot see username details on nginx in proxypass

Posted by promise2k 
cannot see username details on nginx in proxypass
July 07, 2023 01:53AM
i have my nginx working in proxy pass for the microsoft exchange for emails. the issue i have is that i cannot see any failed logons in the nginix logs. below is my conf file for exchange, and way below is the logs that i see on the nginx. if there any way i can confogure nginix to see the failed logons i.e ip address, username ect.

cat /etc/nginx/conf.d/exchangeRP.conf
server {
listen 80;
#listen [::]:80;
server_name fqdn.com autodiscover.xxx.us;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
#listen [::]:443 ipv6only=on;
#ssl on;
ssl_certificate /etc/ssl/private/star2.fqdn.com_BUNDLE.cer;
ssl_certificate_key /etc/ssl/private/star2.fqdn.com.key;
ssl_session_timeout 5m;
server_name fqdn.fqdn.com;
location / {
return 301 https://fqdn.fqdn.com/owa;
}


proxy_http_version 1.1;
proxy_read_timeout 360;
proxy_pass_header Date;
proxy_pass_header Server;
# proxy_pass_header Authorization;
proxy_set_header Host fqdn.fqdn.com;
#proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_request_headers on;
more_set_input_headers 'Authorization: $http_authorization';
proxy_set_header Accept-Encoding "";
more_set_headers -s 401 'WWW-Authenticate: Basic realm="fqdn.com"';
proxy_request_buffering off;
proxy_buffering off;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Strict-Transport-Security "max-age=15552001; includeSubDomains; preload";
proxy_set_header X-Username $remote_user;

location ~* ^/owa { proxy_pass https://x.x.x.x;
# Log failed login attempts
error_page 401 = @log_failed_login;
}
location ~* ^/Microsoft-Server-ActiveSync { proxy_read_timeout 150; proxy_pass https://x.x.x.x;}
location ~* ^/ecp { proxy_pass https://x.x.x.x;}
location ~* ^/ews { proxy_pass https://x.x.x.x;}
location ~* ^/rpc { set $e2010 0;
if ($args ~ email.fqdn.com)
{set $e2010 1;
}
if ($args ~ EXM)
{set $e2010 1;
}
if ($args ~ EXP)
{set $e2010 1;
}
if ($e2010 ~ 1)
{proxy_pass https://x.x.x.x;}
if ($e2010 ~ 0)
{return 500;}
}
location ~* ^/exchange { proxy_pass https://x.x.x.x;}
location ~* ^/mapi { proxy_pass https://x.x.x.x;}
location ~* ^/autodiscover { proxy_pass https://x.x.x.x;}


error_log /var/log/nginx/owa-ssl-error.log;
access_log /var/log/nginx/owa-ssl-access.log combined;
access_log /var/log/nginx/exchange_access.log main;
}



Below is a log for a failed logon

x.x.x.x - - [06/Jul/2023:14:50:04 +0200] "GET /owa/auth/logon.aspx?url=https%3a%2f%2ffqdn.fqdn.com%2fowa%2f&reason=2 HTTP/1.1" 200 10128 "https://fqdn.fqdn.com/owa/auth/logon.aspx?replaceCurrent=1&reason=2&
url=https%3a%2f%2fqdn.fqdn.com%2fowa%2f" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
Re: cannot see username details on nginx in proxypass
August 08, 2023 04:11AM
just checking if anyone can help me on this one.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 265
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready