Welcome! Log In Create A New Profile

Advanced

cannot see username details on nginx in proxypass

Posted by promise2k 
This forum is currently read only. You can not log in or make any changes. This is a temporary situation.
cannot see username details on nginx in proxypass
July 07, 2023 01:53AM
i have my nginx working in proxy pass for the microsoft exchange for emails. the issue i have is that i cannot see any failed logons in the nginix logs. below is my conf file for exchange, and way below is the logs that i see on the nginx. if there any way i can confogure nginix to see the failed logons i.e ip address, username ect.

cat /etc/nginx/conf.d/exchangeRP.conf
server {
listen 80;
#listen [::]:80;
server_name fqdn.com autodiscover.xxx.us;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
#listen [::]:443 ipv6only=on;
#ssl on;
ssl_certificate /etc/ssl/private/star2.fqdn.com_BUNDLE.cer;
ssl_certificate_key /etc/ssl/private/star2.fqdn.com.key;
ssl_session_timeout 5m;
server_name fqdn.fqdn.com;
location / {
return 301 https://fqdn.fqdn.com/owa;
}


proxy_http_version 1.1;
proxy_read_timeout 360;
proxy_pass_header Date;
proxy_pass_header Server;
# proxy_pass_header Authorization;
proxy_set_header Host fqdn.fqdn.com;
#proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_request_headers on;
more_set_input_headers 'Authorization: $http_authorization';
proxy_set_header Accept-Encoding "";
more_set_headers -s 401 'WWW-Authenticate: Basic realm="fqdn.com"';
proxy_request_buffering off;
proxy_buffering off;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Strict-Transport-Security "max-age=15552001; includeSubDomains; preload";
proxy_set_header X-Username $remote_user;

location ~* ^/owa { proxy_pass https://x.x.x.x;
# Log failed login attempts
error_page 401 = @log_failed_login;
}
location ~* ^/Microsoft-Server-ActiveSync { proxy_read_timeout 150; proxy_pass https://x.x.x.x;}
location ~* ^/ecp { proxy_pass https://x.x.x.x;}
location ~* ^/ews { proxy_pass https://x.x.x.x;}
location ~* ^/rpc { set $e2010 0;
if ($args ~ email.fqdn.com)
{set $e2010 1;
}
if ($args ~ EXM)
{set $e2010 1;
}
if ($args ~ EXP)
{set $e2010 1;
}
if ($e2010 ~ 1)
{proxy_pass https://x.x.x.x;}
if ($e2010 ~ 0)
{return 500;}
}
location ~* ^/exchange { proxy_pass https://x.x.x.x;}
location ~* ^/mapi { proxy_pass https://x.x.x.x;}
location ~* ^/autodiscover { proxy_pass https://x.x.x.x;}


error_log /var/log/nginx/owa-ssl-error.log;
access_log /var/log/nginx/owa-ssl-access.log combined;
access_log /var/log/nginx/exchange_access.log main;
}



Below is a log for a failed logon

x.x.x.x - - [06/Jul/2023:14:50:04 +0200] "GET /owa/auth/logon.aspx?url=https%3a%2f%2ffqdn.fqdn.com%2fowa%2f&reason=2 HTTP/1.1" 200 10128 "https://fqdn.fqdn.com/owa/auth/logon.aspx?replaceCurrent=1&reason=2&
url=https%3a%2f%2fqdn.fqdn.com%2fowa%2f" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
Re: cannot see username details on nginx in proxypass
August 08, 2023 04:11AM
just checking if anyone can help me on this one.

Online Users

Guests: 259
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready