![]() Restart your Nginx service after modifying the configuration files. However Webmin needs a bit more fine tuning. This should satisfy the majority of scenarios where a resource is accessed via reverse proxy. Very important, don’t forget the trailing / after webmin01 in the location /webmin01/ line My Nginx SSL config is very basic at this point: server in the first Nginx configuration part. In case you don’t have secure http, just make sure to replace https with http in the example below. Http protocol is secured with SSL certificates issues by a LAN CA. My scenario involves one server with Nginx as reverse proxy () and one Webmin server () for this example. After quite some research, I said let me put together a quick and dirty how-to in case somebody else needed it. Nginx reverse proxy is not something new and it works great in a lot of situations, but it gave me some headache with Webmin. ,, etc…), hence the use of a reverse proxy. I plan to use one port redirection from Internet to a LAN hosted webserver (protected with WAF) and, you guessed, hosting page lisingt my home lab resources (in form of Webpage Links)įor this to properly work I need one just one domain / subdomain with various URI resources (e.g. Sophos recommend using WAF, which is a good advice from security perspective, but I don’t plan to have 50 redirections (as in DNAT) from my public facing IP address / router to LAN just to access the various URLs I have in my home lab. But that’s just my opinion…Īnyway, this action leaves a gap in my happiness accessing my home IT resources. If this would be the way, then let’s shutdown electrical grid, stop cars or terminate Internet and we’re all be more secure. In my opinion you work on features to improve security and fix issues, you just don’t retire them. Recently Sophos decided to retire the http(s) bookmark feature “in order to improve security and reduce the potential for cross-site scripting (XSS) exploits” This product has a very nice User Portal feature where you can add various “bookmarks” to resources accessible via various protocols (rdp, vnc, ssh, http(s)…) I’m using Sophos XG (home version) to access my home lab and other in-house smart devices when on the road. ![]() Second is a bit more realistic (at least professional realistic). You may argue that I can use browser bookmarks, true, but I use the one html landing page to access various resources. ![]() Instead of typing numerous URLs I just type one and click the needed link. I have in my home lab a one page html listing all http(s) resources I have in my IT lab. Before going into “How” you may wonder “Why” I need a reverse proxy in front of Webmin.įirst, and most important, is laziness.
0 Comments
Leave a Reply. |