1
I've been struggling with my two Nginx servers and searched a lot but no luck.
Here is the scenario:
I have a backend server with a third party application on it and a pre-configured Nginx which is working fine independently. But now I want to add a reverse proxy to hide this server from users. Everything works fine when I test it with two Nginx that I myself configured but when I route the traffic from the proxy server to the backend server, just some of the contents of the website loads in the browser.
The only difference that I noticed is that whenever I am connecting to the backend server directly, I can see the following in the access.log
of the backend server:
10.251.100.3 - - [08/Jul/2019:14:13:53 +0430] "GET /some/path/2 HTTP/1.1" 200 2762 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-" "backend.server.com"
10.251.100.3 - - [08/Jul/2019:14:13:54 +0430] "GET /some/uri/file.css HTTP/1.1" 200 37276 "https://backend.server.com/some/path/2" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-" "backend.server.com"
But when I am accessing the backend server through the proxy server I see:
10.251.100.4 - - [08/Jul/2019:14:18:27 +0430] "GET / HTTP/1.0" 200 17624 "https://backend.server.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-" "backend.server.com"
10.251.100.3 - - [08/Jul/2019:14:18:29 +0430] "GET /some/uri/file.css HTTP/1.1" 200 37276 "https://server.com/proxy" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-" "backend.server.com"
I did add proxy_set_header Refer "https://backend.server.com"
to my proxy server location directive but it seems that it is not changing anything. As you can see, it just sends the HTTP referrer for first GET request and does not change the following requests.
Below is my Nginx config for the proxy server.
server {
listen 443;
server_name server.com;
ssl_certificate /etc/nginx/cert.crt;
ssl_certificate_key /etc/nginx/cert.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
gzip on;
gzip_min_length 1000;
gzip_proxied no-cache no-store private expired auth;
gzip_types text/plain text/css application/javascript text/javascript text/xml application/xml application/json;
gunzip on;
access_log /var/log/nginx/secure.access.log;
error_log /var/log/nginx/secure.error.log debug;
location /proxy {
proxy_set_header Referer "https://backend.server.com";
proxy_pass https://backend.server.com/;
proxy_set_header Host backend.server.com;
proxy_set_header X-Forwarded-For "-";
gzip_static on;
#proxy_connect_timeout 18000;
#proxy_send_timeout 18000;
#proxy_read_timeout 18000;
add_header Referer "https://backend.server.com/";
}
}
Edit
I noticed an error regarding CORS in the client's browser as shown below:
Where should I change my config and how?
Thanks for your help!