Questions about my proxy configuration

[pir8radio 1292]

18 minutes ago, loop11 said:

After examining little bit closer recommended the ngnix.config, few things are huge security risk for example negating ngnix completely by opening hole for emby  "proxy_pass http://127.0.0.1:8096"

That doesn’t open a hole for emby.   Proxy_pass acts as a middle man.  It requests a page from the emby web server reads its html and then sends that read html to the user accessing nginx.   It’s the whole point of an application server and reverse proxy.     You can then add any additional security you want via nginx.   Limit ip’s, rewrite code on the fly, force https, well, anything.     This is also exactly how the security service cloudflare functions.  

[loop11 3]

15 hours ago, pir8radio said:

That doesn’t open a hole for emby.   Proxy_pass acts as a middle man.  It requests a page from the emby web server reads its html and then sends that read html to the user accessing nginx.   It’s the whole point of an application server and reverse proxy.     You can then add any additional security you want via nginx.   Limit ip’s, rewrite code on the fly, force https, well, anything.     This is also exactly how the security service cloudflare functions.  

pir8radio is it possible that we talk on PM I think you have disabled messages?

Or I can send you email with my question, because I have some sensitive things that's just for private talk.

Thanks in the advance.

Edited December 2, 2023 by loop11

[loop11 3]

Anyway with pir8radio nginx setting I'm getting errors because its colliding with rutorrent ngnix sttings

 

Anyway I'm getting this errors at start when I start nginx

hq4 nginx[14335]:nginx: [emerg] "worker_processes" directive is not allowed here in /etc/nginx/sites-enabled/default:1
hq4 nginx[14335]: nginx: configuration file /etc/nginx/nginx.conf test failed
hq4 systemd[1]: nginx.service: Control process exited, code=exited status=1

hq4 systemd[1]: nginx.service: Failed with result 'exit-code'

[loop11 3]

And why would android app use some weird way to access secession and downloading subtitles, if web app is working, and Samsung tizen app is working and seems LG app is working?

[ebr 14929]

3 hours ago, loop11 said:

And why would android app use some weird way to access secession and downloading subtitles

It isn't but your proxy may be treating it differently.

[loop11 3]

1 hour ago, ebr said:

It isn't but your proxy may be treating it differently.

Ok I uploaded my complete config file from nginx to luke PM and  you are also watcher in that conversation, I wanted to upload to pir8radio complete config list but I cant his messaging is blocked. You can see complete setup and whats there which is doing that to android apps. Plex and Jellyfin were perfect without any problems.

I cant post some things publicly, I don't want to show ip addresses especially ports which were used.

 

 

[Luke 37112]

On 12/3/2023 at 10:58 AM, loop11 said:

Ok I uploaded my complete config file from nginx to luke PM and  you are also watcher in that conversation, I wanted to upload to pir8radio complete config list but I cant his messaging is blocked. You can see complete setup and whats there which is doing that to android apps. Plex and Jellyfin were perfect without any problems.

I cant post some things publicly, I don't want to show ip addresses especially ports which were used.

 

 

Did you try comparing your nginx configuration to his?