pir8radio 1292 Posted December 2, 2023 Share Posted December 2, 2023 18 minutes ago, loop11 said: After examining little bit closer recommended the ngnix.config, few things are huge security risk for example negating ngnix completely by opening hole for emby "proxy_pass http://127.0.0.1:8096" That doesn’t open a hole for emby. Proxy_pass acts as a middle man. It requests a page from the emby web server reads its html and then sends that read html to the user accessing nginx. It’s the whole point of an application server and reverse proxy. You can then add any additional security you want via nginx. Limit ip’s, rewrite code on the fly, force https, well, anything. This is also exactly how the security service cloudflare functions. 1 Link to comment Share on other sites More sharing options...
loop11 3 Posted December 2, 2023 Author Share Posted December 2, 2023 (edited) 15 hours ago, pir8radio said: That doesn’t open a hole for emby. Proxy_pass acts as a middle man. It requests a page from the emby web server reads its html and then sends that read html to the user accessing nginx. It’s the whole point of an application server and reverse proxy. You can then add any additional security you want via nginx. Limit ip’s, rewrite code on the fly, force https, well, anything. This is also exactly how the security service cloudflare functions. pir8radio is it possible that we talk on PM I think you have disabled messages? Or I can send you email with my question, because I have some sensitive things that's just for private talk. Thanks in the advance. Edited December 2, 2023 by loop11 Link to comment Share on other sites More sharing options...
loop11 3 Posted December 3, 2023 Author Share Posted December 3, 2023 Anyway with pir8radio nginx setting I'm getting errors because its colliding with rutorrent ngnix sttings Anyway I'm getting this errors at start when I start nginx hq4 nginx[14335]:nginx: [emerg] "worker_processes" directive is not allowed here in /etc/nginx/sites-enabled/default:1 hq4 nginx[14335]: nginx: configuration file /etc/nginx/nginx.conf test failed hq4 systemd[1]: nginx.service: Control process exited, code=exited status=1 hq4 systemd[1]: nginx.service: Failed with result 'exit-code' Link to comment Share on other sites More sharing options...
loop11 3 Posted December 3, 2023 Author Share Posted December 3, 2023 And why would android app use some weird way to access secession and downloading subtitles, if web app is working, and Samsung tizen app is working and seems LG app is working? Link to comment Share on other sites More sharing options...
ebr 14929 Posted December 3, 2023 Share Posted December 3, 2023 3 hours ago, loop11 said: And why would android app use some weird way to access secession and downloading subtitles It isn't but your proxy may be treating it differently. Link to comment Share on other sites More sharing options...
loop11 3 Posted December 3, 2023 Author Share Posted December 3, 2023 1 hour ago, ebr said: It isn't but your proxy may be treating it differently. Ok I uploaded my complete config file from nginx to luke PM and you are also watcher in that conversation, I wanted to upload to pir8radio complete config list but I cant his messaging is blocked. You can see complete setup and whats there which is doing that to android apps. Plex and Jellyfin were perfect without any problems. I cant post some things publicly, I don't want to show ip addresses especially ports which were used. Link to comment Share on other sites More sharing options...
Luke 37112 Posted December 5, 2023 Share Posted December 5, 2023 On 12/3/2023 at 10:58 AM, loop11 said: Ok I uploaded my complete config file from nginx to luke PM and you are also watcher in that conversation, I wanted to upload to pir8radio complete config list but I cant his messaging is blocked. You can see complete setup and whats there which is doing that to android apps. Plex and Jellyfin were perfect without any problems. I cant post some things publicly, I don't want to show ip addresses especially ports which were used. Did you try comparing your nginx configuration to his? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now