Jump to content
David Martin

Emby + Domain Name?

Recommended Posts

Swynol

ok so i added the above to my config and changed servername to my subdomain.domain.com and added my lets encrypt SSL cert and key certificate.crt and private.key and finally changed the proxy_Pass to 127.0.0.1:8096

 

if i navigate to http://localhost then it loads emby fine.

 

if i browse to http://subdomain.mydomain.com  it picks up one of my services which is currently running on port 80 (annoyingly i cant change the port on it) so for now i have port forwarded port 80 to my machine running nginx and i can reach emby on the http://subdomain.mydomain.com

 

 

if i browse to https://subdomain.mydomain.com i get the site can't be reached

Edited by Swynol

Share this post


Link to post
Share on other sites
Swynol

nevermind i was being stupid. now working on https://subdomain.mydomain.com is there anyway to force it to only use https? so if i browse emby.mydomain.com it will automatically change to https://emby.mydomain.com?

 

EDIT: so done some reading, just double check i have done it right. i change listen to 

 

listen 443 default_server ssl;

 

and added 

 

if ($scheme = http) {
        return 301 https://$server_name$request_uri;
    }
Edited by Swynol

Share this post


Link to post
Share on other sites
Swynol

I think i will be asking alot of questions here....

 

more problems.

 

So... 

 

tying http://localhost or https://localhost somehow is forwarding to https://emby.mydomain.com

typing http://emby.mydomain.com and https://emby.mydomain.com works as it should

 

i then setup CNAME record like i did for emby for sonarr and cctv. 

now this is where i am stuck. http://sonarr.mydomain.com brings back the nginx test localhost page

https://sonarr.mydomain.com goes to emby.

 

 


#user nobody;
# multiple workers works !
worker_processes 2;

#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

#pid logs/nginx.pid;

#pcre_jit on;

events {
worker_connections 8192;
# max value 32768, nginx recycling connections+registry optimization =
# this.value * 20 = max concurrent connections currently tested with one worker
# C1000K should be possible depending there is enough ram/cpu power
# multi_accept on;
}


http {
#include /nginx/conf/naxsi_core.rules;
include mime.types;
default_type application/octet-stream;

#log_format main '$remote_addr $remote_port - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;

# # loadbalancing PHP
# upstream myLoadBalancer {
# server 127.0.0.1:9001 weight=1 fail_timeout=5;
# server 127.0.0.1:9002 weight=1 fail_timeout=5;
# server 127.0.0.1:9003 weight=1 fail_timeout=5;
# server 127.0.0.1:9004 weight=1 fail_timeout=5;
# server 127.0.0.1:9005 weight=1 fail_timeout=5;
# server 127.0.0.1:9006 weight=1 fail_timeout=5;
# server 127.0.0.1:9007 weight=1 fail_timeout=5;
# server 127.0.0.1:9008 weight=1 fail_timeout=5;
# server 127.0.0.1:9009 weight=1 fail_timeout=5;
# server 127.0.0.1:9010 weight=1 fail_timeout=5;
# least_conn;
# }

sendfile off;
#tcp_nopush on;

server_names_hash_bucket_size 128;
map_hash_bucket_size 64;

## Start: Timeouts ##
client_body_timeout 10;
client_header_timeout 10;
keepalive_timeout 30;
send_timeout 10;
keepalive_requests 10;
## End: Timeouts ##

#gzip on;

server {
listen 80;
server_name localhost;

#charset koi8-r;

#access_log logs/host.access.log main;

## Caching Static Files, put before first location
#location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
# expires 14d;
# add_header Vary Accept-Encoding;
#}

# For Naxsi remove the single # line for learn mode, or the ## lines for full WAF mode
location / {
#include /nginx/conf/mysite.rules; # see also http block naxsi include line
##SecRulesEnabled;
##DeniedUrl "/RequestDenied";
##CheckRule "$SQL >= 8" BLOCK;
##CheckRule "$RFI >= 8" BLOCK;
##CheckRule "$TRAVERSAL >= 4" BLOCK;
##CheckRule "$XSS >= 8" BLOCK;
root html;
index index.html index.htm;
}

# For Naxsi remove the ## lines for full WAF mode, redirect location block used by naxsi
##location /RequestDenied {
## return 412;
##}

## Lua examples !
# location /robots.txt {
# rewrite_by_lua '
# if ngx.var.http_host ~= "localhost" then
# return ngx.exec("/robots_disallow.txt");
# end
# ';
# }

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000; # single backend process
# fastcgi_pass myLoadBalancer; # or multiple, see example above
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}


# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;

# location / {
# root html;
# index index.html index.htm;
# }
#}


# HTTPS server
#
#server {
# listen 443 ssl http2;
# server_name localhost;

# ssl on;
# ssl_certificate c:/nginx/crts/cert.pem;
# ssl_certificate_key c:/nginx/crts/cert.key;

# ssl_session_timeout 5m;

# ssl_prefer_server_ciphers On;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:ECDH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!eNULL:!MD5:!DSS:!EXP:!ADH:!LOW:!MEDIUM;

# Logjam (not really required to fix it, above cipher works too)
# ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:ECDH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!eNULL:!MD5:!DSS:!EXP:!ADH:!LOW:!MEDIUM:!DES:!RC4:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;

# location / {
# root html;
# index index.html index.htm;
# }
#}

##EMBY Server##

server {
listen [::]:80;
listen 80;
listen [::]:443 ssl;
listen 443 default_server ssl;
server_name emby.mydomain.com; # Base domain name the client entered emby.yourdomain.com


#path to your SSL files, nginx must now handle all of the SSL, not each individual server
#to your backend is regular HTTP its assumed safe, its on your local network or the same PC as nginx
ssl_session_timeout 30m;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_certificate cert.pem;
ssl_certificate_key private.key;
ssl_session_cache shared:SSL:10m;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}

location / {
proxy_pass http://192.168.1.10:8096; # Local emby ip and non SSL port

proxy_hide_header X-Powered-By;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#Next three lines allow websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}

 

##Sonarr Server##

server {
listen [::]:80;
listen 80;
listen [::]:443 ssl;
listen 443 default_server ssl;
server_name sonarr.mydomain.com; 


#path to your SSL files, nginx must now handle all of the SSL, not each individual server
#to your backend is regular HTTP its assumed safe, its on your local network or the same PC as nginx
ssl_session_timeout 30m;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_certificate cert.pem;
ssl_certificate_key private.key;
ssl_session_cache shared:SSL:10m;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}

location / {
proxy_pass http://127.0.0.1:8989;

proxy_hide_header X-Powered-By;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

}

 

Share this post


Link to post
Share on other sites
Swynol

another update. Seems the issue was related to my work browser caching files. 

 

working from another machine all my server blocks seem to be working as intended. thanks for everyones help and thanks to @@pir8radio for pointing me in the right direction and putting up with all my questions.

Edited by Swynol
  • Like 1

Share this post


Link to post
Share on other sites
pir8radio

@@Swynol  EDIT: never mind, config looks good,    You might want to clean up your config, get rid of all of the # commented out lines, keep your comments..  once you do that, you will find that you are listening on "localhost" and serving a default html page.     But it looks good. Good work! 

Edited by pir8radio

Share this post


Link to post
Share on other sites
Swynol

ye i have just cleaned it all up. added all my services which are all working bar one. can you have a subdomain.mydomain.com to proxy_pass to an internal IP on port 80? 

 

so this is my finished config minus all the extra server blocks. all the additional services are just copies of sonarr and emby server blocks. does my security look ok? Also can NGINX proxy_pass to other networks? i.e i have VLANs setup. So nginx is on network 192.168.10.0/24 my other network is 192.168.20.0/28. would it be as simple as servername subdomain1.mydomain.com proxy_pass 192.168.20.2:PORT?

 

 

#user nobody;
# multiple workers works !
worker_processes 2;



events {
worker_connections 8192;
}


http {
#include /nginx/conf/naxsi_core.rules;
include mime.types;
default_type application/octet-stream;


sendfile off;

server_names_hash_bucket_size 128;
map_hash_bucket_size 64;

## Start: Timeouts ##
client_body_timeout 10;
client_header_timeout 10;
keepalive_timeout 30;
send_timeout 10;
keepalive_requests 10;
## End: Timeouts ##

#gzip on;


##EMBY Server##

server {
listen [::]:80;
listen 80;
listen [::]:443 ssl;
listen 443 ssl;
server_name emby.mydomain.com; # Base domain name the client entered emby.yourdomain.com


#path to your SSL files, nginx must now handle all of the SSL, not each individual server
#to your backend is regular HTTP its assumed safe, its on your local network or the same PC as nginx
ssl_session_timeout 30m;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_certificate cert.pem;
ssl_certificate_key private.key;
ssl_session_cache shared:SSL:10m;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}

location / {
proxy_pass http://192.168.1.10:8096; # Local emby ip and non SSL port

proxy_hide_header X-Powered-By;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#Next three lines allow websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}


##Sonarr Server##

server {
listen [::]:80;
listen 80;
listen [::]:443 ssl;
listen 443 ssl;
server_name sonarr.mydomain.com;


#path to your SSL files, nginx must now handle all of the SSL, not each individual server
#to your backend is regular HTTP its assumed safe, its on your local network or the same PC as nginx
ssl_session_timeout 30m;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_certificate cert.pem;
ssl_certificate_key private.key;
ssl_session_cache shared:SSL:10m;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}

location / {
proxy_pass http://127.0.0.1:8989;

proxy_hide_header X-Powered-By;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#Next three lines allow websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}

 

Share this post


Link to post
Share on other sites
pir8radio

ye i have just cleaned it all up. added all my services which are all working bar one. can you have a subdomain.mydomain.com to proxy_pass to an internal IP on port 80? 

 

 

 

Not if that port 80 server resides on the same physical PC as nginx..   Ngnix is already listening on port 80 so no one else can.  If you dont use port 80 regular http on any of your nginx sites you can remove those lines from all of the server sections, close it on your firewall, then uses it for a backend server... But i would guess its probably easier to change that backend service to 81 or something.  OR if that backend server using port 80 is on a different PC then yes you can use 80.

Edited by pir8radio

Share this post


Link to post
Share on other sites
pir8radio

Now you get to fine-tune and play around with nginx!    If you want super secure SSL @@shorty1483 can probably help you there..  I was fine with "decent" https connections (which is what you used in your config), Shorty's emby/nginx setup is probably more secure than my online banking site....    ^_^

Edited by pir8radio
  • Like 1

Share this post


Link to post
Share on other sites
Swynol

Not if that port 80 server resides on the same physical PC as nginx..   Ngnix is already listening on port 80 so no one else can.  If you dont use port 80 regular http on any of your nginx sites you can remove those lines from all of the server sections, close it on your firewall, then uses it for a backend server... But i would guess its probably easier to change that backend service to 81 or something.  OR if that backend server using port 80 is on a different PC then yes you can use 80.

 

it's not on the same box as nginx. its a box that is plugged into my heating which doesnt allow me to change the port on it. i will play around with this another time. I think i'm happy with my SSL setup at present. when i get bored i might take a look at shorty1483's config.

 

also one of my services needs an additional location i.e. http://127.0.0.1:7000/webpam. i have the below in a server block

 

location /webpam {
 
however it doesnt work. i still need to go to https://subdomain.mydomain.com/webpam for it to work

Share this post


Link to post
Share on other sites
pir8radio

Leave the webpam off of the location. But leave it on your backend server ip line.

Share this post


Link to post
Share on other sites
shorty1483

Now you get to fine-tune and play around with nginx!    If you want super secure SSL @@shorty1483 can probably help you there..  I was fine with "decent" https connections (which is what you used in your config), Shorty's emby/nginx setup is probably more secure than my online banking site....    ^_^

 

Went a bit away from that cause the whole HPKP and X25519 thing was tooo incompatible with lots of clients and playback became choppy. I try again in the year 2024 :D

Share this post


Link to post
Share on other sites
NYD3030

Heya everyone!

 

So this thread has been super helpful thus far - I think I'm at the very end of figuring this out. Basically I've done the following things:

 

1) Registered a domain

2) Changed the A record to point to my IP

3) Changed the CNAME record to point to my URL

4) Changed my http port numbers to 80 in Emby

5) Changed my https port numbers to 443 in Emby

6) Forwarded those ports in my NAT for Emby's internal IP

 

My DNS is still propagating through the aether so that isn't working yet, but when I attempt to hit my server via IP the connection is timing out. In fact it appears to start loading Emby (the black background loads in) before I get the error.

 

Any ideas where I might be screwing up? My ISP does not block port 80 for what it's worth.

 

Share this post


Link to post
Share on other sites
NYD3030

So in doing a little more research, I'm guessing this has to do with my router, which is a google onhub. I can't ping my public IP, for example. What's weird is if I leave emby with the default network settings I can access via IP:Port from outside the network.

 

Anyway, any ideas are appreciated.

Heya everyone!

 

So this thread has been super helpful thus far - I think I'm at the very end of figuring this out. Basically I've done the following things:

 

1) Registered a domain

2) Changed the A record to point to my IP

3) Changed the CNAME record to point to my URL

4) Changed my http port numbers to 80 in Emby

5) Changed my https port numbers to 443 in Emby

6) Forwarded those ports in my NAT for Emby's internal IP

 

My DNS is still propagating through the aether so that isn't working yet, but when I attempt to hit my server via IP the connection is timing out. In fact it appears to start loading Emby (the black background loads in) before I get the error.

 

Any ideas where I might be screwing up? My ISP does not block port 80 for what it's worth.

Share this post


Link to post
Share on other sites
BAlGaInTl

So in doing a little more research, I'm guessing this has to do with my router, which is a google onhub. I can't ping my public IP, for example. What's weird is if I leave emby with the default network settings I can access via IP:Port from outside the network.

 

Anyway, any ideas are appreciated.

 

I'd be interested to hear more on this if anyone has thoughts.

 

I'm using a Google OnHub router (3 in a mesh actually) and it works for me on the default and custom ports.  I haven't tried 80/443.

 

I don't think much about but instead just use https://server.domain.net:port to access the server while I'm away.  I never saw the need to use port 80/443 as it isn't that difficult to use the specific port. 

 

I use my internal IP address when I'm accessing on my home network.

Share this post


Link to post
Share on other sites
pir8radio

Heya everyone!

 

So this thread has been super helpful thus far - I think I'm at the very end of figuring this out. Basically I've done the following things:

 

1) Registered a domain

2) Changed the A record to point to my IP

3) Changed the CNAME record to point to my URL

4) Changed my http port numbers to 80 in Emby

5) Changed my https port numbers to 443 in Emby

6) Forwarded those ports in my NAT for Emby's internal IP

 

My DNS is still propagating through the aether so that isn't working yet, but when I attempt to hit my server via IP the connection is timing out. In fact it appears to start loading Emby (the black background loads in) before I get the error.

 

Any ideas where I might be screwing up? My ISP does not block port 80 for what it's worth.

 

If you pm me your domain name I can take a peek and see what is being blocked. If you don't trust me,  :)  you can try from an external computer, or service like http://canyouseeme.org/  first, make sure the path is open...    If yes, then you can use chrome in developer mode to figure out whats being blocked or erroring out.  

Share this post


Link to post
Share on other sites
pir8radio

Heya everyone!

 

So this thread has been super helpful thus far - I think I'm at the very end of figuring this out. Basically I've done the following things:

 

1) Registered a domain

2) Changed the A record to point to my IP

3) Changed the CNAME record to point to my URL

4) Changed my http port numbers to 80 in Emby

5) Changed my https port numbers to 443 in Emby

6) Forwarded those ports in my NAT for Emby's internal IP

 

My DNS is still propagating through the aether so that isn't working yet, but when I attempt to hit my server via IP the connection is timing out. In fact it appears to start loading Emby (the black background loads in) before I get the error.

 

Any ideas where I might be screwing up? My ISP does not block port 80 for what it's worth.

 

Thanks for the PM.....  I tried your domain name and it points to your IP correctly... I get a 404 error which only a web server can send me.. Which leads me to believe either your ISP is sending me that as a form of blocking, or you have something on the emby pc running on port 80 already.    Try changing emby back to the default ports, and then open those ports in your NAT     then try again connecting to   yourdomain.com:8096    see if that works, let me know if it does, I can try it as well remotely.. 

Share this post


Link to post
Share on other sites
NYD3030

Thanks for the PM.....  I tried your domain name and it points to your IP correctly... I get a 404 error which only a web server can send me.. Which leads me to believe either your ISP is sending me that as a form of blocking, or you have something on the emby pc running on port 80 already.    Try changing emby back to the default ports, and then open those ports in your NAT     then try again connecting to   yourdomain.com:8096    see if that works, let me know if it does, I can try it as well remotely.. 

 

Alright, that appears to have worked from outside my network (tried it on a mobile hotspot). Obviously port 80 isn't playing nice. Thanks for the help so far! Two things to work out at this point:

 

1) Inside my network I can't use the domain name or IP to connect to emby. I believe onhub might be the problem here.

2) Ideally I'd like to not have to plug in the port after the domain name - what do I need to do to configure this?

Share this post


Link to post
Share on other sites
pir8radio

Alright, that appears to have worked from outside my network (tried it on a mobile hotspot). Obviously port 80 isn't playing nice. Thanks for the help so far! Two things to work out at this point:

 

1) Inside my network I can't use the domain name or IP to connect to emby. I believe onhub might be the problem here.

2) Ideally I'd like to not have to plug in the port after the domain name - what do I need to do to configure this?

 

1.) Yes onhub is probably the issue, look for an option to "allow loop-back connections" or something similar, enable it. https://support.google.com/wifi/answer/6274503#nat-loopback

 

2.) Well, the only way to not have to enter the ports with a domain name is to use 80 for regular http and 443 for https.  which are browser default ports.  You might have to make sure they are not blocking it..    If you go on your emby server and go to http://127.0.0.1 do you get anything?  timeout? 404 error?

Edited by pir8radio

Share this post


Link to post
Share on other sites
BAlGaInTl

1.) Yes onhub is probably the issue, look for an option to "allow loop-back connections" or something similar, enable it. https://support.google.com/wifi/answer/6274503#nat-loopback

 

2.) Well, the only way to not have to enter the ports with a domain name is to use 80 for regular http and 443 for https.  which are browser default ports.  You might have to make sure they are not blocking it..    If you go on your emby server and go to http://127.0.0.1 do you get anything?  timeout? 404 error?

 

Couldn't you also achieve the desired result with a reverse proxy?  I would like to set that up in the future.

 

According to that link... Google says NAT loop-back should just work... Unless I'm reading it wrong.  There is no separate setting with the Google WiFi App.

 

 

NAT loopback lets devices on your private Wi-Fi (like a laptop or IP camera) communicate with a public network (WAN). This lets them “share” a connection with each other. This means you’ll be able to see your port forwarded devices from inside your home Wi-Fi.

To use NAT Loopback, just set the appropriate port forwarding rules for the desired device and you’re all set.

 

I'll try this with mine when I get home to see if I can get it to work.

Share this post


Link to post
Share on other sites
NYD3030

1.) Yes onhub is probably the issue, look for an option to "allow loop-back connections" or something similar, enable it. https://support.google.com/wifi/answer/6274503#nat-loopback

 

2.) Well, the only way to not have to enter the ports with a domain name is to use 80 for regular http and 443 for https.  which are browser default ports.  You might have to make sure they are not blocking it..    If you go on your emby server and go to http://127.0.0.1 do you get anything?  timeout? 404 error?

 

1) I'll mess around with it and see what I can find. I can always just use the local IP to connect in my network, no big deal really.

2) 127.0.0.1 gives an 'ERR_CONNECTION_REFUSED'. 

Share this post


Link to post
Share on other sites
pir8radio

1) I'll mess around with it and see what I can find. I can always just use the local IP to connect in my network, no big deal really.

2) 127.0.0.1 gives an 'ERR_CONNECTION_REFUSED'. 

 

Err connection refused, is what i would expect if you were not running anything else on port 80..  Looks like it might be your ISP blocking HTTP, yet the port seems open.. Strange way to block its usage, i guess so they can say they don't block any ports?

  • Like 1

Share this post


Link to post
Share on other sites
pir8radio

Couldn't you also achieve the desired result with a reverse proxy?  I would like to set that up in the future.

 

Not with port 80 blocked...   nginx/reverse proxy would still need to listen on port 80, but its being hosed on the ISP side.  I bet a call to them can get it freed up..   Just as long as you are opening it for a legitimate reason, like some family photo sharing application, called emby, I would avoid the usage of the word "server".  ;)

Edited by pir8radio
  • Like 1

Share this post


Link to post
Share on other sites
BAlGaInTl

I confirmed that the OnHub seems to handle the NAT loop-back just fine.

 

I changed my port and everything just worked locally and remotely.

  • Like 1

Share this post


Link to post
Share on other sites
NYD3030

I confirmed that the OnHub seems to handle the NAT loop-back just fine.

 

I changed my port and everything just worked locally and remotely.

I'm obviously doing something wrong - how did you set the port to enable loop-back? I've tried simply forwarding the port like normal with no luck.

Share this post


Link to post
Share on other sites
NYD3030

Not with port 80 blocked...   nginx/reverse proxy would still need to listen on port 80, but its being hosed on the ISP side.  I bet a call to them can get it freed up..   Just as long as you are opening it for a legitimate reason, like some family photo sharing application, called emby, I would avoid the usage of the word "server".  ;)

I did find some evidence on the interwebs that charter does block port 80 traffic initiated outside your network and just says 'we don't block port 80' because they don't block it entirely.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...