I have setup a nginx proxy to pass https url to internal http neo4j web. I can reach the neo4j login page without any issue, but I am forced to use the neo4j+s/bolt+s interface.
Just wondering how I can configure nginx to remove any ssl related info via proxypass module, in order to login in neo4j with ws, no wss?
Thanks,
Chance
I managed to get rid of wss by adding another nginx proxy to set the https url as upstream server in location.proxy_pass. It won't show wss/neo4j+s/bolt+s any more once you visit the web by the http url. Hopefully it will help for anyone has the similar issue as me.
Related
Current Scenario
I am hosting a wordpress website on a ECS instance which runs wordpress in a docker container
My wordpress is working fine but i want to change HTTP to HTTPS
What i dont want to use
1) ELB
2) Anything cost ineffective
What i tried
I tried using cloud front and setting ec2-52-64-xxx-xxx.ap-southeast-2.compute.amazonaws.com as origin domain and origin id
I also set it to redirect HTTP to HTTPS
Current CloudFront behaviour
What happens is when i goto the cloudfront link it redirects me to ec2-52-64-xxx-xxx.ap-southeast-2.compute.amazonaws.com (HTTP) instead of using the cloudfront link
Desired CloudFront behaviour
It should use the HTTPS cloudfront URL to use my wordpress website by redirecting any traffic from my origin from HTTP to HTTPS
Current Server configs
1) I don't have any SSL/TLS certificate installed in my ECS instance
2) My .htaccess file has default values (not sure if i even should update it or cloudfront will work without any changes to .htaccess)
3) Wordpress is not installed so the database does not have any values which might be causing a redirect ( I deleted the database to test if that might be causing the inconsistency)
I am really new to AWS,There might be a better way to achieve HTTP to HTTPS redirect i think any sugggestions/help is highly appreciated thanks :)
I simply code a node server with koa, I can start it with npm start and visit it through localhost:3000 for example.
Now I want to visit it through https://www.test.com. I use Nginx for reverse proxy, and now I can visit it through www.test.com. But how can I visit it through https://www.test.com?
Please give me some advice, thanks!
Another way to do it is via CloudFlare, which will provide a free HTTPS proxying layer in front of your website. You don't need to set up certificates locally, CloudFlare will automatically obtain them for your domain.
you have to configure your NGINX server to use HTTPS
And also you need valid HTTPS certificates. Also make a rule to redirect everything from http to https , or only for a specific domain, there are plenty of examples how to do that.
Whats the best way to redirect http traffic to https on a ELB with IIS ?? I have 3 options
Redirect at DNS level (using forwarder) from my domain
provider(Godaddy)
Redirect at AWS using IIS web.config's <system.webServer><rewrite><rules> section
Use Cloudfront to redirect http to https, but there is a cost involved.
Right now, my site works on both http and https separately. On ELB, no port is assigned to http and only HTTPS site is kept activated.
Whats the best way to redirect http traffic to https from above two options?? Is there any better way then these 2 options to achieve this redirection??
You can do both, but I would suggest you to add a Rewrite rule in IIS. This is easier to manage in case you plan to add additional domains to your site. Domain Forwarding may not be feasible.
Option 2 sounds the best.
Add http and https listeners on your ELB.
Then add redirect rules in IIS.
I've recently setup a Crucible instances in AWS connected via a HTTPS ELB. I have a nginx reverse proxy setup on the instance as well to redirect HTTP requests to HTTPS.
This partially works. However Crucible itself doesn't know it's running over HTTPS so serves up mixed content, and ajax queries often break due to HTTP -> HTTPS conflicts.
I've found documentation for installing a certificate in Crucible directly...
https://confluence.atlassian.com/fisheye/fisheye-ssl-configuration-298976938.html
However I'd really rather not have to do it this way. I want to have the HTTPS terminated at the ELB, to make it easier to manage centrally through AWS.
I've also found documentation for using Crucible through a reverse proxy...
https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-apache-http-server-mod_proxy_http-806032611.html
However this doesn't specifically deal with HTTPS.
All I really need is a way to ensure that Crucible doesn't serve up content with hard coded internal HTTP references. It needs to either leave off the protocol, or set HTTPS for the links.
Setting up the reverse proxy configuration should help accomplish this. Under Administration >> Global Settings >> Server >> Web Server set the following:
Proxy scheme: https
Proxy host: elb.hostname.com
Proxy port: 443
And restart Crucible.
Making configuration on UI is one way. You can also change config.xml in $FISHEYE_HOME:
<web-server site-url="https://your-public-crucible-url">
<http bind=":8060" proxy-host=“your-public-crucible-url" proxy-port="443" proxy-scheme="https"/>
</web-server>
Make sure to shutdown FishEye/Crucible before making this change.
AFAIK, this configuration is the only way to tell internal Jetty of FishEye/Crucible to be aware of the reversed proxy in front of them.
I'm trying to come up with a solution where I can do the follow:
In my scenario there are 2 servers.
API1: Nginx + API Website
API2: Nginx + Staging Website
In order to check new version of API via mobileapp, I want to set my phone to use a proxy server (Should be API2), and only when the dest URL is https://api.test.com it will redirect it internally to localhost:6000.
Any ideas of how it can be done? I know Nginx does not support SSL Proxing, but maybe I'm wrong.
Thanks
Well,
Eventually I was able to accomplish that by using Apache Traffic Server which has been configured as a forward proxy while doing some map rules to redirect traffic from https to localhost:443/
But, I will be happy to hear some more ideas.
Thanks