I've been been working on a website with a pretty complex setup:
3 backend servers coded in java with netty running the main application
A ngnix reverse-proxy doing load-balacing
A seperate nginx webserver serving static content
As proof of concept, I want to have some important files like a big super secret document on the nginx-server serving static content but only allow authenticated users to access that file and I honestly have no clue to do it...
Try
nginx auth module
For more detailed usage NGINX Authenticated User
Related
I am using two application parts that deployed on: AWS Beanstalk and Netlify.
Java-based part is deployed on AWS and available on http protocol.
Angular based is deployed on Netlify and available on https protocol.
The error occurs when sending a request to AWS:
Mixed Content: The page at 'https://some-url.netlify.com/' was loaded over
HTTPS, but requested an insecure XMLHttpRequest endpoint
'http://some-url.elasticbeanstalk.com/api/getAppSettings'. This request has
been blocked; the content must be served over HTTPS.
I need to do it working for learning purposes only, so try to make Netlify working under Http.
Is it possible to change the protocol to simple http on Netlify?
The adding SSL certificate to Elastic Beanstalk is complicated, unclear and takes too much time
AFAIK, netlify doesn't allow you to access website over HTTP, as they force redirect to HTTPS by default, as mentioned here. But its really easy to have HTTPS on AWS - your elastic beanstalk instances are served with HTTPS by default using an AWS owner certificate, and you can link your custom domain certificate if you have a custom domain, very easily from AWS Certificate Manager.
You can create a netlify.toml file and do some redirect tweaking, as mentioned here.
Creating and configuring a _redirects file in the root of your build folder(or in your public folder if using an SPA like React) might help with this. For your example, the _redirects file would look something like this:
/api/* http://some-url.elasticbeanstalk.com/api/:splat 200
Then rather than call endpoints like this:
fetch(`http://some-url.elasticbeanstalk.com/api/getAppSettings`)
You would need to make your API calls in this format:
fetch(`/api/getAppSettings`) // 'it reads /api/ because of how we configured our _redirects file'
You can read more on how to make netlify proxying here
I have an ASP.net MVC app running on Azure App Service ... I've searched for the answer, but have not found it ... my app seems to always force HTTPS redirect, no matter what. All the docs say it should serve content via HTTP by default, but it does not. Most everyone has the opposite problem of needing to redirect HTTP to HTTPS.
I need Azure App Service to do the following:
1) Serve static Default.htm page via HTTP, without redirecting to HTTPS
My app has a custom domain and no SSL for the custom domain. I want the URL http://example.com/Default.htm to serve the static page, not redirect to HTTPS to serve the static page. I will use azurewebsites domain when I want users to be in HTTPS. I want to use my custom domain name to serve a static home page for users arriving at my site.
As far as I can determine, I do not have any app extensions installed (such s https redirect extension), or anything in web.config to force https, or any RequireHTTPS attributes ... can anyone explain why plain old regular boring HTTP doesn't work here?
Thanks
Is there a way to protect 1 folder on the website running on static nginx?
Example:
http://www.example.com/protected-folder/
If I load domain it should be public, if I load "protected-folder" it should ask for a
password. Is there a way to achieve this?
To help you I am running it on "Webfaction" host as a Static App.
Thank you.
Given is an application behind a Nginx configured as reverse proxy. The application requires user login via a web form and HTTP POST. Is there a possibility to provide the credentials of a generic technical user to Nginx and let it automatically do a login, so that users don't have to login explicitly anymore?
It might be tough without some kind of module :) but If it is an internal application you might tell nginx to to add certain headers to every request and authenticate by them. But if it is a production app I wouldn't go this path :)
I have SSL enabled for subdomain.mydomain.com so I can access files via https://subdomain.mydomain.com. Now please tell me if I'm right.. if I have file somwhere in subdomain.mydomain.com called index.php I can securely access it via:
https://subdomain.mydomain.com/someFolder/index.php
but I can also access it via
http://subdomain.mydomain.com/someFolder/index.php
This time communication won't be encrypted though. So now it comes down to links only if I access files in subdomain.mydomain.com securely or not?
I will have another related question (and many more probably), but will post it as separate topic to keep things clean :)
You can force the use of the SSL site for non-https URLs. This way people cannot access the pages without encrypting the communication
In the http virtual host, VirtualHost 192.168.0.4:80, put just the line
Redirect permanent / https://subdomain.mydomain.com
That's usually how it works, but it depends on your specific webserver's setup. For example, you can configure a web server to disallow non-HTTPS traffic completely or you can even serve totally different content between HTTP and HTTPS.
Yes, using https: or http: in your URLs controls whether the access is secure or not.