Docker security
matteoventuri7 opened this issue · 1 comments
matteoventuri7 commented
Hi, i have deployed nginx-ui on Docker like documentation but i have a problem: if I try to access to nginx-ui through nginx proxy all is ok (basic auth ask me login) but if i go direct on port 8080 then i can access to nginx-ui bypassing nginx proxy.
So, this is a summary:
nginx.mysite.com -> asking login (OK!!!)
mysite.com:8080 -> i can access to nginx-ui without login.
Any helps?
NGINX config
server {
listen 80;
server_name nginx.mysite.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name nginx.mysite.com;
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://127.0.0.1:8080/;
}
auth_basic "nginxui secured";
auth_basic_user_file /etc/apache2/.htpasswd;
}
thijsjek commented
So, if you expose the nginx only on port 443, it wont be able to use port 8080.
If you only use this on the lan, then auth is almost obsolete