Hi,
I’m trying to secure openhab for external connections.
I have the following in my nginx config.
location / {
proxy_pass http://localhost:8080/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
satisfy any;
allow 192.168.1.0./24;
allow 127.0.0.1;
deny all;
auth_basic "Username and Password Required";
auth_basic_user_file /etc/nginx/.htpasswd;
}
However it never asks for a password.
if I change it to deny the internal ip of the router before I allow the internal network range it will ask for a password on external connections.
Is this expected behaviour?
I’m doing a simple port forward on DD-WRT to forward port 80 and 443 to my openhab server.
It’s as though NGINX is seeing the external connections as coming from the routers internal ip not the external ip of the user.
Any ideas on how to resolve this?
Thanks
Chris