Re: [Solved] Re: localhost web apps and cookie blocking
On Fri, 16 Apr 2021 12:42:14 -0400
Dan Ritter <dsr@randomstring.org> wrote:
> Celejar wrote:
> > Interesting. I thought my usecase was a pretty straightforward one - I
> > have various typical home user services that I have no intention of
> > making available on the public internet, so I don't bother with SSL,
> > but I do want to access them relatively securely across my local
> > network. port forwarding via ssh seemed like an easy and solid
> > solution, but perhaps it's not commonly done.
>
> Fairly common. You can add stanzas like this:
>
> (nginx):
>
> location /someserver/ {
> proxy_pass http://127.0.0.1:4444/;
> proxy_set_header Host $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded-Proto $scheme;
> proxy_set_header Connection "";
> allow 192.168.0.0/24;
> allow 127.0.0.1;
> deny all;
> }
>
> This changes it from a port number to a URL path, allows your
> local network and localhost to access it, and denies it to
> others, should they come across the path.
>
> Apache and other webservers can do similar things.
Thanks. I've considered setting up a reverse proxy (either nginx, or
Caddy / Traefik / something else), but I haven't bothered yet. The web
apps I use have their own, self-contained servers.
Celejar
Reply to: