Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. proxy
    Log in to post
    • P

      SSL/TLS client certificates questions
      IT Discussion • certificate https linux mtls proxy ssl tls • • Pete.S

      9
      0
      Votes
      9
      Posts
      130
      Views

      P

      @flaxking said in SSL/TLS client certificates questions:

      Domain name doesn't matter, unless you're signing with a public CA. I'd think self-signed vs internal CA vs public CA would depend on what the authentication mechanism supports and how you have to manage the certificates. (i.e. if there are going to be a ton of them it might be easier for the authentication mechanism just to trust certificates signed by a certain internal CA rather than having to make each certificate trusted.

      From what I've seen so far, I've come to the same conclusion.

    • M

      Can anyone provide simple Meshcentral behind NGINX proxy setup instructions?
      IT Discussion • meshcentral meshcentral 2 nginx npm proxy • • manxam

      11
      1
      Votes
      11
      Posts
      1035
      Views

      M

      Got it all working. Thanks for everyone's assistance!

    • NetworkNerd

      Verifying Wavefront Proxy Log Ingestion
      Self Promotion • networknerd blog networknerd vmware networknerd wavefront proxy ubuntu vmware wavefront • • NetworkNerd

      1
      3
      Votes
      1
      Posts
      89
      Views

      No one has replied

    • wrx7m

      SOLVED Creating a Shortcut for Chrome Incognito with Proxy Settings
      IT Discussion • chrome icognito porn mode proxy shortcuts • • wrx7m

      35
      2
      Votes
      35
      Posts
      2039
      Views

      wrx7m

      Circling back to GPP. Thanks to @FiyaFly , who was able to help me out with the syntax for the fields. Do not use quotes in the target or start in paths.
      Target Path:

      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      Arguments:

      --incognito --proxy-server=squid1.domain.com:3128 --user-data-dir="%LOCALAPPDATA%\Google\Squid1\User Data"

      Start in:

      C:\Program Files (x86)\Google\Chrome\Application\

      I also used the create option and desktop (standard, not all users desktop).

    • scottalanmiller

      oVirt Behind nGinx Proxy Cannot Login After Install
      IT Discussion • linux nginx ovirt proxy • • scottalanmiller

      1
      1
      Votes
      1
      Posts
      176
      Views

      No one has replied

    • wrx7m

      Squid Proxy - Configuring as an External Proxy?
      IT Discussion • acl fedora29 proxy squid • • wrx7m

      3
      1
      Votes
      3
      Posts
      138
      Views

      wrx7m

      Updating this thread. I ended up setting up the squid.conf file with the following config to get it to work.

      First, at the top of the localnet lines-

      acl localnet src 205.205.205.1/32

      Then, I added the only domains that I wanted to provide access to. This whitelisted them.

      acl GOOD dstdomain .google.com acl Good dstdomain .domain.ca

      Followed by, the allow and deny lines

      http_access allow GOOD http_access deny all

      Finally, "uncommenting" the Safe ports/services for 80 and 443.

    • scottalanmiller

      NGinx Configuration Block for Zimbra Reverse Proxy
      IT Discussion • nginx proxy reverse proxy zimbra • • scottalanmiller

      2
      1
      Votes
      2
      Posts
      709
      Views

      dbeato

      @scottalanmiller said in NGinx Configuration Block for Zimbra Reverse Proxy:

      Someone was looking for this specifically so...

      server { client_max_body_size 80M; server_name my.domain.com; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_redirect off; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass https://myip:443/; proxy_redirect off; # Socket.IO Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } listen 80; ssl_stapling on; ssl_stapling_verify on; ssl_session_cache shared:SSL:10m; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/my.domain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/my.domain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }

      Remember to create one for the Admin console on port 7071.

    • Emad R

      Proxies as VPN?
      IT Discussion • proxy vpn • • Emad R

      9
      0
      Votes
      9
      Posts
      507
      Views

      scottalanmiller

      @emad-r said in Proxies as VPN?:

      @emad-r

      They are using reverse proxy squid on a PFsense router as VPN. or to access company resources.

      For example, I think they made LAN 7.7.7.* and put company resource like http://web/company
      and only 7.7.7.* can access it in the config on PFsense.

      It does not work 100% of course. As you can bypass it if you do http://web/company?32141 and access it from WAN

      That works only if the resources are web only. In which case, a VPN was never appropriate in the first place. So in this case, a VPN would actually allow you to access unpublished web resources. But the reverse proxy will publish them.

      Now the presumed difference to most people is that the VPN will add a layer or protection in the form of authentication, and the proxy will not. This is not correct, however, because you can add that to the proxy, too.

      So, in reality, you are correct, in this specific case, the reverse proxy is actually making a VPN for just those specific web resources. It's a special case VPN, assuming you are using it as an SSL point.

    • wrx7m

      Anonymizing IPs for Business
      IT Discussion • anonymizer proxy • • wrx7m

      24
      1
      Votes
      24
      Posts
      1117
      Views

      M

      @wrx7m that vendor sounds like GE or UTC. These companies employ the most ridiculous procedures and requirements in the name of security. I think it all comes down from gov oversight, so dumbasses on top audit you, then you need to implement some retarded procedure that does nothing, but makes lives miserable for everyone you deal with.

    • wrx7m

      Replacing a UTM in an SMB - With What?
      IT Discussion • filtering firewall ids ips network security proxy security utm • • wrx7m

      18
      1
      Votes
      18
      Posts
      1253
      Views

      wrx7m

      @jaredbusch - I thought that is what you meant but did a double-take. LOL

    • wrx7m

      Website Localization Testing - E-commerce Manager Requesting 3rd-Party VPN/Proxy
      IT Discussion • proxy security vpn website localization • • wrx7m

      7
      1
      Votes
      7
      Posts
      1262
      Views

      wrx7m

      @ambarishrh Thanks. I just sent him that link to check it out.

    • NashBrydges

      Looking for how-to on setting up a proxy
      IT Discussion • apache 2 lets encrypt nginx proxy screenconnect • • NashBrydges

      25
      2
      Votes
      25
      Posts
      3498
      Views

      NashBrydges

      @JaredBusch said in Looking for how-to on setting up a proxy:

      server {
      client_max_body_size 40M;
      listen 80;
      server_name support.bundystl.com;
      rewrite ^ https://$server_name$request_uri? permanent;
      }

      Yep, got all that done and it's working well. What I was referring to was redirecting traffic to HTTPS. Essentially this is the part of the file I was missing...

      server { client_max_body_size 40M; listen 80; server_name support.bundystl.com; rewrite ^ https://$server_name$request_uri? permanent; }
    • scottalanmiller

      Deploying an NGinx Reverse Proxy with SSL on a LAMP Server with SaltStack
      IT Discussion • devops https https2 lamp lets encrypt nginx proxy reverse proxy salt saltstack ssl tls web server • • scottalanmiller

      42
      2
      Votes
      42
      Posts
      4355
      Views

      stacksofplates

      This way you can share the config(s) under conf.d between multiple machines using the same roles (or whatever Salt calls them) and have different main NGINX server settings.

    • JaredBusch

      ScreenConnect iOS app 5.6 problem with Nginx Proxy
      IT Discussion • error nginx proxy screenconnect • • JaredBusch

      7
      6
      Votes
      7
      Posts
      1077
      Views

      JaredBusch

      Yeah me for posting shit always.. Just needed this again.

      Saw the error and I was like.. hmm I posted about this.

      e73ed3df-73d6-4e5b-a0b5-9f55aabbde79-image.png

    • CentOS 7 - Proxy Server
      IT Discussion • centos centos 7 linux proxy • • Alex Sage

      27
      1
      Votes
      27
      Posts
      3686
      Views

      A

      To enable all yum operations to use a proxy server, specify the proxy server details in /etc/yum.conf. The proxy setting must specify the proxy server as a complete URL, including the TCP port number. If your proxy server requires a username and password, specify these by adding proxy_username and proxy_password settings.

      The settings below enable yum to use the proxy server mycache.mydomain.com, connecting to port 3128, with the username yum-user and the password qwerty.

      # The proxy server - proxy server:port number proxy=http://mycache.mydomain.com:3128 # The account details for yum connections proxy_username=yum-user proxy_password=qwerty
    • mlnews

      Netflix to Crack Down on Proxy Streaming
      News • bbc netflix proxy • • mlnews

      10
      3
      Votes
      10
      Posts
      1987
      Views

      scottalanmiller

      @gjacobse said:

      I wonder if Keezel would bypass this?

      Basically a hardware device doing what Hola does.

    • Setting up LetsEncrypt on a CentOS 7 NginX proxy
      IT Discussion • centos 7 encryption how to lets encrypt nginx proxy real instructions ssl ssl certificates • • JaredBusch

      13
      7
      Votes
      13
      Posts
      8604
      Views

      JaredBusch

      @travisdh1 said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

      @JaredBusch said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

      @aaronstuder said in Setting up LetsEncrypt on a CentOS 7 NginX proxy:

      Any updates to this?

      Use Certbot never this method. keep your life simpler.

      Yeah. If the old way is working, that should keep working. However, certbot is easier to use.

      When my system came up for renew after certbot was out, I installed certbot and renewed that way. everything is in the same pace. nothing had to be changed in the config files.