Server Fault Asked on January 5, 2022
I’m trying to create a proxy that would load images from remote sites. The reason for this is to enable secure content to be loaded on our end even though the URLs are unsecured (which breaks our SSL badge).
Basically, if I request https://proxy.app.com/?url=http://www.google.lt/images/nav_logo242_hr.png
It would send the image via secure connection back to our users.
So far I’ve come up with:
server {
listen 80;
listen 443 ssl;
server_name proxy.app.com;
charset utf-8;
location /?url=(.*) {
proxy_pass $1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
...
}
But it returns the default Nginx page. What am I doing wrong?
Is this at all possible? I don’t want to use a server side language for this.
Ok, I figured it out.
I ended up with:
server {
listen 80;
listen 443 ssl;
server_name proxy.example.com;
charset utf-8;
location @error {
return 404;
}
location / {
# only allow GET requests
if ($request_method != GET) {
return 404;
}
# do not allow empty urls
if ($arg_uri = "") {
return 404;
}
# do not allow non-app request origin
valid_referers none blocked *.example.com;
if ($invalid_referer) {
return 403;
}
resolver 8.8.8.8;
proxy_intercept_errors on;
proxy_pass $arg_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
error_page 500 = @error;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
sendfile off;
client_max_body_size 100m;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
}
Answered by Ignas on January 5, 2022
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP