Thanks for your help Abdi,
I worked out how to write the firewall rule to do this for a server with hosts on dedicated IP's. The Nginx proxy_pass works very much like Apache's mod_proxy. The request IP is the proxy_pass IP. Therefore, the firewall rule becomes:
Allow incoming from...
Thanks.
That's way I didn't want to try without more assurance (I don't fully see the IP relationships). Nevertheless, my understanding is that proxy_pass directive sets the address of the proxied server, not the IP from which the request is made. I thought the request from Nginx comes from...
Thanks.
Actually, my host .conf's read,
server {
listen 50.23.xxx.xxx:80;
...
location / { # IPv6 isn't supported in proxy_pass yet.
proxy_pass http://50.23.xxx.xxx:7080;
...
and similar for listen on port 443 with proxy pass to host ip on port 7081.
Where...
Hi,
I realize that Nginx passes requests to Apache via ports 7080 and 7081, however why are these ports publicly accessible? Would this still work if I write the firewall rules (for these ports):
Allow incoming from 127.0.0.1
Deny incoming from all others
I am looking for a way to ensure...