Hey all.
hope you guys are well. I have a proxy extproxy:8080 , the cooporate only allows traffic from, We have apache server with the following config.
- when ever the user visits abc.com
- the apache will send the traffic with the new header api.cloudflare.io
- via a proxy extproxy:8080
This works without issues. however when I do it via nginx it does not connect to the proxy proprtly and disconnects.
</VirtualHost abc.com:443>
SSLEngine on
SSLProtocol -All +TLSv1.2
SSLProxyProtocol -All +TLSv1.2
SSLCipherSuite ECDHE-ECDS
SSLProxyCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
SSLStrictSNIVHostCheck On
SSLSessionTickets Off
SSLHonorCipherOrder Off
SSLProxyEngine on
SSLProxyVerify off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
#For serverSSL
SSLCertificateFile /etc/httpd/conf/ssl/Outbound/b2b.cer
SSLCertificateKeyFile /etc/httpd/conf/ssl/Outbound/b2b.key
<Location />
ProxyPass https://api.cloudflare.io/
ProxyPassReverse https://api.cloudflare.io/
</Location>
ProxyRemote * https://extproxy:8080
</VirtualHost>
Nginx config
server {
listen 443 ssl;
server_name abc.com;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDS;
ssl_prefer_server_ciphers off;
ssl_session_tickets off;
ssl_certificate /etc/httpd/conf/ssl/Outbound/b2b.cer;
ssl_certificate_key /etc/httpd/conf/ssl/Outbound/b2b.key;
location / {
proxy_ssl_protocols TLSv1.2;
proxy_ssl_ciphers HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA;
proxy_ssl_verify off;
proxy_set_header Host https://api.cloudflare.io/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# Setting a remote proxy (similar to Apache's ProxyRemote)
resolver 8.8.8.8; # Replace with your actual DNS resolver
proxy_pass_request_headers on;
proxy_pass https://extproxy:8080;
}
can Nginx send request and rewrite the header to another proxy ??