Security concern with web server settings - duckdns and nginx

Pentagano

Getting comfortable
Joined
Dec 11, 2020
Messages
575
Reaction score
269
Location
Uruguay
I have duckdns set up and it is ssl encrypted through my nginx proxy manager .

Set up the duckdns https url under web server for remote access.

Chose authentication from non-LAN only but to my horror I could access my dns url from a non-lan remote site without authentication.
When configured with 'All Connections' all is fine and prompts me for authentication.

So why here is the non-lan option not working? Am I missing something?


1610547081009.png

1610547010360.png
 

Pentagano

Getting comfortable
Joined
Dec 11, 2020
Messages
575
Reaction score
269
Location
Uruguay
Anyone?
Has anyone used this setup with their own dns, nginx and set non-lan only to find out that it still does not require any authentication from the internet?
Do I need to use 'secure session keys'?
 

Pentagano

Getting comfortable
Joined
Dec 11, 2020
Messages
575
Reaction score
269
Location
Uruguay
Non-Lan only and secure sessions ticked - restarted
Still can access it publicly!!

Reverted quickly back to All connections for the login security.

So how do I set up the non-lan log in page only?
Something is amiss with the settings here.
 

Lennyz1988

n3wb
Joined
Dec 31, 2020
Messages
2
Reaction score
0
Location
Amsterdam
I assume you run Nginx inside Docker.

Go to Status > Connections and you will see that all connections are made from the IP address where Docker is running. Since Docker is inside your network, all the requests from the webserver will look like from inside the LAN.

I figured this out just 5 minutes ago.
 

Pentagano

Getting comfortable
Joined
Dec 11, 2020
Messages
575
Reaction score
269
Location
Uruguay
I assume you run Nginx inside Docker.

Go to Status > Connections and you will see that all connections are made from the IP address where Docker is running. Since Docker is inside your network, all the requests from the webserver will look like from inside the LAN.

I figured this out just 5 minutes ago.
Running the home assistant nginx proxy Manger so it runs as a container. All 443 ports on the gateway go through the proxy on port 81. I set up the ssl and dns connection hosts in the proxy manager. I'll try to check on Monday
 

Lta

n3wb
Joined
Jan 15, 2021
Messages
3
Reaction score
1
Location
teland
had the same problem, you need to disable the anonymous user, if that is your problem...
 
Top