setting up a forward proxy for a few specific website only, and block the rest
nginx-forum at forum.nginx.org
Wed Dec 14 06:09:32 UTC 2016
Newbie to nginx, and been trying to search high and low for this
particular way of configuration. Here is what I plan to do
1) Setup a nginx forward proxy, and this particular proxy server will only
accept the proxy connection based on destination website, for example,
I want to setup this nginx to proxy for 5 website, eg , lets call this
proxy server PROXY_AAA
2) I will setup this proxy server in cloud server provider
3) I will need to create a PAC file, and let my users to use this particular
proxy PAC file for traffic re-direction, user will have to configure their
browser to use proxy PAC file.
4) Whenever my users (that are using the PAC file) trying to access to the
above 5 website, regardless of using HTTP or HTTPS, the proxy PAC file will
get the traffic flow through my PROYX_AAA server, any other website that the
user access, the traffic will go direct via exiting connection (meaning it
will not send through my PROXY_AAA).
5) I also need to configure the PROXY_AAA to proxy for the above 5 website
only, and block any other website or refused the connection request to
access any other website, as I want this proxy server will only proxy for
the domain that I configure/allow, not any other website. This is also to
avoid other users to force their traffic through my proxy server.
6) Proxy connection based on source IP address is not possible, as the users
IP is dynamic and changes over time. My proxy will accept any source IP, and
will proxy only for the few website that i configure. The proxy PAC file
help to decide the traffic should send to my proxy or direct connection.
So would like to ask anyone has configure such config in nginx before ? How
do I configure the nginx as forward proxy, to block all proxy request, and
allow only the few website that I want to proxy ?
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,271492,271492#msg-271492
More information about the nginx