petrosetta nginx-forum at forum.nginx.org
Fri Jan 11 18:51:54 UTC 2019

Thanks so much for replying. Below is the block and upstream entry. Also,
let's say without NGINX I bring up the site at
https://mysite.domain.com/webaccess, when I click on an image, the url is

       upstream devapp {

server {
         listen 443 ssl http2 default_server;
         server_tokens off;
         more_clear_headers Server;
         server_name www.mydomain.com;
         ssl on;
         ssl_certificate ssl/certificate.crt;
         ssl_certificate_key ssl/www.mydomain.com.key;
         ssl_dhparam ssl/dhparams.pem;
         ssl_ecdh_curve secp384r1;
         ssl_stapling on;
         ssl_stapling_verify on;
         ssl_trusted_certificate ssl/certificate.crt;
         resolver valid=300s;
         resolver_timeout 10s;
         ssl_protocols TLSv1.3 TLSv1.2;
         ssl_prefer_server_ciphers on;
         ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
         ssl_session_cache shared:SSL:1m;
         ssl_session_timeout 1h;
         ssl_session_tickets off;
         add_header Strict-Transport-Security
"max-age=31536000;includeSubDomains" always;
         access_log /var/log/nginx/access.log main;
         log_not_found on;

         location /webaccess/ {
            proxy_pass https://devapp;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            add_header X-Frame-Options SAMEORIGIN;
            add_header X-Content-Type-Options nosniff;
            add_header X-XSS-Protection "1; mode=block";
            add_header Strict-Transport-Security
"max-age=31536000;includeSubDomains" always;

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,282663,282665#msg-282665

More information about the nginx mailing list