Location
petrosetta
nginx-forum at forum.nginx.org
Fri Jan 11 18:51:54 UTC 2019
HI
Thanks so much for replying. Below is the block and upstream entry. Also,
let's say without NGINX I bring up the site at
https://mysite.domain.com/webaccess, when I click on an image, the url is
https://mysite.domain.com/name_of_image.
upstream devapp {
server 192.168.1.18:443;
}
server {
listen 443 ssl http2 default_server;
server_tokens off;
more_clear_headers Server;
server_name www.mydomain.com;
ssl on;
ssl_certificate ssl/certificate.crt;
ssl_certificate_key ssl/www.mydomain.com.key;
ssl_dhparam ssl/dhparams.pem;
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate ssl/certificate.crt;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 10s;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 1h;
ssl_session_tickets off;
add_header Strict-Transport-Security
"max-age=31536000;includeSubDomains" always;
access_log /var/log/nginx/access.log main;
log_not_found on;
location /webaccess/ {
proxy_pass https://devapp;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security
"max-age=31536000;includeSubDomains" always;
}
}
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,282663,282665#msg-282665
More information about the nginx
mailing list