nginx-proxy-manager icon indicating copy to clipboard operation
nginx-proxy-manager copied to clipboard

Published 20 hours ago verified publisher icon NginxProxyManager

Custom Nginx Configuration - proxy_set_header Host

Open DaFlowah opened this issue 3 years ago • 13 comments

Describe the bug Hi, I need to override the default proxy_set_header Host $host to proxy_set_header Host $http_host for a specific Proxy Host, since it's required by the app I'm trying to Proxy (more info here)

To Reproduce Create a Proxy Host Go to Advanced and add proxy_set_header Host $http_host; The value is not applied and the application throws an error.

Expected behavior I am expecting this value to be added.

Screenshots immagine

Operating System

  • Nginx Proxy Manager on Home Assistant OS running on Pi4

Additional context If on the host I edit /etc/nginx/conf.d/include/proxy.conf and change the default value, it works, but it's a temporary change.

DaFlowah avatar Apr 08 '21 15:04 DaFlowah

Any update? I have same issue running flask and odoo behind NPM. I cant see client IP and others headers

ananiasfilho avatar Jul 04 '21 14:07 ananiasfilho

Same here, got the same issue with another docker image running remotely.one. I'm also having additional issues with NPM not setting additional configuration under the custom config, wondering if this is an issue with the custom configuration in UI itself.

I've tried to also set additional header info as seen below but when I test for the CSP - these come back as fail from external testing on top of the Client IP and other headers

add_header Content-Security-Policy "upgrade-insecure-requests"; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy no-referrer always; add_header X-Robots-Tag none; proxy_hide_header Upgrade; proxy_hide_header X-Powered-By; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_cache_bypass $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;

Nate-09 avatar Jul 27 '21 01:07 Nate-09

There's a warning about this right underneath the text box where you add these custom configs:

Please note, that any add_header or set_header directives added here will not be used by nginx. You will have to add a custom location '/' and add the header in the custom config there.

netstx avatar Aug 26 '22 04:08 netstx

add a custom location '/' and add the header in the custom config :proxy_set_header Host $http_host;
web is 400 Bad Request

bash-5.1# pwd
/data/nginx/proxy_host
bash-5.1# cat 12.conf 
# ------------------------------------------------------------
# xxx.xxx.xxx
# ------------------------------------------------------------


server {
  set $forward_scheme http;
  set $server         "192.168.2.19";
  set $port           8806;

  listen 8080;
listen [::]:8080;

listen 4443 ssl http2;
listen [::]:4443 ssl http2;


  server_name xxx.xxx.xxx;


  # Let's Encrypt SSL
  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-ciphers.conf;
  ssl_certificate /etc/letsencrypt/live/npm-3/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/npm-3/privkey.pem;


proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;


  access_log /data/logs/proxy-host-12_access.log proxy;
  error_log /data/logs/proxy-host-12_error.log warn;

  location / {
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Scheme $scheme;
    proxy_set_header X-Forwarded-Proto  $scheme;
    proxy_set_header X-Forwarded-For    $remote_addr;
    proxy_set_header X-Real-IP		$remote_addr;
    proxy_pass       http://192.168.2.19:8806;

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
    proxy_http_version 1.1;
    
    proxy_set_header Host $http_host;

  }


  # Custom
  include /data/nginx/custom/server_proxy[.]conf;
}

a18ccms avatar Oct 25 '22 01:10 a18ccms

I have walked the same road when I just noticed that a possible solution has been suggested in #1477.

jschlatow avatar Dec 29 '22 21:12 jschlatow

Basically you have to edit /data/nginx/custom/server_proxy.conf that is designed for such a changes. I agree that UI management should be add here. As also that those settings are common for all proxies that you will create.

P.S. you do not need to set add_header X-Frame-Options "SAMEORIGIN"; this could be managed via Docker Envs.

GAS85 avatar Feb 21 '23 12:02 GAS85

Issue is now considered stale. If you want to keep it open, please comment :+1:

github-actions[bot] avatar Mar 14 '24 01:03 github-actions[bot]

👍

GAS85 avatar Mar 14 '24 07:03 GAS85

:+1:

jschlatow avatar Mar 14 '24 08:03 jschlatow

I think even adding the config into custom location won't work, since the directives will be added above the default config and get overriden

image

whc2001 avatar Jul 06 '24 06:07 whc2001