Nginx reverse proxy


#1

My domain is: on-system.it

The operating system my web server runs on is (include version): Ubuntu 18.04 LTS

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

Hi, I need to enable https on my domain and subdomains.
I have successfully deployed certificates for my main site and one subdomain (breton.on-system.it) by running this command:
sudo certbot --nginx -d on-system.it -d www.on-system.it -d breton.on-system.it

Every subdomain points to another webserver on other machines under a vpn.
So there are two layers:
Layer 1: Internet ---- > on-system
Layer 2: on-system ----> .on-system.it

With the previous command I have enabled https from any remote to my main server but the communication between the server and the vpn clients is still under http.

Everything works in this way, there isn’t any certificate error but:

  • Is this ok or should I enable https even in the second communication layer? Will this add too much overhead in the communication?
  • How to enable https in the second layer using Let’s encrypt? Should I use nginx even in the subdomain webserver?

Every webserver (the main and even the one’s of subdomains) runs NodeJS 8.9.0 LTS and uses also websockets that are listening on the same port of the server.

At the moment with the current configuration I’m getting some strange 404 POST requests like:

404 - Not Found - /client/devices/v1/cbbd5fed21d708f7802a89f368ebcb579ee5cded - POST


#2

Hi @robertsLando

your on-system.it and your www.on-system.it have a mixed content warning.

http://chs03.cookie-script.com/s/d577916953d01adebf2073c01e34a075.js

is blocked (http instead of https). Perhaps there is missing JavaScript code -> error.


#3

Hi @JuergenAuer, thanks for your response, I have fixed the error but that was not the one causing the problem.
The 404 error happens on subdomain webserver even when no client is visiting the subdomain and it is periodic, it is a request from the main webserver (on-system.it) that proxies the request to the subdomain but I don’t know where it is originated. This strange requests have show up since I ha ve enalbed https


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.