Closed n4ll3ec closed 10 months ago
As I understood you have next architecture: BounceBack (listening on one port for example.com and secondexample.com) -> Nginx -> your application.
If I'm wrong, please correct me.
As a solution you may use something like: Nginx (listening on one port for example.com and secondexample.com and adding X-Forwarded-For header) -> BounceBack (with or without cert, no cense) -> your application.
My solution also will fix JA3S fingerprinting of golang server.
I'll mark your request as a feature request and later add support of multiple TLS certificates for one proxy.
Yes,your understanding is correct. I'll try your solution and test if it meets my needs. Thank you very much for adding this feature.
Please, let me know, if my solution works for you.
Please, let me know, if my solution works for you.
Your solution works functionally, but there are still some issues. BounceBack is located behind Nginx, then the Nginx server and the applications behind it are out of protection. Although my Nginx server has some restrictions,it still can't guarantee some unwanted traffic to access the Nginx and the application server.
BounceBack can fully work behind the nginx or any other reverse proxy (however, for IP and GEO filters you need to add X-Forwarded-For
header on reverse proxy).
Please provide a more detailed example with nginx configuration and application you want to protect (if it possible).
Also, please provide some additional info:
Without understanding what is not working for your updated setup, I can't give you any advice/fix.
BounceBack can fully work behind the nginx or any other reverse proxy (however, for IP and GEO filters you need to add
X-Forwarded-For
header on reverse proxy).Please provide a more detailed example with nginx configuration and application you want to protect (if it possible).
Also, please provide some additional info:
- What filter(s) does not work (for you)
- How its intended to work (for you)
- BounceBack configuration file
- Any access/error logs if needed
- Any other information that may help me understand your issues
Without understanding what is not working for your updated setup, I can't give you any advice/fix.
My bad, this solution worked for me. I made a small mistake. The only problem now is that Nginx is not protected by BounceBack
Add multiple TLS certificates support for single proxy. Documentation was updated and can be found here. Thank you for your feature request. Closing issue.
I have multiple domains resolving to my Nginx server and I configured BounceBack to proxy to the Nginx server. But it doesn't support configuring multiple TLS certificates.