Closed JohanSF closed 4 years ago
Just turn off auth in the nginx.conf
of the binhex container.
location / {
index index.html index.htm index.php;
#auth_basic "Restricted Content";
#auth_basic_user_file /config/nginx/security/auth;
}
and use this in the letsencrypt container
location /rutorrent {
return 301 $scheme://$host/rutorrent/;
}
location ^~ /rutorrent/ {
auth_request /auth-0;
include /config/nginx/proxy.conf;
rewrite /rutorrent(.*) $1 break;
proxy_pass http://192.168.1.34:9680;
}
nvm, I should read first.
You would need to address this to ruTorrent. We can only do what the app itself has. There's no magic way to create an API endpoint in an NGINX config.
For now I have a separate Rutorrent subdomain RP running with basic auth so that I can use the android app Transdroid with it. It would be nice to close this vulnerability once and for all, perhaps using a similar method as you have for sonarr/radarr/lidarr.
Kind Regards, Johan