Closed drtech981 closed 2 years ago
Author of feature here. What does your NGINX config look like? I am not seeing this issue with Apache.
@9p4 I am using NGINX Proxy Manager, so the config is not available as such. However if you still want it :
server {
set $forward_scheme http;
set $server "10.0.0.148";
set $port 8006;
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name zeroui.drtech981.cc;
# Let's Encrypt SSL
include conf.d/include/letsencrypt-acme-challenge.conf;
include conf.d/include/ssl-ciphers.conf;
ssl_certificate /etc/letsencrypt/live/npm-2/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/npm-2/privkey.pem;
# Asset Caching
include conf.d/include/assets.conf;
# Block Exploits
include conf.d/include/block-exploits.conf;
Tracked the issue down to here:
Having an Access Control List (ACL) with username and password requires the browser to always send this username and password in the Authorization header on each request. If your proxied app also requires authentication (like Nginx Proxy Manager itself), most likely the app will also use the Authorization header to transmit this information, as this is the standardized header meant for this kind of information. However having multiples of the same headers is not allowed in the internet standard and almost all apps do not support multiple values in the Authorization header. Hence one of the two logins will be broken. This can only be fixed by either removing one of the logins or by changing the app to use other non-standard headers for authorization.
The issue is that ZeroUI is sending an Authorization
header which overrides Nginx's Authorization
header. This would cause the app to not work (401), but I don't know why your Nginx is crashing...
I'll see if I can fix this :)
In the retrospect, I believe that the issue might have been due to caching, which I forgot to disable/clear.
I started with a fresh install, and I haven't been able to reproduce the error again.
But as @9p4 Authorization headers may be causing some issue, which I haven't encountered yet, so it's up to you, the holy developers on how to handle this 😅 .
When using DISABLE_AUTH, the log out button should be disabled / greyed out. Accidentally clicking on logout breaks my reverse proxy, I have to manually restart NGINx.