Is it safe to proxy a request to a remote server?

S

Stepgor2020-10-14 07:33:50

Nginx

Stepgor, 2020-10-14 07:33:50

Look at /api/create_offer
Can an attacker intercept data if the nginx config is like this?
I understand that the answer is yes, if he can throw his software (sniffer) on the machine where nginx is installed.
Please explain if it is safe to do so

server {
      set $background 111.111.111.111:3000;
            listen 443 ssl;
            server_name a.store www.a.store;

            location / {
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_pass http://backends/;
            }

      location /api/create_offer {
          proxy_pass http://$background/api/create_offer ;
      }
}

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Anton B, 2020-10-14
@bigton

1. In general, it's normal when there is only nginx on one server, which proxies requests to many other servers.
2. Proxying can be done using the https protocol to improve the security of data transfer between servers.
3. If the server is hacked, you can not only intercept data, but slip your forms to visitors to enter the same bank cards. So use stable versions of software on the server, stay tuned for updates, disable root, log in not with a password, but with a certificate.