S
S
Stepgor2020-10-14 07:33:50
Nginx
Stepgor, 2020-10-14 07:33:50

Is it safe to proxy a request to a remote server?

Look at /api/create_offer
Can an attacker intercept data if the nginx config is like this?
I understand that the answer is yes, if he can throw his software (sniffer) on the machine where nginx is installed.
Please explain if it is safe to do so

server {
      set $background 111.111.111.111:3000;
            listen 443 ssl;
            server_name a.store www.a.store;

            location / {
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_pass http://backends/;
            }

      location /api/create_offer {
          proxy_pass http://$background/api/create_offer ;
      }
}

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
Anton B, 2020-10-14
@bigton

1. In general, it's normal when there is only nginx on one server, which proxies requests to many other servers.
2. Proxying can be done using the https protocol to improve the security of data transfer between servers.
3. If the server is hacked, you can not only intercept data, but slip your forms to visitors to enter the same bank cards. So use stable versions of software on the server, stay tuned for updates, disable root, log in not with a password, but with a certificate.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question