stackoom
  简体   繁体   中英

Nginx allow traffic from any domain

 原文  2020-07-24 09:53:17       ssl/ nginx/ lets-encrypt/ certbot

Question

I'm using nginx for the proxy server. My application has a feature where user can use their own domain instead of my domain. For that, they need to point their CNAME to my domain.

This is my Nginx configuration

server {
  server_name                   scan.mydomain.com anonymous.mydomain.com "";
  access_log                    /etc/nginx/log/local-wc.access.log;
  error_log                     /etc/nginx/log/local-wc.error.log;

  location / {
    root                      /var/www/html/qcg-scanning-frontend/dist/webapp/;
    index                     index.html;
    try_files                 $uri $uri/ /index.html;
    proxy_redirect            off;
    proxy_set_header          Host            $host;
    proxy_set_header          X-Real-IP       $remote_addr;
    proxy_set_header          X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header          X-Forwarded-Protocol $scheme;
  }

  listen 443 ssl; # managed by Certbot
  ssl_certificate /etc/letsencrypt/live/anonymous.mydomain.com-0001/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/anonymous.mydomain.com-0001/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
  if ($host = scan.mydomain.com) {
    return 301 https://$host$request_uri;
  } # managed by Certbot

  if ($host = anonymous.mydomain.com) {
    return 301 https://$host$request_uri;
  } # managed by Certbot

  server_name                   scan.mydomain.com anonymous.mydomain.com "";
  listen 80;
  return 404; # managed by Certbot
}

this configuration is working fine when browsed using my domain scan.mydomain.com and anonymous.mydomain.com but using any pointed domain like new.example.com , it gives 404 page (maybe due to return 404 statement).

For SSL, I'm using lets-encrypt certbot.

How can I configure to

  1. Allow traffic from all CNAME pointed domains to my server?
  2. Provide SSL certificate to all the domains?

1 answers

solution1
 0 ACCPTED  2021-03-18 06:55:33

I used CaddyServer which is far better than nginx and satisfies all requirements.

https://caddyserver.com/

Features of Caddy

  • Support for third party domain CNAME pointing
  • JSON based configuration
  • API support for the configuration
  • On-demand TLS
  • Default serves SSL/TLS to all the domains in the production server
  • No hassle to install and manage SSL certificates for the domains.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to allow traffic to domain to go to https except subdomains HTTPS/SSL Certificates and traffic on Azure - From CDN (custom domain with SSL) to Traffic Manager and end to end flow nginx forward https traffic on windows NginX - From Non-SSL Domain to New SSL Domain - Proper redirect needed Multi-Domain SSL/HTTPS Redirecting Traffic to Primary Domain Redirect Old domain to New domain with ssl nginx I got a free ssl certificate from my domain registry and installed it on nginx. How does the renewal work? How to allow self-signed certificates from a specific domain during a Maven build? Are there any good instructions to decrypt SSL traffic? Hosting someone elses SSL cert in IIS to allow https hosting on their domain from your own server
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM