Score:0

Can someone outside of the lan uses my nginx proxy?

in flag

I know this question can sounds weird but I noticed strange behaviour on our network.

Here's the context:

I have a vm running multiple docker containers. To simplify their use and because I need https we set up a nginx reverse proxy in a container jwilder/nginx-proxy (following this method https://www.singularaspect.com/use-nginx-proxy-and-letsencrypt-companion-to-host-multiple-websites/)

I am seeing some requests sent to multiple ips addresses during the night on an unknown port :

@myserverip  48772 =>     18.97.91.16 9001 
@myserverip  59094 =>  19.170.104.214 9001 
@myserverip  35308 =>  19.189.157.180 9001 
@myserverip  52786 =>   25.13.210.166 9001 

For the moment iptables allow everyone to request 80 and 443 and the reverse proxy container is the only container mapped on these port. I filtered all incoming connection and no more connection to these ips.

Can someone from the outside uses the reverse proxy ?

cn flag
Use a tool like https://developers.google.com/speed/pagespeed/insights/ to validate if your website/domains are accessible from outside. Those look like external connections to port 9001 to external IPs.
Charly Roch avatar
in flag
What you mean by external connection ? My nginx is accessible to anyone on port 80 and 443 to allow access to the others containers that are on the same host. Nginx uses virtualhost to redirect to the right container.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.