mirror of
https://github.com/linuxserver/docker-swag.git
synced 2024-12-11 08:44:43 -05:00
66a4c1203b
Ref: https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx#Defeating-the-Attack-using-NGINX-and-NGINX-Plus
32 lines
1.1 KiB
Plaintext
32 lines
1.1 KiB
Plaintext
## Version 2021/10/26 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/proxy.conf
|
|
|
|
# Timeout if the real server is dead
|
|
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
|
|
|
|
# Proxy Connection Settings
|
|
proxy_buffers 32 4k;
|
|
proxy_connect_timeout 240;
|
|
proxy_headers_hash_bucket_size 128;
|
|
proxy_headers_hash_max_size 1024;
|
|
proxy_http_version 1.1;
|
|
proxy_read_timeout 240;
|
|
proxy_redirect http:// $scheme://;
|
|
proxy_send_timeout 240;
|
|
|
|
# Proxy Cache and Cookie Settings
|
|
proxy_cache_bypass $cookie_session;
|
|
#proxy_cookie_path / "/; Secure"; # enable at your own risk, may break certain apps
|
|
proxy_no_cache $cookie_session;
|
|
|
|
# Proxy Header Settings
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header Early-Data $ssl_early_data;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header Proxy "";
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_set_header X-Forwarded-Proto https;
|
|
proxy_set_header X-Forwarded-Ssl on;
|
|
proxy_set_header X-Real-IP $remote_addr;
|