OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: Grossartig on January 05, 2021, 05:23:36 pm

Title: nginx error landing page -- possible to customize?
Post by: Grossartig on January 05, 2021, 05:23:36 pm

I have nginx configured to serve up one of my internal web applications on port 8443. I have also opened port 8443 in the WAN firewall rules. When I use the virtual server URL (i.e. https://www.example.com:8443), it all works as expected. When I instead use my external IP address (i.e. https://xxx.xxx.xxx.xxx:8443, I get to some sort of default OPNsense error page saying "Not Found. The resource you want to access is not available. Please contact the webmaster if you think this is an error." with a big OPNsense logo displayed below it.

Is it possible to not serve up an error response at all but to simply deny the request unless it's coming in through one of the proper named virtual hosts and not just the external IP address? I'd like to hide from any potential external attacker that I am even using OPNsense as a firewall.

Thanks!

Title: Re: nginx error landing page -- possible to customize?
Post by: fabian on January 10, 2021, 10:13:23 am

This feature is already provided and might find its way into a future version :

https://github.com/opnsense/plugins/pull/2149

Title: Re: nginx error landing page -- possible to customize?
Post by: Grossartig on January 11, 2021, 06:23:16 pm

This is great -- thank you for pointing that out -- looking forward to this feature!

Title: Re: nginx error landing page -- possible to customize?
Post by: fabian on January 11, 2021, 09:19:04 pm

In theory the stream certificates should be exported to files:
https://github.com/opnsense/plugins/blob/master/www/nginx/src/opnsense/scripts/nginx/setup.php#L148