Stuck on web server setup

[newbee]

Hello

So i finally got opnsense up and running last week after nights of being stuck. meaning internet is passing through. Now i am trying to get the the webserver running.

Think im getting in a tangle. Im also getting this message for the main domain pointing at my ip:

"A potential DNS Rebind attack has been detected.
Try to access the router by IP address instead of by hostname."

I have made a VMs for my domains to be hosted and require reverse proxy as only have 1 ip. I installed the nginx plugin for opensense. Tried following online tuts to set it up. I then installed nginx in on the linux VM.

I only ever used apache with proxy and then nginx in docker. Now looks like i should use HaProxy in opnsense then nginx in the vm?

tried not to ask for hemp(sry ment help) but its been a week.

Thanks for any guidance

[RamSense]

if your question is to solve: ""A potential DNS Rebind attack has been detected."

than you can set Firewall->settings->advanced: under Network Address Translation
check/enable all 3:
Reflection for port forwards
Reflection for 1:1
Automatic outbound NAT for Reflection

and it should work.

an other method is to change the specific portforward rule and change "NAT reflection" to enable

[newbee]

Hi

Yes not clear in my question here.

1. Just change the settings you suggested. Same error. I did notice i have FIREWALL>NAT>PORTFORWARD it as one entry saying "no redirect (green !)"

2. Use Haproxy or nginx on opensense

Thank you

[RamSense]

is it with a domain name?
and have you placed the domain name in:
System -> Settings -> administration -> Alternate Hostnames -> "your-domain-name"

there is also the option DNS Rebind Check
what can be enabled. I did not have to, but maybe in your configuration?

[newbee]

Hi

Yes, so we have many domain names pointing at 1 fixed IP. Then into opnsense serving VMs in ESXI. so need to point to the ip address of the VM and add certs.