Access to Web Server from Outside

Started by spetrillo, January 24, 2021, 02:35:31 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
January 30, 2021, 07:36:29 AM #15
January 30, 2021, 07:38:25 AM #16
Quote from: Greelan on January 30, 2021, 07:36:29 AM
This may help: https://forum.opnsense.org/index.php?topic=19305.0

Yes I found it...one thing I am not sure about are the firewall rules needed?
January 30, 2021, 08:06:58 AM #17
Should be covered by the tutorial, but as I mentioned above, you need to allow ports 80 and 443 into the WAN interface. No port forwards though
January 30, 2021, 07:33:28 PM #18
January 31, 2021, 07:29:25 PM #19
Something just hit me which I would like to confirm...

I could use the nginx plugin as my http/s server, in lieu of an Apache correct? If yes would I still be able to do a Wordpress site or does that eliminate that since its leverages Apache?
January 31, 2021, 09:24:39 PM #20 Last Edit: January 31, 2021, 09:52:51 PM by Greelan
https://wordpress.org/support/article/nginx/

But if it were me, I wouldn't be hosting a Wordpress site on my firewall
June 10, 2022, 12:06:24 PM #21 Last Edit: June 13, 2022, 11:09:59 AM by wedsed
I had a similar problem, and I tried to figure out what the problem was for a long time. I managed to do it only after a couple of hours. It turns out that the firewall on the router was spoiling packets. I prescribed a rule for the local web server and got access. Now I'm looking at iptables on the router and looking for a rule for the wifi interface to understand which rule was passed to the wifi machine.
Of course, this is more difficult than doing Managed WordPress hosting, but specialists with individual skills are needed in any field. I think that such a model is in the future. If everyone goes about their business, we can achieve new results.
June 12, 2022, 12:29:33 AM #22 Last Edit: June 12, 2022, 12:31:36 AM by fabian
The hosting capability is very restricted as the nginx plugin is running on a firewall appliance. For example, you may not get a database driver you need etc.

It can serve static files or PHP files with not that many PHP extension requirements. So the best thing is to forward the connection to your apache httpd you have already prepared using the nginx reverse proxy. Usually you have to set one or two values on a page and leave the rest at the defaults.
And yes, you could also use nginx on the backend server instead of apache httpd. But that is your application server, you are going to configure and does not matter from OPNsense's point of view.
If OPNsense cannot reach your apache httpd, then check the following:

* does the target host have its own firewall and is it properly configured (allows access from OPNsense to the target application) -> nftables / iptables on linux
* does the apache httpd listen on the correct IP address and port?
Print
Go Up Pages 1 2
User actions