Reverse proxy/Caddy server
Some of my devices are externally reachable via my Caddy Server (A reverse proxy server). That way I only have to have port 80 and 443 open. Now, when there is an upload (or attack) I only see that is towards my Caddy Server but not what is behind that.
Example: I have a machine that runs Blueiris (camera monitoring software), that is behind the proxy server. With blueiris.abc.com I can reach that server. When the BI server uploads something outside my network, Firewalla only shows the caddyserver as uploader NOT the BI server.
Can this be fixed?
-
The reverse proxy server is a dedicated server (in this case a simple RasberryPi). Directly connected to the switch (similar to the firewalla). All my other servers are also directly connected to the switch. So technically Firewalla sees the outgoing traffic (if called from outside) from server X go through the switch, to the outside world via the proxy server. So you can catch te traffic before it hits the proxy server. Any traffic going to the proxy server is by default going to the outside world.
As far as I understood this is quite common network stuff. I had similar issues with server that where called from outside. On those servers I would only see the proxy server as the source. By changing some setting in the server & proxy server was able to actually see (what external IP) who is calling the server via the proxy server (instead of just alway seeing the IP of the proxy server)
I'm sure I'm not the only one as many with a somewhat more advanced home setup are using reverse proxy servers like NGINX or CaddyServer to better secure their exposed servers.
Really hop you can implement something for this.
p.s. I understand that the incoming part is more difficult (impossible?) as outside traffic coming in will hit the proxyserver whatever server is called from the outside
Please sign in to leave a comment.
Comments
2 comments