mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2026-05-13 05:51:29 +00:00
187d21a0d5
When Nginx is behind another proxy server (like CloudFlare or AWS ALB), the force-SSL feature can cause redirect loops because Nginx sees the connection as plain HTTP while SSL is already handled upstream. This adds a new boolean option to trust the X-Forwarded-Proto header from upstream proxies. Changes: - Add `trust_forwarded_proto` column to proxy_host table (migration) - Update model and API schema to support the new boolean field - Modify force-ssl Nginx template to check X-Forwarded-Proto/X-Forwarded-Scheme - Add map directives in nginx.conf to validate and sanitize forwarded headers - Add advanced option toggle in frontend UI with i18n support (EN/ZH) - Set proxy headers from validated map variables instead of $scheme This allows administrators to control SSL redirect behavior when Nginx is deployed behind a TLS-terminating proxy. |
||
|---|---|---|
| .. | ||
| _access.conf | ||
| _assets.conf | ||
| _certificates.conf | ||
| _certificates_stream.conf | ||
| _exploits.conf | ||
| _forced_ssl.conf | ||
| _header_comment.conf | ||
| _hsts.conf | ||
| _hsts_map.conf | ||
| _listen.conf | ||
| _location.conf | ||
| dead_host.conf | ||
| default.conf | ||
| ip_ranges.conf | ||
| letsencrypt-request.conf | ||
| proxy_host.conf | ||
| redirection_host.conf | ||
| stream.conf | ||