ubuntu – Hosting a game server via a reverse proxy (via SSH, VPN, etc.)

I have a server hosted on my local network and, for reasons beyond my control, I can not transfer port. I have a VPS, but it's not powerful enough to run the server.

I was wondering if there was a way to use a VPN or SSH tunnel to transfer all the traffic reaching my VPS to my local network.

It is an SRCDS server, which means that it uses UDP and TCP traffic, but also a master server to add it to the list of servers.

Ignore all ping problems and other latency issues, if there is a way to use my VPS as a reverse proxy, while allowing multiple players and passing the IP address of the VPS to the master server?

My local server and my virtual virtual server are running Ubuntu 18.04.

single sign-on – Proxy Authorization with Google SSO with SAML

I am in charge of creating a poc for a proxy machine that will authenticate the user via Google SSO (SAMLv2). Once the user authenticated, the proxy will let him access the URL that he was targeting.

Note: This is not a reverse proxy. The user will be forced to go through the proxy via a pac file applied by a policy. The website behind will deliver content based on the proxy ip. No other ID validation is performed on the website other than the source IP.

After extensive research, I discovered that I could be helped by:

  • Redhat SSO (or keychain)
  • ezProxy
  • A CAS proxy.

I do not know any of these products and the documentation is huge. Moreover, I am a little lost in the terminology. What is the difference between a CAS proxy and the other 2 products is not obvious.

Until now, it seems that what is explained here https://www.keycloak.org/docs/latest/securing_apps/index.html#_mod_auth_mellon could be suitable for my use case.

What experienced people with SSO to implement would do for my use case?

Ubuntu – Why the proxy does not work for the local network?

We have a scene server running on a local network, accessible from the Internet. I want to test gdpr and set a proxy in a browser. As a result, IP verifier sites display my new IP. But when I access our stage server, it displays my local IP address. Why is it happening? How to access it by proxy?

SharePoint server – Full proxy authorization and denied permission on System.Net.WebPermission

We have created a Full Trust proxy based on this MSDN article and we use the Serilog HTTP receiver as the recorder.

When the recorder is used from any code running from W3WP.exe, no problem occurs. But when the recorder is used from a code running in the full trust proxy (SPUCWorkerProcessProxy.exe), we get a rejected System.Net.WebPermission exception.

Both processes run with the same user account. Therefore, the reason why Worker Process Proxy can not send log via http is not clear, whereas w3wp is able to do it.

An idea how to solve this problem?

thank you,

apache2 – Apache proxy allows bitbucket webhook access

I have an Apache reverse proxy configuration that works wonderfully, allowing only my own IP address:


    Order deny,allow
    Deny from all
    Allow from my.own.ip.which.works

I want to be able to add a second rule allowing bitbucket.org servers

#allow bitbucket.org access to bitbucket/webhook endpoint

    Order allow,deny
    Deny from all
    Allow from *.compute-1.amazonaws.com

but everything ends with a 403:

ec2-18-234-32-224.compute-1.amazonaws.com - - [10/Nov/2019:22:13:02 +0100] "POST /bitbucket-hook/ HTTP/1.1" 403 3869 "-" "Bitbucket-Webhooks/2.0"

So I deduce *.compute-1.amazonaws.com should do it. but it does not work …

server – the cPanel powered site is not accessible via the IP address through my reverse proxy (it generates a 404 error)

cPanel is used on shared hosting when many websites use the same server and the same shared IP address. When you simply ask for the IP address, your host does not know which of the many hosted sites you want. This is the reason your host returns a 404 error. There are several ways to work around this problem.

Use a subdomain for your origin

You can change your origin server to use a different host name. In cPanel, you can accomplish this by modifying the main domain. So, your original server was example.com but in the future, it could be origin.example.com. You must add DNS records for this subdomain that point to the same IP address of the server. Then point the example.com and www.example.com save to your proxy server and configure your proxy server proxy http://origin.example.com.

It would also be a good idea to put canonical tags in your pages with your favorite hostname (example.com do not origin.example.com) so that if the search engines find the non-proxy version, they do not index it.

Configure your proxy to send a Host on your mind

Queries that specify your origin server by IP address (1.1.1.1 for example) should simply be upgraded with the domain name to use. The configuration for this depends on the proxy software you are using. If you use Apache with mod_proxy, you can use the RequestHeader directive.

ProxyPass "https://webmasters.stackexchange.com/"  "http://1.1.1.1/"
ProxyPassReverse "https://webmasters.stackexchange.com/"  "http://1.1.1.1/"
RequestHeader set Host www.example.com

Use your / etc / hosts file

On your proxy server, you can replace DNS for example.com. You want to configure your proxy server to proxy http://www.example.com and change your /etc/hosts file to have the IP address of your original server (1.1.1.1 for example).

1.1.1.1 example.com www.example.com

android – Is there a way to keep the query by intercepting the proxy for at least a minute before the application checks your connection?

I just bypass SSL pinning on an android application, but the problem is that the application does not allow me to play with the request on my interception proxy. That says something like a problem with your network or check your internet connection, it can be slow. He was saying the same thing before I bypass SSL pinning.

My assumption is that the application is coded so that it expects to get a quick response from the server. Since I play with the query on my interception proxy, the server does not respond because the request is still on my proxy and is not sent to the server.

Is there a way to get out?

apache – Proxy a domain from one server to another and keep the domain name

I have a unique external address that points to a server that serves multiple domains with the help of virtual hosts. I want to serve one of the virtual hosts on a new physical machine and try to use a reverse proxy for this to happen.

On the main server, the configuration looks like this (the names have been changed to protect the culprit):


    DocumentRoot /abc/htdocs/virtual/swnc
    ServerName swnc.org
    
        Options FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    

On the new physical computer, the domain referenced above is configured with:


    ServerName swnc.org
    ProxyPass "https://webmasters.stackexchange.com/" "http://www.example.org/virtual/swnc"
    ProxyPassReverse "https://webmasters.stackexchange.com/" "http://www.example.org/virtual/swnc"

This configuration works, but the resulting URL matches what is specified in ProxyPass statement above rather than the "real" URL that should be swnc.org.

I've tried to add ProxyPreserveHost On in the configuration but it made no difference. Is there anything missing or is it simply impossible to forward the proxy request to the new machine and keep the "real" domain name?

nginx: inverse proxy https in unsecured http

I have a nginx reverse proxy with ssl, which works fine, but when I configure a proxy proxy, ssl does not work and gives me a connection that is not fully secure

here is my nginx.conf

http {
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    proxy_set_header Host $host;
    # server_tokens off;
        resolver 8.8.8.8 ipv6=off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    gzip on;
    gzip_disable "msie6";

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
    include /etc/nginx/upstream;
}

site configuration

server {
        listen x.x.x.x:80 default_server;

    server_name example;

        include /etc/nginx/location;

}

    server {
        listen x.x.x.x:443 ssl;

        server_name example;
        ssl_certificate /etc/nginx/ssl/resty-auto-ssl-fallback.crt;
        ssl_certificate_key /etc/nginx/ssl/resty-auto-ssl-fallback.key;
        ssl_prefer_server_ciphers on;
        ssl_ciphers      EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
        ssl_protocols    TLSv1 TLSv1.1 TLSv1.2;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
        include /etc/nginx/locations;

    }

location configuration

index index.php;


proxy_intercept_errors on;
error_page 404 = @index;

location / {
    if ($http_x_forwarded_proto = "http") {
       return 302 https://$server_name$request_uri;
    }
    try_files $uri $uri/ @static;
}

location ~ .php$ {
root /var/site;
    include        fastcgi_params;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    fastcgi_index  index.php;
    fastcgi_pass   upstream;
}

location @403 {
    return 403;
}

location ~ /.(ht|svn|git) {
    deny all;
}

location @static {

    proxy_pass http://static_upstream;
}

location @index {

try_files $uri $uri/ /index.php?$args;
}

upstream configuration

upstream upstream {
server x.x.x.x:9061;
}
upstream static_upstream {
server x.x.x.x:80;
}

proxy – How can I make ShadowSocksR and Chrome work together?

I bought a cloud platform for SSR (ShadowSocksR). And it worked in the IE browser, but it could not work in chrome.

A user told me that it would work if I changed the name of the dial-up connection. But I connect to the Internet by WIFI.

By the way, I configured the cloud service with Xshell and used it with shadowsocks.