This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Seafile and WAF

Hi,

I installed a seafile server together with nginx in a virtual machine. The corresponding virtual webserver in WAF listens to one out of five static IPs.
The nginx webserver connects as reverse proxy to the seafile ports 8000 and 8082 and listens itself to port 80.
So, the virtual webserver in WAF shall communicate to Seafile over port 80 and convert the communication over the internet through port 443.
The certificate is centrally stored on Sophos UTM.
Now the problem is that calling the address https://seafile.domain.de is somehow rewritten to https://seafile.domain.de:80/accounts... which of course cannot work. I have no idea what produces this rewriting. Is there a general problem with nginx working as reverse proxy behind WAF being a reverse proxy as well?
If I define port 8000 in the real webserver configuration instead of port 80, that obviously does not work. Otherwise I could bypass the nginx reverse proxy and address Seafile directly.

Any ideas?

Best, Ralph



This thread was automatically locked due to age.
  • Hi Ralf,
    you can try to configure the virtual web server type to "Encrypted & redirect" instead of just "Encrypted".
    Just try it.

    Regards

    mod

     

     

  • That makes no difference.  Has anyone got a working configuration with seafile and nginx as reverse proxy?

  • Today, I was trying to redirect from a WAF virtual webserver published with HTTPS to a real webserver published internally on http.   UTM kept adding /default.aspx to the URL.  I only had a /default.htm file installed on the site, so the connection failed.   Eventually, I surrendered by creating a /default.aspx page on the real webserver, and everything began working as intended.   The problem was solved only a few hours ago without calling support.   Since I found a workaround, I don't know if I will do; to ask them to investigate, I would have to break the configuration again.

    Nonetheless, your problem sounds very similar to mine, so I hope this gives you a clue. 

  • Hi Ralph,

    I have to admit that I don't understand why you would want two reverse proxies in a row...

    Please show the Edit of the Virtual Server definition with the 'Advanced' section open.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA