Nginx Reverse Proxy to web applications and directories
This is used for quickly setting up Dradis and sharing Eyewitness results for team collaboration purposes via Nginx reverse proxy
Intructions are originally based on Wazuh - Kibana - Nginx guide
Technologies
Script
Make sure to change:
<Directory_of_eyewitness>
<user>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61 | sudo apt install dradis nginx apache2-utils -y
sudo rm /etc/nginx/sites-available/default
sudo rm /etc/nginx/sites-enabled/default
sudo mkdir -p /etc/pki/tls/certs /etc/pki/tls/private
sudo openssl req -x509 -nodes -days 365 -newkey \
rsa:2048 -keyout /etc/pki/tls/private/dradis-access.key \
-out /etc/pki/tls/certs/dradis-access.pem
sudo cat > /etc/nginx/conf.d/default.conf <<EOF
server {
listen 8443 http2;
ssl on;
ssl_certificate /etc/pki/tls/certs/dradis-access.pem;
ssl_certificate_key /etc/pki/tls/private/dradis-access.key;
access_log /var/log/nginx/nginx.access.log;
error_log /var/log/nginx/nginx.error.log;
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/conf.d/dradis.htpasswd;
proxy_pass http://localhost:3000/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-SSL-Client-Cert $ssl_client_cert;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
}
}
server {
listen 8444 http2;
gzip on;
ssl on;
ssl_certificate /etc/pki/tls/certs/dradis-access.pem;
ssl_certificate_key /etc/pki/tls/private/dradis-access.key;
access_log /var/log/nginx/nginx.access.log;
error_log /var/log/nginx/nginx.error.log;
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/conf.d/dradis.htpasswd;
root <Directory_of_eyewitness i.e. /home/kali/Results/eyewitness>;
index report.html report_page2.html report_page3.html report_page4.html report_page5.html;
}
}
EOF
htpasswd -c /etc/nginx/conf.d/dradis.htpasswd <user>
sudo systemctl enable nginx
sudo systemctl restart nginx
sudo systemctl enable dradis
sudo dradis
|
Last update: January 22, 2021