ASL + Varnish + Nginx

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
imadsani
Forum Regular
Forum Regular
Posts: 112
Joined: Mon Sep 16, 2013 10:10 am
Location: Lahore

ASL + Varnish + Nginx

Unread post by imadsani »

I'm adding varnish in front of my webservers to reduce server load, how would ASL work in this scenario?

My question, to be more precise, is whether I'll need to configure req.http.X-Forwarded-For in varnish and set_real_ip_from & real_ip_header in nginx?
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: ASL + Varnish + Nginx

Unread post by scott »

Yeah, you need the client IP to show up correctly in the apache logs, otherwise its going to shun your reverse proxies.
imadsani
Forum Regular
Forum Regular
Posts: 112
Joined: Mon Sep 16, 2013 10:10 am
Location: Lahore

Re: ASL + Varnish + Nginx

Unread post by imadsani »

will it still work if i've moved nginx to a non-standard port?

edit: I've made the changes to both nginx's config and varnish but I still am using a custom port for nginx. I'm trying to add a TWAF entry but am getting the dreaded "I need more licenses message". Is there anyway I can get around this?

Hint: I have 3 IP addresses that i need to set this up for.
Post Reply