• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

Reverse Proxy "woking" but Fusionauth is still available with port

Scheduled Pinned Locked Moved
Q&A
0
3
577
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    marvin
    last edited by marvin 27 Jun 2021, 11:12

    Hey there,

    I want to create a reverse proxy with apache2 virtual host. If I enter the credentials I get a 403 access denied.
    I force the user to got https when calling auth.mydomain.de. My problem is that fusion auth is still available on mydomain.de:9011 with http which is a security risk.
    Where do I tell fusionauth to listen only to localhost?
    And where do I tell fuisonauth to accept another domain?

    Greetings

    1 Reply Last reply Reply Quote 0
    • D
      dan
      last edited by 30 Jun 2021, 02:25

      There's no way you can configure this in FusionAuth.

      You could do this with a firewall.

      AWS EC2 has security groups (and I'm sure other cloud providers have similar constructs).

      If you are deploying on a VPS, you could block port 9011 (and the other FusionAuth ports, see the configuration reference for details) with iptables.

      Here's a result from a search: https://www.cyberciti.biz/faq/iptables-block-port/

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      • H
        hopper.jerry Power User
        last edited by 5 Jul 2021, 20:55

        Use docker?

        1 Reply Last reply Reply Quote 1
        2 out of 3
        • First post
          2/3
          Last post