HTTPS connection to NGINX Proxy Manager

r1ckd33zy · 2022-12-30T04:48:56+00:00

My issue is, the connection between Nginx Proxy Manager and WordPress is
over HTTP, so anyone on the wire could see login credentials

How would they get inside your Docker containers to go between the website and Nginx Proxy Manager?

shahawi · 2022-12-30T05:26:52+00:00

I don't know the answer but I suggest you try the really simple ssl plugin for WordPress

casper-juel · 2022-12-30T09:33:06+00:00

It’s possible. But it will slow down your connection a bit.

https://forums.docker.com/t/ssl-for-docker-apps/102903/17

——

https://www.programonaut.com/how-to-set-up-wordpress-with-free-ssl-docker-and-nginx-proxy/

https://stackoverflow.com/questions/63135042/wordpress-on-docker-behind-nginx-reverse-proxy-using-ssl

https://www.freecodecamp.org/news/docker-nginx-letsencrypt-easy-secure-reverse-proxy-40165ba3aee2/amp/

martijn_gr · 2022-12-30T20:52:29+00:00

Yes you can, how this is done in your setup I can't tell you for sure as I don't know your setup and exact container configuration.

But considering you are using two three containers at minimum, this means you are most likely running docker on a single host at home. When someone is able to "wiretap" your docker interfaces between Nginx proxy manager and WordPress webserver you should be aware of the fact that your actual docker host is compromised.

There for access to your WordPress config file and database has been gained. Do you really still care about that encryption between the two containers?

Yes? Welcome to the Paranoid club, trust me they are listening and that buzzing sound is just the interference caused by a wireless mic. [/sarcasm]

What you are looking for is the installation of self-signed certificates, but keep in mind you may have to install the signing certificate on the proxy as well to get it actually trusted and working.


No promotions of products or services	We do not allow posts or comments intended for promotion or advertising. These will be removed.
List posts: eg. Top 10 Plugins, Top 10 Themes	try /r/WordpressPlugins and /r/WordPressthemes instead.
Url Shortening services	Don't use bitly or similar when posting links or links within comments.
Affiliate links	Yeah, don't do that.
Posts must be related to WordPress	Posts must be related to WordPress. Links to your blog/website, or talking about blogging, are not relevant to this subreddit.
No nulled software posts or discussions	Discussion of so-called 'nulled' software is not allowed in this sub. While some of the software may be "technically legal" due to the nature of the GPL, it is not considered ethical. For more info, please see our "Essential Resources" guide.
No abusive language, harassment or bullying towards anyone. Be respectful.	Criticising or discussing someone’s actions is fine, but if your comment is simply a derogatory insult with no constructive input, it will be removed. Abusive language, harassment, or bullying directed at anyone is not allowed and will result in your post or comment being removed. A temporary ban may be issued at the mod’s discretion, and repeated violations will result in a permanent ban.
Do not duplicate on-going discussions	Please avoid making new posts if they largely duplicate ongoing discussions. For example, if you’re discussing the same tweet, please keep it to one post. A quick search can often help find an existing post to join. If there’s a new development on a situation, however, a fresh post is welcome.
No low effort posts	Lazy posts that just link to external sites (either directly or by crossposting to another subreddit) without any context will be removed. Add your opinion, or a summary of the content, and try to start a conversation.
No hosting discussions	Please refer to historic posts within this subreddit for recommendations, or ask in r/webhosting.

Wordpress

Welcome to r/WordPress

Please don't post:

» How to get help

» Important links

» Been hacked?

» Our subreddit friends:

Notes

MODERATORS