Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Nginx Proxy Manager (NPM) Official

Featured Replies

6 minutes ago, mgutt said:

Open Port 80.


Did that. Still getting error, only now the reason in the log says "Some DNS challenges failed." Not sure what I am doing wrong

 

  • Replies 1.2k
  • Views 393.2k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • malghana
    malghana

    Solution: For easy access, copied this solution from Github user: "marcosvfc" GitHub Cannot Log into Admin After Upgrade to 2.12.4 · Issue #46... Checklist Have you pulled and found the error with j

  • No joke: I missed this part in the docs:   I will update the container and remove the external DB. SQLite is the easier option for the user.

  • I think this is false.   Try this in advanced: location / { add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;   proxy_set_header Upgrade $ht

Posted Images

On 7/2/2022 at 3:54 PM, 4n0nyM said:

I may have rejoiced too soon. Access to FreshRSS and Nextloud via Nginx Proxy Manager seems to fail sporadically now. Right now, for example, I could access Nextcloud, but not FreshRSS. Then I tried accessing FreshRSS again and after an unusually long wait it did open.

A quick update from me. In the last few days everything has worked again perfectly 😊👍 Thanks again for your help @mgutt

i did everything right. but only plex works.

 

why is that

1.jpg

2.jpg

3.jpg

4.jpg

  • Author
2 hours ago, bubbadk said:

but only plex works.

You set https for all your containers. Most containers do not listen on https. Only http. PS: It's useless to encrypt the traffic between NPM and the container. This produces CPU load for nothing.

39 minutes ago, mgutt said:

You set https for all your containers. Most containers do not listen on https. Only http. PS: It's useless to encrypt the traffic between NPM and the container. This produces CPU load for nothing.

Ahh ok. I'll try to use http instead. Thought that it was all about security 

Hello.

NOW i have a problem about SSL.

I have enabled "Force SSL", but the browser sometimes gives an 400 error. i have to add "https" before URL manully.

it won't happen every time, but somtimes it's annoying.

can it jump to https URL Automatically?

 

P.S.

It may happen with another problem that lose PORT

For example, i entered abc.com:12345, my expected result is https://abc.com:12345, but it was changed to http://abc.com or https://abc.com

I have no idea

  • Author
6 hours ago, Departures said:

For example, i entered abc.com:12345

Did you forward 12345 to NPM? I don't think so. Usually a proxy is used only for the ports 80 and 443.

31 minutes ago, mgutt said:

Did you forward 12345 to NPM? I don't think so. Usually a proxy is used only for the ports 80 and 443.

I set it like this, 12345 is the port to NPM(my network environment can't use 80 443,so i set it in Router to forward), and 8096 is the port of my docker app. Does the Domain Name needs a PORT?

BEFORE i add the PORT to "DOMAIN NAMES", If i add the PORT and "https" manully in URL, Like "https://abc.com:12345", NPM works correctly. BUT i don't want to type the full URL everytime.

 

1488311533_.png.0036641f3033936450d15e392a2b100e.png

 

  • Author
6 minutes ago, Departures said:

12345 is the port to NPM

There should be two ports.

 

7 minutes ago, Departures said:

can't use 80 443,so i set it in Router to forward)

Ok, and both target NPM?

 

7 minutes ago, Departures said:

Like "https://abc.com:12345

Then your router does not forward 443 to 12345. Instead 12345 is only an open Port with the target 12345. But you need source 443 and target 12345.

23 hours ago, mgutt said:

There should be two ports.

 

Ok, and both target NPM?

 

Then your router does not forward 443 to 12345. Instead 12345 is only an open Port with the target 12345. But you need source 443 and target 12345.

okay, i finished it. thanks!!!!

I've been reading through all these posts, and not finding anything that'll fix my issue. And it doesn't seem to be nearly as complicated as all the stuff people here are having. 

 

I must be really missing something, but I cannot get Nginx Proxy manager to direct traffic to my main domain but it will work fine in sending traffic to containers or VM's if I use a subdomain. For example, if I make a proxy host sub.mydomain.com pointing to a container, it works. If however I make a proxy host mydomain.com pointing to a container. It does not work. 

 

I am not sure what I'm doing wrong. 

53 minutes ago, dv310p3r said:

I cannot get Nginx Proxy manager to direct traffic to my main domain but it will work fine in sending traffic to containers or VM's if I use a subdomain. For example, if I make a proxy host sub.mydomain.com pointing to a container, it works. If however I make a proxy host mydomain.com pointing to a container. It does not work. 

What browser? It might "silently" be adding a "www" subdomain... probably try adding that too.

Also check that there is actually an entry in your domain DNS for the domain itself. Also see if you don't put a host in NPM you get the default that's configured in settings.

Edited by Kilrah

  • Author
1 hour ago, dv310p3r said:

mydomain.com

Does your main domain have the correct IP in the DNS?

3 hours ago, Kilrah said:

What browser? It might "silently" be adding a "www" subdomain... probably try adding that too.

Brave. Also the issue is that I do have to manually add www otherwise it doesn't work.

 

3 hours ago, Kilrah said:

Also check that there is actually an entry in your domain DNS for the domain itself.

There is an A record that points to my IP address.

 

3 hours ago, Kilrah said:

Also see if you don't put a host in NPM you get the default that's configured in settings.

That's not an option. The host is a required field.

 

3 hours ago, mgutt said:

Does your main domain have the correct IP in the DNS?

Yes. If I go to the IP address shown in cloudflare it'll show the "Congratulations, You've successfully started the Nginx Proxy Manager." page. Also, if I go to www.mydomain.com, which is the host I configured in NPM, it takes me to the site no problem. 

 

So, I want to do a better job of explaining what's happening. In cloudflare right now, I have an A record that points to my IP, and a cname for www that targets the main domain. We'll say it's mydomain.com.

 

In NPM on my unraid server, if I create a proxy host and put "mydomain.com" in the Domain Names input, the proxy doesn't work. Meaning, if I go to mydomain.com in a browser, I get a 500 error from cloudflare. At the same time I know NPM is running because I can go to the IP directly and see the congratulations page. Also, if I curl to the container from within the NPM console, it can communicate.

 

Now, for the weird part. If I create a new Proxy Host and give it a domain name of www.mydomain.com OR... to clear up any confusion with WWW, it' has nothing to do with WWW, because if I put poop.mydomain.com or any other subdomain.mydomain.com... NPM works as expected. If I visit, poop.mydomain.com, or subdomain.mydomain.com, I see the properly served container (of course, as long as I created the correlating cname record in cloudflare).

 

I hope that clarifies things.

1 minute ago, dv310p3r said:

That's not an option. The host is a required field.

I meant if you try to access a domain that you don't have an entry for in NPM, then you should get the "Congratulations,...". 

So if you do not put an entry for "mydomain.com"  in NPM but try accessing "mydomain.com" you should get the "Congratulations,...".  If not it's likely the issue is on the DNS side and "mydomain.com" isn't properly pointing to your address. 

Ah, yes, I understand what you mean now.

 

And yes, if I have no Proxy Hosts configured in NPM and then try and go to mydomain.com, I get the congratulations page. DNS seems to be just fine.

  • Author
9 hours ago, dv310p3r said:

And yes, if I have no Proxy Hosts configured in NPM and then try and go to mydomain.com, I get the congratulations page.

Strange. And you did test www.example.com and example.com, both with the same container as target? Did you try to add example.com to the already existing proxy host www.example.com as a second domain? Maybe this helps?!

Yeah thats's weird. My main bare "domain.com" is a redirect in my setup and that works, but I just tried adding "domain2.com" to an entry that usually only has "web.domain2.com" and that works just fine.

 

Can only think it's an issue with the entry settings, or maybe SSL cert missing, don't know how cloudflare behaves if that's missing. 

  • Author
1 hour ago, Kilrah said:

Can only think it's an issue with the entry settings, or maybe SSL cert missing, don't know how cloudflare behaves if that's missing. 

Good idea. In Cloudflare it's possible to force a valid SSL certificate between Cloudflare and NPM. Maybe this setting is active.

 

@dv310p3r

Try to add example.com to your local hosts file and set your local server IP. Then test through "ping" if the IP is used. Now open the domain again through your browser. By that you are bypassing cloudflare and connecting NPM directly.

  • 2 weeks later...

Not sure if this is the right place to ask for help, but I have a weird issue.  I have two Radarr instances in my setup, one standard and one 4k.  Today, my 4k instance is authenticating, but the page never loads fully and doesn't get me into the console, while my standard docker is accessible via the proxy link.  I can access the docker locally and authenticate, and get at what I need, but it does not work correctly when proxied.  I've attached the most relevant screenshots I can think of.  Thanks in advance for any guidance.

Screen Shot 2022-08-02 at 1.22.09 PM.png

 

Screen Shot 2022-08-02 at 1.22.17 PM.png

 

Screen Shot 2022-08-02 at 1.22.23 PM.png

 

Screen Shot 2022-08-02 at 1.22.34 PM.png

 

Screen Shot 2022-08-02 at 1.22.42 PM.png

 

Screen Shot 2022-08-02 at 1.22.50 PM.png

 

***UPDATE***

 

This issue has resolved itself, apparently.  No action needed, 4K instance is coming up as expected.

Edited by jackfalveyiv
Problem solved

Started getting this error recently.

 

 

⚠ warning Error: Command failed: logrotate /etc/logrotate.d/nginx-proxy-manager
error: skipping "/data/logs/default-host_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/fallback_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-10_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-1_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-2_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-3_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-4_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-5_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-6_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-7_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-8_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-9_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-1_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-2_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-3_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/default-host_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/fallback_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-10_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-1_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-2_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-3_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-4_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-5_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-6_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-7_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-8_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-9_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-1_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-2_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-3_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
 

 

 

/mnt/user/appdata/nginxproxymanager:
total 0
drwxrwxrwx 1 root   root   30 Nov 26  2021 ./
drwxrwxrwx 1 nobody users 894 Jul 31 11:03 ../
drwxrwxrwx 1 root   root  132 Aug  2 18:06 data/
drwxrwxrwx 1 root   root  114 Aug  2 18:06 letsencrypt/

/mnt/user/appdata/nginxproxymanager/data:
total 484
drwxrwxrwx 1 root root    132 Aug  2 18:06 ./
drwxrwxrwx 1 root root     30 Nov 26  2021 ../
drwxrwxrwx 1 root root      0 Nov 26  2021 access/
drwxrwxrwx 1 root root      0 Nov 26  2021 custom_ssl/
-rw-rw-rw- 1 root root 495616 Aug  2 18:06 database.sqlite
drwxrwxrwx 1 root root      0 Nov 26  2021 letsencrypt-acme-challenge/
drwxrwxrwx 1 root root   1410 Jul 30 22:00 logs/
drwxrwxrwx 1 root root    186 Nov 26  2021 nginx/

/mnt/user/appdata/nginxproxymanager/letsencrypt:
total 0
drwxrwxrwx 1 root root 114 Aug  2 18:06 ./
drwxrwxrwx 1 root root  30 Nov 26  2021 ../
drwxrwxrwx 1 root root  56 Nov 26  2021 accounts/
drwxrwxrwx 1 root root  36 Nov 26  2021 archive/
drwxrwxrwx 1 root root 112 Nov 26  2021 credentials/
drwxrwxrwx 1 root root 720 Jul 24 20:00 csr/
drwxrwxrwx 1 root root 720 Jul 24 20:00 keys/
drwxrwxrwx 1 root root  48 Nov 26  2021 live/
drwxrwxrwx 1 root root  66 Jul 24 20:00 renewal/
drwxrwxrwx 1 root root  26 Nov 26  2021 renewal-hooks/

  • Author
On 8/3/2022 at 3:50 AM, sdballer said:

error: skipping "/data/logs/default-host_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

The path /data/logs has wrong permissions. If they are located in appdata: Did you change them? Fix those by using chmod. You need to change them to 755 (they seem to have 777).

Thanks for this, I am new to the NPM - I have the 'old' manual method to date.  I set this up alongside it or testing.

What would be required to get the GEO blocking working with this container ?

  • Author
9 minutes ago, vw-kombi said:

What would be required to get the GEO blocking working with this container ?

The only method I know is to add every single allowed IP through the access list tab. 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.