Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)

Featured Replies

2 minutes ago, irandumi said:

I just did what you suggested and still no luck...

What error shows in the docker log?

  • Replies 6.2k
  • Views 1.5m
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Confirming this worked for me too. Not sure I needed to replace both, but I did anyway and Swag and Nextcloud are both back and up and running. For noobs like me, here's what I did: 1. Stop

  • I will only post this once. Feel free to refer folks to this post.   A few points of clarification:   The last update of this image didn't break things. Letsencrypt abruptly disabl

  • BigBoyMarky
    BigBoyMarky

    I replaced both the ssl.conf and nginx.conf files with the sample ones to update them since I did not make any custom modifications to either one of those and this resolved my issue.

Posted Images

12 minutes ago, upthetoon said:

 

This got lost in all the replies I think. 

 


Invalid port in redirect target. Only ports 80 and 443 are supported, not 444

 error anyone?

 

You have to have setup your router port forward incorrectly I'm going to guess.

4 minutes ago, jonathanm said:

What error shows in the docker log?

 

same exact error as before.  

 

UNRAID - F.png

Edited by irandumi

1 hour ago, CHBMB said:

publicip:port will only work if you have forwarded the relevant port.

 

To be honest I'm confused, what I think the situation is, is this.

 

From a WAN connection everything is working as expected.

When on your LAN you can't connect via domainname.com/service

 

Is that's the case, and it was happening before, still sounds like NAT reflection / hairpin NAT issues to me.

 

Yeah, me too, but I actually CAN connect from my LAN connection, here's what I've tested;

 

domain.com/service - works for external user and my phone connected to LAN, but NOT on my PC (timeout error).

public IP:port (had the port configured before I switched to letsencrypt) - works for external user and my phone connected to LAN, but NOT on my PC (timeout error).

local IP:port - works on my PC, but not for my phone.

 

This really bugs me, since I had no problem accessing either on my PC before this happened, and now after getting them working again, my PC is blocked somehow.

 

We've already confirmed my docker and ports have been properly setup, and since nextcloud works via domain.com/service for everyone but my PC, we can rule out duckdns config as well (correct me if I'm wrong), and if the issue was NAT at my router, then my phone would experience the same problem, yes? My phone and PC being on the same network, only difference is my phone using wifi and my pc being cabled, shouldn't make a difference.. I just don't understand, I haven't changed anything other than applying the fix needed for letsencrypt?

1 minute ago, Dhagon said:

 

Yeah, me too, but I actually CAN connect from my LAN connection, here's what I've tested;

 

domain.com/service - works for external user and my phone connected to LAN, but NOT on my PC (timeout error).

public IP:port (had the port configured before I switched to letsencrypt) - works for external user and my phone connected to LAN, but NOT on my PC (timeout error).

local IP:port - works on my PC, but not for my phone.

 

This really bugs me, since I had no problem accessing either on my PC before this happened, and now after getting them working again, my PC is blocked somehow.

 

We've already confirmed my docker and ports have been properly setup, and since nextcloud works via domain.com/service for everyone but my PC, we can rule out duckdns config as well (correct me if I'm wrong), and if the issue was NAT at my router, then my phone would experience the same problem, yes? My phone and PC being on the same network, only difference is my phone using wifi and my pc being cabled, shouldn't make a difference.. I just don't understand, I haven't changed anything other than applying the fix needed for letsencrypt?

 

I don't think it's anything to do with letsencrypt, as it works on your phone connected to LAN.  Therefore has to be something with the PC.  Tried clearing out browser cache and cookies?

Just now, CHBMB said:

 

I don't think it's anything to do with letsencrypt, as it works on your phone connected to LAN.  Therefore has to be something with the PC.  Tried clearing out browser cache and cookies?

 

Yeah, that was my first conclusion as well, that's why I was hestitant on posting here in the first place, and then I discovered the HTTPVAL problem like everyone else. I just can't figure out what it could be. I've tried different browsers; edge, firefox, chrome; same result across all of them, cleared cookies and browser cache, no difference.. The more I try to fix it the more I think I've over complicated this and missed something really simple. At least you got confused too.

Just now, Dhagon said:

 

Yeah, that was my first conclusion as well, that's why I was hestitant on posting here in the first place, and then I discovered the HTTPVAL problem like everyone else. I just can't figure out what it could be. I've tried different browsers; edge, firefox, chrome; same result across all of them, cleared cookies and browser cache, no difference.. The more I try to fix it the more I think I've over complicated this and missed something really simple. At least you got confused too.

 

Some sort of port redirection that's come about because of you starting to use port 80?

 

 

20 minutes ago, irandumi said:

 

same exact error as before. 

 

Is there a special character in your subdomain?

5 minutes ago, CHBMB said:

 

Is there a special character in your subdomain?

 

I have exactly the same error since update to 6.4 - before everything was running fine.

 

I don´t have any special character in my domain ;)

Edited by b0mb

9 minutes ago, CHBMB said:

 

Some sort of port redirection that's come about because of you starting to use port 80?

 

 

 

I've thought about that, but I don't understand how that only affects traffic coming from my PC? If it was redirecting to somewhere wrong using port 80, wouldn't that happen on my phone, too?

Same issues as the rest.  I've read the 100+ responses on how to fix.  I went to go edit the HTTPVAL option.  Can't find it.  I have advanced settings selected, and I've also clicked on "show more settings" and it's not there.  


I removed the docker and image and nothing different.

 

I must be blind.  Someone take a look at the image and say "it's right there ya fool!".

 

httpval.png

@Living Legend

After you've uninstalled it you need to delete it from "previous apps" in CA too. Otherwise the old stored template will remain and reinstall when you are installing again. That's my qualified guess. :)

@Living Legend If you installed way back when, then changes to the template aren't propogated.  Only happens if you installed after that feature was implemented in CA.

This might be a dumb question, but if i had a VPN, would that get around my ISP blocking port 80?

26 minutes ago, Brettv said:

This might be a dumb question, but if i had a VPN, would that get around my ISP blocking port 80?

No, unless you control the other endpoint and have ports forwarded through the VPN. Most commercial VPN's don't forward port 80, so pointing your domain name at the VPN's IP address isn't going to work.

 

If you have a VPN to a server elsewhere that you control, and that remote servers WAN connection has incoming port 80 open, then yes, you should be able to get it set up.

2 hours ago, CHBMB said:

Anyone needing help.  Read this first.....

 

Posting this again before I go to bed in the hope it will get read......

 

I read through the tips and have hopefully done everything and posted everything necessary.

 

This all happened immediately upon update to 6.4.

 

Since then, the docker has been unable to start.  

 

This is my error when I deleted the docker and restarted it:

error.thumb.jpg.7926c30e599b8b2c0343aef600ec027d.jpg

 

This is my template:

templateLetsEncrypt.thumb.jpg.df7d9db72cd573183617d9ea8e865aff.jpg

 

 

The log file only shows this (unsure which one to pull off appdata folder):

logs.jpg.5b86fa9e7047f88f08c12c4f9e235520.jpg

 

Here are the router settings:

portForward.jpg.323a759506c53bd02a35da0d8f62b4d4.jpg

 

And since the basic error would make me think I used 443 for something else, here is a screenshot of currently deployed ports for the dockers:

port443.jpg.b34d01c9a07b2f23ccff65dd7ff73f19.jpg

Edited by Living Legend

6 minutes ago, Living Legend said:

 

I read through the tips and have hopefully done everything and posted everything necessary.

 

This all happened immediately upon update to 6.4.

 

Since then, the docker has been unable to start.  

 

This is my error when I deleted the docker and restarted it:

error.thumb.jpg.7926c30e599b8b2c0343aef600ec027d.jpg

 

This is my template:

templateLetsEncrypt.thumb.jpg.d61747672eac8a533cfff00f0b5e4fb1.jpg

 

The log file only shows this (unsure which one to pull off appdata folder):

logs.jpg.5b86fa9e7047f88f08c12c4f9e235520.jpg

 

Here are the router settings:

portForward.jpg.323a759506c53bd02a35da0d8f62b4d4.jpg

 

And since the basic error would make me think I used 443 for something else, here is a screenshot of currently deployed ports for the dockers:

port443.jpg.b34d01c9a07b2f23ccff65dd7ff73f19.jpg

 

Read through the last few pages

30 minutes ago, aptalca said:

Read through the last few pages

 

Well I guess that means I missed some stuff, haha!

 

Will do.

Got everything setup and running now - but when users to go to www.mydomain.com it fails to load, but if you go to https://www.mydomain.com it will load fine, and then going to the plain old HTTP version (no HTTPS) will auto-redirect after that.

 

How can I get visitors to not have to first enter HTTPS and get it to auto-redirect?

 

Thanks!

8 minutes ago, CorneliousJD said:

Got everything setup and running now - but when users to go to www.mydomain.com it fails to load, but if you go to https://www.mydomain.com it will load fine, and then going to the plain old HTTP version (no HTTPS) will auto-redirect after that.

 

How can I get visitors to not have to first enter HTTPS and get it to auto-redirect?

 

Thanks!

 

It seems your redirect of http to https is not working, but you have hsts working. Check your nginx config. Google has plenty of guides for that

EDIT: Thanks I'll look into the nginx redirect part, and see if I can find a way to disable HSTS as well due to the below issue I had just posted. Unless someone knows a quick way to disable HSTS?

 

Another, separate issue - I use my www.mydomain.com as kind of a shortcut page to other services, e.g. a shortcut on there links to my UniFi setup, which runs HTTPS on a different port than 443, and obviously doesn't use the same certificate. When I try to browse to that site I get 

 

Because this site uses HTTP Strict Transport Security, you can’t continue to this site at this time. 

That's in IE, and in Chrome it shows

You cannot visit mydomain.com right now because the website uses HSTS. 

Edited by CorneliousJD

1 hour ago, aptalca said:

 

Read through the last few pages

 

Figured out that my redirect of the unRAID HTTPS port to 445 created some unknown conflict.  442 worked.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.