starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-26 01:45:54 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #2366] Default site redirect #1674

New issue
Closed
opened 2026-02-26 07:31:59 +03:00 by kerem · 4 comments
kerem commented 2026-02-26 07:31:59 +03:00
Owner
Copy link

Originally created by @NA3 on GitHub (Nov 3, 2022).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2366

image

i want to redirect all request who dont have a proxy configuration to a local honeypot, when i put my local ip on the redirect to, the call it made on internet dns server and get no host found, how can i redirect to a local http server? and can i got 1 redirect for http and another to https?
Regards.

Originally created by @NA3 on GitHub (Nov 3, 2022). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2366 ![image](https://user-images.githubusercontent.com/3059879/199833860-f3e7d26f-2893-401c-9d68-ff3d7819fe2f.png) i want to redirect all request who dont have a proxy configuration to a local honeypot, when i put my local ip on the redirect to, the call it made on internet dns server and get no host found, how can i redirect to a local http server? and can i got 1 redirect for http and another to https? Regards.
kerem 2026-02-26 07:31:59 +03:00
kerem commented 2026-02-26 07:31:59 +03:00
Author
Owner
Copy link

@the1ts commented on GitHub (Nov 6, 2022):

Perhaps use the custom page option with a simple html redirect?
<meta http-equiv="Refresh" content="0; url='https://www.w3docs.com'" />
This would redirect anyone to https://www.w3docs.com.

You will only see traffic to the redirected webserver if the bad actor is looking at the redirect and following and not simply probing your ports. I'm not 100% sure what you are trying to do with this honeypot over getting bad actor IP addresses which are available from the nginx access logs.

So if you want to do the redirect, setup a honeypot hostname inside NPM to proxy to this local http server. Then use the default site custom page to redirect to that honeypot hostname.

As to different for http and https not without using NPM custom nginx configuration for that honeypot hostname.

<!-- gh-comment-id:1304828067 --> @the1ts commented on GitHub (Nov 6, 2022): Perhaps use the custom page option with a simple html redirect? `<meta http-equiv="Refresh" content="0; url='https://www.w3docs.com'" />` This would redirect anyone to `https://www.w3docs.com`. You will only see traffic to the redirected webserver if the bad actor is looking at the redirect and following and not simply probing your ports. I'm not 100% sure what you are trying to do with this honeypot over getting bad actor IP addresses which are available from the nginx access logs. So if you want to do the redirect, setup a honeypot hostname inside NPM to proxy to this local http server. Then use the default site custom page to redirect to that honeypot hostname. As to different for http and https not without using NPM custom nginx configuration for that honeypot hostname.
kerem commented 2026-02-26 07:31:59 +03:00
Author
Owner
Copy link

@NA3 commented on GitHub (Nov 6, 2022):

i will try to explain better,
i have a www vlan on my network, my opnsene redirect 80 and 443 on npm and 1-64000 to t-pot,
the lan rule are like that :

  • 1st 80 and 443 to npm
  • 2nd all other on t-pot

but when i try access an unknow vhost on my wan ip i got redirect to the default page of npm
i want to be redirect to they 2 honeypot on t-pot who trap 80 and 443 in place of the default page
can i use proxy_pass , proxy_redirect to the local ip of t-pot if the vhost dont match with one is configured?

<!-- gh-comment-id:1304850183 --> @NA3 commented on GitHub (Nov 6, 2022): i will try to explain better, i have a www vlan on my network, my opnsene redirect 80 and 443 on npm and 1-64000 to t-pot, the lan rule are like that : - 1st 80 and 443 to npm - 2nd all other on t-pot but when i try access an unknow vhost on my wan ip i got redirect to the default page of npm i want to be redirect to they 2 honeypot on t-pot who trap 80 and 443 in place of the default page can i use proxy_pass , proxy_redirect to the local ip of t-pot if the vhost dont match with one is configured?
kerem commented 2026-02-26 07:31:59 +03:00
Author
Owner
Copy link

@the1ts commented on GitHub (Nov 6, 2022):

Using NPM the only way I can see is to use the method I described. Any other way would require changing default NPM files which would break on updating NPM. (i.e. the files to change this behaviour are files inside the container, not files on /data outside the container).

So:

  1. Create a DNS hostname for the honeypot in your DNS provider
  2. Create an NPM proxy host for that honeypot hostname pointing at t-pot IP and port
  3. Use a redirect as the default page to your honey pot hostname.

As you said, you cannot use the local IP of t-pot directly because you are going to need to redirect the web browser so it must be a internet routeable IP/hostname. But this will mean any web browser hitting your IP directly (i.e. not hitting a valid domain with a vhost setup in NPM) will get the default web page which redirects them to the honeypot hostname and therefore t-pot.

<!-- gh-comment-id:1304884510 --> @the1ts commented on GitHub (Nov 6, 2022): Using NPM the only way I can see is to use the method I described. Any other way would require changing default NPM files which would break on updating NPM. (i.e. the files to change this behaviour are files inside the container, not files on /data outside the container). So: 1. Create a DNS hostname for the honeypot in your DNS provider 2. Create an NPM proxy host for that honeypot hostname pointing at t-pot IP and port 3. Use a redirect as the default page to your honey pot hostname. As you said, you cannot use the local IP of t-pot directly because you are going to need to redirect the web browser so it must be a internet routeable IP/hostname. But this will mean any web browser hitting your IP directly (i.e. not hitting a valid domain with a vhost setup in NPM) will get the default web page which redirects them to the honeypot hostname and therefore t-pot.
kerem commented 2026-02-26 07:31:59 +03:00
Author
Owner
Copy link

@NA3 commented on GitHub (Nov 6, 2022):

thx

<!-- gh-comment-id:1304887490 --> @NA3 commented on GitHub (Nov 6, 2022): thx
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#1674
No description provided.