starred/nginx-proxy-manager-NginxProxyManager

Fork 0

mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-26 01:45:54 +03:00

[GH-ISSUE #27] Default HTTPs site behavior #25

New issue

Closed

opened 2026-02-26 05:33:08 +03:00 by kerem · 3 comments

kerem commented

2026-02-26 05:33:08 +03:00

Owner

Originally created by @jlesage on GitHub (Nov 14, 2018).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/27

Hello,

This is about commit github.com/jc21/nginx-proxy-manager@f9876326c9. Not sure if you saw my comment there, but I think that keeping ssl_ciphers aNULL is a better approach.

With valid ciphers, the browser will show a warning about self-signed certificate. After the user accepts to continue, nginx will close the connection (because of the return code 444).

Using ssl_ciphers aNULL makes the connection fails immediately, even before the browser shows any certificate warning.

Since the goal of the default HTTPs site is to make sure that no page is served, it seems better to avoid the certificate warning.

Originally created by @jlesage on GitHub (Nov 14, 2018). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/27 Hello, This is about commit https://github.com/jc21/nginx-proxy-manager/commit/f9876326c96b11f6578b96a5fff2a9cf94cddf22. Not sure if you saw my comment there, but I think that keeping `ssl_ciphers aNULL` is a better approach. With valid ciphers, the browser will show a warning about self-signed certificate. After the user accepts to continue, nginx will close the connection (because of the return code 444). Using `ssl_ciphers aNULL` makes the connection fails immediately, even before the browser shows any certificate warning. Since the goal of the default HTTPs site is to make sure that no page is served, it seems better to avoid the certificate warning.

kerem closed this issue

2026-02-26 05:33:08 +03:00

kerem commented

2026-02-26 05:33:09 +03:00

Author

Owner

@jc21 commented on GitHub (Nov 26, 2018):

Sorry for late response, holidays.

Yeah I saw your message after I changed it. I did think it was a bug at the time and since I couldn't see the default page over https, I assumed the handshake was broken by accident.

The impact of your idea vs what I changed is trivial. If it's what you really want, feel free to create another pr. Either way, the initial bug of seeing a non-default site as the default over ssl is solved.

@jc21 commented on GitHub (Nov 26, 2018): Sorry for late response, holidays. Yeah I saw your message after I changed it. I did think it was a bug at the time and since I couldn't see the default page over https, I assumed the handshake was broken by accident. The impact of your idea vs what I changed is trivial. If it's what you really want, feel free to create another pr. Either way, the initial bug of seeing a non-default site as the default over ssl is solved.

kerem commented

2026-02-26 05:33:09 +03:00

Author

Owner

@jlesage commented on GitHub (Nov 26, 2018):

Thanks for coming back on this!
I will create a new PR as you suggested.

@jlesage commented on GitHub (Nov 26, 2018): Thanks for coming back on this! I will create a new PR as you suggested.

kerem commented

2026-02-26 05:33:10 +03:00

Author

Owner

@jlesage commented on GitHub (Nov 28, 2018):

PR #30 merged. Closing the issue.

@jlesage commented on GitHub (Nov 28, 2018): PR #30 merged. Closing the issue.

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#25

No description provided.

Rows
Columns