[GH-ISSUE #383] Setting access restriction results in 403 forbidden error #326

New issue

Open

opened 2026-02-26 06:32:17 +03:00 by kerem · 66 comments

kerem commented 2026-02-26 06:32:17 +03:00

Owner

Copy link

Originally created by @Elmardus on GitHub (Apr 22, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/383

I am using Nginx Proxy Manager v2.2.3. This problem started occurring after the update to v2.2.3.

I have setup a username with password in the access list. When applying this to a proxy domain, the site becomes inaccessible with a 403 forbidden error. No login window is displayed.

Error.log
2020/04/22 13:01:10 [error] 8411#8411: *210879 access forbidden by rule, client: IP_REDACTED, server: omv.REDACTED.eu, request: "GET / HTTP/2.0", host: "omv.REDACTED.eu"

proxy_host-4.log
[22/Apr/2020:13:01:10 +0000] - - 403 - GET https omv.REDACTED.eu "/" [Client IP_REDACTED] [Length 107] [Gzip 1.36] [Sent-to 192.168.178.100] "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" "-"

Originally created by @Elmardus on GitHub (Apr 22, 2020). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/383 I am using Nginx Proxy Manager v2.2.3. This problem started occurring after the update to v2.2.3. I have setup a username with password in the access list. When applying this to a proxy domain, the site becomes inaccessible with a 403 forbidden error. No login window is displayed. Error.log ```2020/04/22 13:01:10 [error] 8411#8411: *210879 access forbidden by rule, client: IP_REDACTED, server: omv.REDACTED.eu, request: "GET / HTTP/2.0", host: "omv.REDACTED.eu"``` proxy_host-4.log ```[22/Apr/2020:13:01:10 +0000] - - 403 - GET https omv.REDACTED.eu "/" [Client IP_REDACTED] [Length 107] [Gzip 1.36] [Sent-to 192.168.178.100] "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" "-"```

kerem added the

bug

label 2026-02-26 06:32:17 +03:00

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@McCloudS commented on GitHub (Apr 22, 2020):

This is similar behavior to what I was seeing with my issue in some cases. There's a chance this could be tied to mine #382

Have you checked to see if your .conf files have "satisfy all" or "satisfy any" correctly on (usually) line 43 below "#Access checks must..."?

<!-- gh-comment-id:617932020 --> @McCloudS commented on GitHub (Apr 22, 2020): This is similar behavior to what I was seeing with my issue in some cases. There's a chance this could be tied to mine #382 Have you checked to see if your .conf files have "satisfy all" or "satisfy any" correctly on (usually) line 43 below "#Access checks must..."?

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@Elmardus commented on GitHub (Apr 27, 2020):

I have just checked, the following is added to the /nginx/proxy_host/4.conf (starting at line 50):

  location / {

    # Authorization
    auth_basic            "Authorization required";
    auth_basic_user_file  /data/access/4;

    # Access Rules
    deny all;

    # Access checks must...
    satisfy all;

I haven't yet figured out if this is an incorrect configuration, or in what way this could cause the 403 forbidden error. Any ideas?

<!-- gh-comment-id:620237498 --> @Elmardus commented on GitHub (Apr 27, 2020): I have just checked, the following is added to the `/nginx/proxy_host/4.conf` (starting at line 50): ``` location / { # Authorization auth_basic "Authorization required"; auth_basic_user_file /data/access/4; # Access Rules deny all; # Access checks must... satisfy all; ``` I haven't yet figured out if this is an incorrect configuration, or in what way this could cause the 403 forbidden error. Any ideas?

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@jameski83 commented on GitHub (Apr 28, 2020):

I am getting the same issue on 2.2.3. It won't accept allow all as an entry via the web gui. If I edit the file /nginx/proxy_host/*.conf manually to allow all instead of deny all it works.

I want it to ask for basic auth when accessing via any IP address, not sure if this is the right way to do this or not. Please advise

<!-- gh-comment-id:620829629 --> @jameski83 commented on GitHub (Apr 28, 2020): I am getting the same issue on 2.2.3. It won't accept allow all as an entry via the web gui. If I edit the file /nginx/proxy_host/*.conf manually to allow all instead of deny all it works. I want it to ask for basic auth when accessing via any IP address, not sure if this is the right way to do this or not. Please advise

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@modem7 commented on GitHub (May 2, 2020):

https://github.com/jc21/nginx-proxy-manager/issues/393 is possibly also related

<!-- gh-comment-id:623015740 --> @modem7 commented on GitHub (May 2, 2020): https://github.com/jc21/nginx-proxy-manager/issues/393 is possibly also related

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@andyjhall commented on GitHub (May 7, 2020):

Similar issue, I wish to use access rules without authorisation however the host still asks for basic auth. Most likely because there needs to be a check in code "if the user / password list is empty, dont include 'auth_basic' in the config file". This check needs to be put in the proxy_host.conf template

<!-- gh-comment-id:625168272 --> @andyjhall commented on GitHub (May 7, 2020): Similar issue, I wish to use access rules without authorisation however the host still asks for basic auth. Most likely because there needs to be a check in code "if the user / password list is empty, dont include 'auth_basic' in the config file". This check needs to be put in the proxy_host.conf template

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@radumpopescu commented on GitHub (May 7, 2020):

I had the same issue.
It seems to be happening only when HTTP/2 Support is active on the proxy.
After I disabled it, it asked me for login and it worked.

<!-- gh-comment-id:625544432 --> @radumpopescu commented on GitHub (May 7, 2020): I had the same issue. It seems to be happening only when `HTTP/2 Support` is active on the proxy. After I disabled it, it asked me for login and it worked.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@Indemnity83 commented on GitHub (May 10, 2020):

By design, a client will need to meet BOTH the authorization, and access rules defined on the access list unless you select the satisfy any option.

It sounds like you're only setting a username/password and not modifying the authorization rules or setting satisfy any and the default deny all rule in the authorization is resulting in a 403 response.

It sounds like your use case requires setting the satisfy any option on the access list to tell Nginx to let a user in if they satisfy either the Authentication or Access rules.

<!-- gh-comment-id:626257516 --> @Indemnity83 commented on GitHub (May 10, 2020): By design, a client will need to meet BOTH the authorization, and access rules defined on the access list unless you select the `satisfy any` option. It sounds like you're only setting a username/password and not modifying the authorization rules or setting `satisfy any` and the default `deny all` rule in the authorization is resulting in a 403 response. It sounds like your use case requires setting the `satisfy any` option on the access list to tell Nginx to let a user in if they satisfy _either_ the Authentication or Access rules.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@Indemnity83 commented on GitHub (May 10, 2020):

Similar issue, I wish to use access rules without authorisation however the host still asks for basic auth. Most likely because there needs to be a check in code "if the user / password list is empty, dont include 'auth_basic' in the config file". This check needs to be put in the proxy_host.conf template

This is a different issue to the OP's ... I've submitted PR #403 to prevent the server asking for auth if no users are defined.

<!-- gh-comment-id:626257739 --> @Indemnity83 commented on GitHub (May 10, 2020): > Similar issue, I wish to use access rules without authorisation however the host still asks for basic auth. Most likely because there needs to be a check in code "if the user / password list is empty, dont include 'auth_basic' in the config file". This check needs to be put in the proxy_host.conf template This is a different issue to the OP's ... I've submitted PR #403 to prevent the server asking for auth if no users are defined.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@Indemnity83 commented on GitHub (May 10, 2020):

It won't accept allow all as an entry via the web gui

This is also fixed in #402

<!-- gh-comment-id:626364769 --> @Indemnity83 commented on GitHub (May 10, 2020): > It won't accept allow all as an entry via the web gui This is also fixed in #402

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@Elmardus commented on GitHub (Nov 23, 2020):

I believe this issue has been fixed, on the current version access restrictions work without problems as far as I know.

<!-- gh-comment-id:732179669 --> @Elmardus commented on GitHub (Nov 23, 2020): I believe this issue has been fixed, on the current version access restrictions work without problems as far as I know.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@robertorubioguardia commented on GitHub (Nov 28, 2020):

I had the same issue.
It seems to be happening only when HTTP/2 Support is active on the proxy.
After I disabled it, it asked me for login and it worked.

This solved the 403 in my case. HTTP/2 was messing up with the auth.

<!-- gh-comment-id:735230914 --> @robertorubioguardia commented on GitHub (Nov 28, 2020): > I had the same issue. > It seems to be happening only when `HTTP/2 Support` is active on the proxy. > After I disabled it, it asked me for login and it worked. This solved the 403 in my case. HTTP/2 was messing up with the auth.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@robertorubioguardia commented on GitHub (Nov 28, 2020):

just in case, it happened today on a fresh install of the last version. So maybe its not fully resolved.

<!-- gh-comment-id:735231105 --> @robertorubioguardia commented on GitHub (Nov 28, 2020): just in case, it happened today on a fresh install of the last version. So maybe its not fully resolved.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@dioxidec commented on GitHub (Dec 7, 2020):

Fresh install today, I get a 403 Forbidden when satisfy any is enabled if there is a username/pass on its own or if I also have a username/pass and allowed ip filled in. It also happens if the satisy all is disabled with both usr/pass and IP set. This is using the docker image on unraid community apps.

UPDATE: It seems you need to restart the docker after each change of an option for it to take effect. I now get the pop up for usr/pass etc

<!-- gh-comment-id:740102215 --> @dioxidec commented on GitHub (Dec 7, 2020): Fresh install today, I get a 403 Forbidden when satisfy any is enabled if there is a username/pass on its own or if I also have a username/pass and allowed ip filled in. It also happens if the satisy all is disabled with both usr/pass and IP set. This is using the docker image on unraid community apps. UPDATE: It seems you need to restart the docker after each change of an option for it to take effect. I now get the pop up for usr/pass etc

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@robertorubioguardia commented on GitHub (Dec 7, 2020):

@dioxidec it happens if you use HTTP/2 and ACL. Disabling HTTP/2 fixed it for me and other in this thread.

<!-- gh-comment-id:740166364 --> @robertorubioguardia commented on GitHub (Dec 7, 2020): @dioxidec it happens if you use HTTP/2 and ACL. Disabling HTTP/2 fixed it for me and other in this thread.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@Hukuma1 commented on GitHub (Mar 24, 2021):

@dioxidec it happens if you use HTTP/2 and ACL. Disabling HTTP/2 fixed it for me and other in this thread.

+1

Thank you. Was trying to simply add 192.168.1.0/24 to allow list and it was giving 403 forbidden even with satisfy any setting. Turning off HTTP/2 fixed it for me as well.

<!-- gh-comment-id:805413096 --> @Hukuma1 commented on GitHub (Mar 24, 2021): > @dioxidec it happens if you use HTTP/2 and ACL. Disabling HTTP/2 fixed it for me and other in this thread. +1 Thank you. Was trying to simply add `192.168.1.0/24` to allow list and it was giving 403 forbidden even with `satisfy any` setting. Turning off HTTP/2 fixed it for me as well.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@wildernessfamily commented on GitHub (Sep 12, 2021):

This has been driving me crazy. Been working on this for the past hour. I was also receiving the 403 error. I did try disabling HTTP/2. What worked was disabling HTTP/2 and then restarting the container. Saving it in NPM was not enough. I had to disable SSL support, save, completely restart the container, re-enable SSL support, restart the container. Once I did that it worked.

<!-- gh-comment-id:917695742 --> @wildernessfamily commented on GitHub (Sep 12, 2021): This has been driving me crazy. Been working on this for the past hour. I was also receiving the 403 error. I did try disabling HTTP/2. What worked was disabling HTTP/2 and then restarting the container. Saving it in NPM was not enough. I had to disable SSL support, save, completely restart the container, re-enable SSL support, restart the container. Once I did that it worked.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@kekonn commented on GitHub (Nov 25, 2021):

I can confirm this issue is still there.

<!-- gh-comment-id:979347145 --> @kekonn commented on GitHub (Nov 25, 2021): I can confirm this issue is still there.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@vdachev commented on GitHub (Dec 3, 2021):

Hi guys! I played around a bit with NPM and the backing Nginx... And IMHO there are number of issues that cause all the confusion.

• NPM does not reload affected proxy host configurations when you change the access lists.
  • I did killall -HUP nginx in the Docker container to do that, but:
  • You can do that by opening and saving the proxy host configurations (individually) in the UI.
• Confusion with the Satisfy Any switch and Authorization (which I suppose should be Authentication) and Access tabs:
  • When checking a client against the Authorization tab, they are allowed if the list is empty (because NPM skips the basic auth directives in Nginx whatsoever).
  • When checking a client against the Access tab, they are denied if the list is empty (because NPM forces you to have a deny all directive in Nginx).
  • If the Satisfy Any is disabled (i.e. satisfy all in Nginx), a client should be allowed by both the Authorization and Acccess tabs.
  • If the Satisfy Any is enabled (i.e. satisfy any in Nginx, a client should be allowed by any the Authorization and Acccess tabs.

Bottomline, if you want basic authentication only without checking against the white list:

1. Add users to the Authorization tab.
2. Two options:
   1. Enable the Satisfy All switch and keep the Access tab empty.
   2. Disable the Satisfy All switch and add an allow all rule in the beginning of the Access tab.
3. Re-save the affected proxy host(s).

<!-- gh-comment-id:985728478 --> @vdachev commented on GitHub (Dec 3, 2021): Hi guys! I played around a bit with NPM and the backing Nginx... And IMHO there are number of issues that cause all the confusion. - **NPM does not reload affected proxy host configurations when you change the access lists.** - I did `killall -HUP nginx` in the Docker container to do that, but: - You can do that by opening and saving the proxy host configurations (individually) in the UI. - Confusion with the **Satisfy Any** switch and **Authorization** (which I suppose should be **Authentication**) and **Access** tabs: - When checking a client against the **Authorization** tab, they are **allowed** if the list is empty (because NPM skips the basic auth directives in Nginx whatsoever). - When checking a client against the **Access** tab, they are **denied** if the list is empty (because NPM forces you to have a `deny all` directive in Nginx). - If the **Satisfy Any** is **disabled** (i.e. `satisfy all` in Nginx), a client should be allowed by **both** the **Authorization** and **Acccess** tabs. - If the **Satisfy Any** is **enabled** (i.e. `satisfy any` in Nginx, a client should be allowed by **any** the **Authorization** and **Acccess** tabs. Bottomline, if you want basic authentication only without checking against the white list: 1. Add users to the **Authorization** tab. 2. Two options: 1. **Enable** the **Satisfy All** switch and keep the **Access** tab empty. 2. **Disable** the **Satisfy All** switch and add an `allow all` rule in the beginning of the **Access** tab. 3. Re-save the affected proxy host(s).

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@tromanshow commented on GitHub (Jan 9, 2022):

Hi guys,
I got hte same error today on lastet 2.9.14...
I try to setup a LAN only acces so put an acces list with local 192.168.0.0/24 network and user. I got 403 Forbidden ( openresty )
I can confirm that :

• HTTP/2 is disable
• Satisfy Any is untick

I got it working with satisfy any tick but therefore it's not ip restricted...

In logs i got this :
access forbidden by rule, client: , server: subdomain.mydomain.com request: "GET / HTTP/2.0", host: "subdomain.mydomain.com", referrer: "http://<ngnix_proxy_manager_IP>:81/"

<!-- gh-comment-id:1008338150 --> @tromanshow commented on GitHub (Jan 9, 2022): Hi guys, I got hte same error today on lastet 2.9.14... I try to setup a LAN only acces so put an acces list with local 192.168.0.0/24 network and user. I got 403 Forbidden ( openresty ) I can confirm that : - HTTP/2 is disable - Satisfy Any is untick I got it working with satisfy any tick but therefore it's not ip restricted... In logs i got this : access forbidden by rule, client: <IP>, server: subdomain.mydomain.com request: "GET / HTTP/2.0", host: "subdomain.mydomain.com", referrer: "http://<ngnix_proxy_manager_IP>:81/"

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@csulit commented on GitHub (Aug 25, 2022):

The issue still persists.

<!-- gh-comment-id:1226894643 --> @csulit commented on GitHub (Aug 25, 2022): The issue still persists.

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@mplacona commented on GitHub (Aug 26, 2022):

The issue still persists.

Can confirm this is still a problem in v2.9.18. Has anyone else been able to get this working?

<!-- gh-comment-id:1228286215 --> @mplacona commented on GitHub (Aug 26, 2022): > The issue still persists. Can confirm this is still a problem in v2.9.18. Has anyone else been able to get this working?

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@MrSmits commented on GitHub (Aug 30, 2022):

I thought I was doing something wrong, been messing with it for a while now. I'm on v2.9.18.
When trying to limit access to a website by IP addresses it does seem to work properly when using my LAN address, but not for public IP addresses...

I.e when I set below I can access the site from a machine in the 192.168.100.0/24 subnet, but not from a machine coming from that public IP.

<!-- gh-comment-id:1231384069 --> @MrSmits commented on GitHub (Aug 30, 2022): I thought I was doing something wrong, been messing with it for a while now. I'm on v2.9.18. When trying to limit access to a website by IP addresses it does seem to work properly when using my LAN address, but not for public IP addresses... I.e when I set below I can access the site from a machine in the 192.168.100.0/24 subnet, but not from a machine coming from that public IP. 

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@MrSmits commented on GitHub (Aug 30, 2022):

Think I found a workaround. I just manually placed the allow/deny rules in the custom configuration for the proxy host and it seems to work as it should there.
I now have my proxy host access control set to be publicly accesible but have the below custom config applied:

<!-- gh-comment-id:1231453474 --> @MrSmits commented on GitHub (Aug 30, 2022): Think I found a workaround. I just manually placed the allow/deny rules in the custom configuration for the proxy host and it seems to work as it should there. I now have my proxy host access control set to be publicly accesible but have the below custom config applied: 

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@mplacona commented on GitHub (Aug 30, 2022):

I wonder if there are any drawbacks to doing it this way. But if not, that’s a great find!

Edit: And the above totally works btw! Thank you @MrSmits

<!-- gh-comment-id:1231527594 --> @mplacona commented on GitHub (Aug 30, 2022): I wonder if there are any drawbacks to doing it this way. But if not, that’s a great find! Edit: And the above totally works btw! Thank you @MrSmits

kerem commented 2026-02-26 06:32:18 +03:00

Author

Owner

Copy link

@MrSmits commented on GitHub (Aug 30, 2022):

No problem.

I think the major difference is that doing it this way the access control list works for the entire proxy host.
When you use the NPM GUI I think it sets the access list only on location /, which means if you add custom locations under a proxy host that those aren't secured by the access list. But this is just from what I observed by briefly looking at the proxy host config files that NPM generates when you select an access list.
I'll take another look later at things and do some more testing, I'm not a developer so not sure how much help this is for the NPM project but I can mess around with Nginx itself just fine :)

<!-- gh-comment-id:1232063845 --> @MrSmits commented on GitHub (Aug 30, 2022): No problem. I think the major difference is that doing it this way the access control list works for the entire proxy host. When you use the NPM GUI I think it sets the access list only on location /, which means if you add custom locations under a proxy host that those aren't secured by the access list. But this is just from what I observed by briefly looking at the proxy host config files that NPM generates when you select an access list. I'll take another look later at things and do some more testing, I'm not a developer so not sure how much help this is for the NPM project but I can mess around with Nginx itself just fine :)

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@zzzealed commented on GitHub (Dec 29, 2022):

Hey, I am experiencing a similar issue.
When I use an Access List with no authorization, I am send to a "403 Forbidden openresty".
This is still happening with "HTTP/2 Support" on/off, "Satisfy Any" on/off & even with the "Custom Nginx Configuration" configured and Access List set to "Public".

But if I use an Access List with authorization credentials, I can access my page. The only problem is, it seems to not be following the rules I set for the Access List from my testing.

Is there any workaround for this that I haven't tried?
Thanks./

<!-- gh-comment-id:1367045885 --> @zzzealed commented on GitHub (Dec 29, 2022): Hey, I am experiencing a similar issue. When I use an Access List with no authorization, I am send to a "403 Forbidden openresty". This is still happening with "HTTP/2 Support" on/off, "Satisfy Any" on/off & even with the "Custom Nginx Configuration" configured and Access List set to "Public". But if I use an Access List with authorization credentials, I can access my page. The only problem is, it seems to not be following the rules I set for the Access List from my testing. Is there any workaround for this that I haven't tried? Thanks./

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@zgorizzo69 commented on GitHub (Dec 30, 2022):

I got it working with basic auth with:
inside ACL

• satisfy any : off
• allow : all
• deny : all

in the proxy settings:

• block common exploit: on
• I have a custom SSL cert but everything else off ( force ssl:off http/2:off)

note that it was working with public access so I recommend you first check that it works in public mode before trying to set it up with basic auth

<!-- gh-comment-id:1367959574 --> @zgorizzo69 commented on GitHub (Dec 30, 2022): I got it working with `basic auth` with: inside `ACL` - `satisfy any` : off - `allow` : all - `deny` : all in the `proxy` settings: - `block common exploit`: on - I have a `custom SSL` cert but everything else off ( `force ssl`:off `http/2`:off) note that it was working with public access so I recommend you first check that it works in public mode before trying to set it up with basic auth

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@zzzealed commented on GitHub (Jan 5, 2023):

Yeah, but I am looking to use my service without auth but just locally. Even thought I set the settings for it only being accessible locally, it's still accessible publicly.

<!-- gh-comment-id:1371886532 --> @zzzealed commented on GitHub (Jan 5, 2023): > Yeah, but I am looking to use my service without auth but just locally. Even thought I set the settings for it only being accessible locally, it's still accessible publicly.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@MrSmits commented on GitHub (Jan 5, 2023):

What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP)

<!-- gh-comment-id:1371944131 --> @MrSmits commented on GitHub (Jan 5, 2023): What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP)

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@zgorizzo69 commented on GitHub (Jan 5, 2023):

What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP)

through wan with a port forward on router I access my local lan server where npm is installed

<!-- gh-comment-id:1372143798 --> @zgorizzo69 commented on GitHub (Jan 5, 2023): > What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP) through wan with a port forward on router I access my local lan server where npm is installed

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@MrSmits commented on GitHub (Jan 5, 2023):

What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP)

through wan with a port forward on router I access my local lan server where npm is installed

Sorry, question was for @Wraaath

<!-- gh-comment-id:1372170924 --> @MrSmits commented on GitHub (Jan 5, 2023): > > What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP) > > through wan with a port forward on router I access my local lan server where npm is installed Sorry, question was for @Wraaath

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@zzzealed commented on GitHub (Jan 5, 2023):

What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP)

I'm accessing my service through the domain I assigned.

<!-- gh-comment-id:1372744085 --> @zzzealed commented on GitHub (Jan 5, 2023): > What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP) I'm accessing my service through the domain I assigned.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@MrSmits commented on GitHub (Jan 5, 2023):

What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP)

I'm accessing my service through the domain I assigned.

So you are accessing the host from you LAN on a public IP adress, presumably through NAT loopback? Have you tried setting an allow for you WAN address?

<!-- gh-comment-id:1372799734 --> @MrSmits commented on GitHub (Jan 5, 2023): > > What is your LAN IP and how are you trying to access the website? (Via LAN IP or hostname or WAN IP) > > I'm accessing my service through the domain I assigned. So you are accessing the host from you LAN on a public IP adress, presumably through NAT loopback? Have you tried setting an allow for you WAN address?

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@tomshomelab commented on GitHub (Jan 5, 2023):

192.168.0.0/24

hi there, the above does not work sadly.

i am able to access the site through public mode first, adding your steps gives me 403 forbidden - issue still persists

<!-- gh-comment-id:1372803044 --> @tomshomelab commented on GitHub (Jan 5, 2023): > 192.168.0.0/24 hi there, the above does not work sadly. i am able to access the site through public mode first, adding your steps gives me 403 forbidden - issue still persists

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@MrSmits commented on GitHub (Jan 5, 2023):

The workaround I've posted is working perfectly fine for me till date, latest npm.
It can be something to you networking setup that is different from mine, so double check the IP adresses your connecting from and to. Also make sure you have no syntax errors in the advanced config page.

<!-- gh-comment-id:1372813414 --> @MrSmits commented on GitHub (Jan 5, 2023): The workaround I've posted is working perfectly fine for me till date, latest npm. It can be something to you networking setup that is different from mine, so double check the IP adresses your connecting from and to. Also make sure you have no syntax errors in the advanced config page.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@elexx commented on GitHub (Jul 5, 2023):

I got it working with basic auth with: inside ACL

• satisfy any : off
• allow : all
• deny : all

in the proxy settings:

• block common exploit: on
• I have a custom SSL cert but everything else off ( force ssl:off http/2:off)

note that it was working with public access so I recommend you first check that it works in public mode before trying to set it up with basic auth

I played around with this exact settings and it seems the order is important:

• Set allow: all in ACL
• Modify the proxy host in any way (toggle any button and save)

To me it looks like the ACL allow: all is the important part. But it seems it doesn't get picked up automatically but only after reloading the host config, for example by changing anything and clicking "save".

I hope this helps to further diagnose the issue or at least as workaround.

<!-- gh-comment-id:1621836328 --> @elexx commented on GitHub (Jul 5, 2023): > I got it working with `basic auth` with: inside `ACL` > > * `satisfy any` : off > * `allow` : all > * `deny` : all > > in the `proxy` settings: > > * `block common exploit`: on > * I have a `custom SSL` cert but everything else off ( `force ssl`:off `http/2`:off) > > note that it was working with public access so I recommend you first check that it works in public mode before trying to set it up with basic auth I played around with this exact settings and it seems the order is important: * Set `allow: all` in ACL * Modify the proxy host in any way (toggle any button and save) To me it looks like the ACL `allow: all` is the important part. But it seems it doesn't get picked up automatically but only after reloading the host config, for example by changing anything and clicking "save". I hope this helps to further diagnose the issue or at least as workaround.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@mxbchr commented on GitHub (Sep 12, 2023):

I tried every possible combination of configurations in the last two hours.
What reliably fixed it for me is this:

1. Creating a "Allow 0.0.0.0/0" rule in the Access List Tab
2. Deactivating "Satisfy Any" in ACL Tab
3. Create a NEW Proxy Host.
4. Deactivating HTST, HTST Subdomains and HTTP/2 in the Proxy Host Tab. Force SSL works for me when everything else is off.

And yes. It is crucial to first create the ACL and then create a NEW Proxy Host. Adding the ACL to an existing proxy host will result in 403 error, or in logging in having no effect and login window showing over and over again.

Note: When I misconfigured it i had to "clear the site data" in the browser for it to work again once it was configured right.

And just in case someone doesn't know (as I did 2h ago). You can auto login if you use this url scheme:
https.//username:password@example.com/
Hope this helps.

<!-- gh-comment-id:1716506322 --> @mxbchr commented on GitHub (Sep 12, 2023): I tried every possible combination of configurations in the last two hours. What reliably fixed it for me is this: 1. Creating a "Allow 0.0.0.0/0" rule in the Access List Tab 2. Deactivating "Satisfy Any" in ACL Tab 3. Create a NEW Proxy Host. 4. Deactivating HTST, HTST Subdomains and HTTP/2 in the Proxy Host Tab. Force SSL works for me when everything else is off. And yes. It is crucial to first create the ACL and then create a NEW Proxy Host. Adding the ACL to an existing proxy host will result in 403 error, or in logging in having no effect and login window showing over and over again. Note: When I misconfigured it i had to "clear the site data" in the browser for it to work again once it was configured right. And just in case someone doesn't know (as I did 2h ago). You can auto login if you use this url scheme: https.//username:password@example.com/ Hope this helps.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@l4kr commented on GitHub (Sep 20, 2023):

Basic functionality working like ass makes me question the security of this whole project...

<!-- gh-comment-id:1727934743 --> @l4kr commented on GitHub (Sep 20, 2023): Basic functionality working like ass makes me question the security of this whole project...

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@viseshrp commented on GitHub (Sep 20, 2023):

Basic functionality working like ass makes me question the security of this whole project...

It did not gain 15k stars by 'working like ass'. Show some respect.
And I'm sorry, how much did you pay for this again? That's right. Nothing. It's free software. If you do not like it, move on.

<!-- gh-comment-id:1727948691 --> @viseshrp commented on GitHub (Sep 20, 2023): > Basic functionality working like ass makes me question the security of this whole project... It did not gain 15k stars by 'working like ass'. Show some respect. And I'm sorry, how much did you pay for this again? That's right. Nothing. It's free software. If you do not like it, move on.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@BobWs commented on GitHub (Nov 14, 2023):

I'm having similar problems with NPM and access list to restrict acces to only on specific IP address.
I have tried all the suggestions above but none is working for me. I'm on the latest NPM (2.10.4) install on docker on a Synology Host.

So basically when I add the specific IP I want to grant access I'm getting the forbidden page, when I remove the restriction it is working.

(this didn't work)

Any suggestions how to fix this? I would like to grant a specific IP address to my webdav server this way.
TIA

<!-- gh-comment-id:1810158919 --> @BobWs commented on GitHub (Nov 14, 2023): I'm having similar problems with NPM and access list to restrict acces to only on specific IP address. I have tried all the suggestions above but none is working for me. I'm on the latest NPM (2.10.4) install on docker on a Synology Host. So basically when I add the specific IP I want to grant access I'm getting the forbidden page, when I remove the restriction it is working.  (this didn't work) Any suggestions how to fix this? I would like to grant a specific IP address to my webdav server this way. TIA

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@MrSmits commented on GitHub (Nov 14, 2023):

Make sure you add the allow entries for the correct IP and subnet adresses, should just work.
It's always worked fine for me :)

<!-- gh-comment-id:1810167200 --> @MrSmits commented on GitHub (Nov 14, 2023): Make sure you add the allow entries for the correct IP and subnet adresses, should just work. It's always worked fine for me :)

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@BobWs commented on GitHub (Nov 14, 2023):

Make sure you add the allow entries for the correct IP and subnet adresses, should just work.
It's always worked fine for me :)

Thanks but yes, I have set the correct IP (double checked it with what's-my-IP), but still no access. When I remove the entry it is working, but then it is open to everyone and that is not what I want.

<!-- gh-comment-id:1810173663 --> @BobWs commented on GitHub (Nov 14, 2023): > Make sure you add the allow entries for the correct IP and subnet adresses, should just work. > It's always worked fine for me :) Thanks but yes, I have set the correct IP (double checked it with what's-my-IP), but still no access. When I remove the entry it is working, but then it is open to everyone and that is not what I want.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@4lexKidd commented on GitHub (Jan 3, 2024):

Had the same issue and seams to still persist.
I got the issue fixed but here is my setup so you can relate:
I have nginxpm set up using a fixed domain and a fixed public ip address.
I tried several configurations and orders of saving and nothing seamed to work with local ip ranges (192.xxx.yyy.zzz/16 or /24). Due to the nature of accessing my services through subdomains, all requests were routed externally (me>>domainprovider>>me) and therefor ariving whith my non-changing public ip.

My ruleset for the ACL is:

• Satisfy Any -> ON
• 2 User Accounts that have to be logged in if the request is not from my home-net
• Access Rules are (in this order):
  Allow -> Public ip
  Allow -> 192.168.0.0/16 (just to save myself from shananigans; might not be nessesary)
  Deny -> all

Works like intended and even does not need the mentioned saving order trickery but i cannot say if this will work if you do not route outside of your network(pure local only).

<!-- gh-comment-id:1875287349 --> @4lexKidd commented on GitHub (Jan 3, 2024): Had the same issue and seams to still persist. I got the issue fixed but here is my setup so you can relate: I have nginxpm set up using a fixed domain and a fixed public ip address. I tried several configurations and orders of saving and nothing seamed to work with local ip ranges (192.xxx.yyy.zzz/16 or /24). Due to the nature of accessing my services through subdomains, all requests were routed externally (me>>domainprovider>>me) and therefor ariving whith my non-changing public ip. My ruleset for the ACL is: - Satisfy Any -> ON - 2 User Accounts that have to be logged in if the request is not from my home-net - Access Rules are (in this order): Allow -> Public ip Allow -> 192.168.0.0/16 (just to save myself from shananigans; might not be nessesary) Deny -> all Works like intended and even does not need the mentioned saving order trickery but i cannot say if this will work if you do not route outside of your network(pure local only).

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@enkelmedia commented on GitHub (Jan 4, 2024):

I had the same issue. It seems to be happening only when HTTP/2 Support is active on the proxy. After I disabled it, it asked me for login and it worked.

In my case it was the other way around, after activating HTTP2 for the host it started to ask for auth.

Browser: Chrome
Nginx: v2.10.4

<!-- gh-comment-id:1877142381 --> @enkelmedia commented on GitHub (Jan 4, 2024): > I had the same issue. It seems to be happening only when `HTTP/2 Support` is active on the proxy. After I disabled it, it asked me for login and it worked. In my case it was the other way around, after activating HTTP2 for the host it started to ask for auth. Browser: Chrome Nginx: v2.10.4

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Jul 11, 2024):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2221839331 --> @github-actions[bot] commented on GitHub (Jul 11, 2024): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@BananaAcid commented on GitHub (Jul 19, 2024):

Still a pain.

<!-- gh-comment-id:2239823594 --> @BananaAcid commented on GitHub (Jul 19, 2024): Still a pain.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@towerplease commented on GitHub (Oct 25, 2024):

Error still exists. I it actually worked for me like 2 months and now it stopped.

I have a Access-List with 3 Login/Password combinations, which were used for Website-Development.

Not i have to configure it as public, as all incoming requests are instantly a 403-forbidden.

Also, when i want to change a password for a user, i get this error, when not changing the others.

Next issue:

When adding Users, all added but not saved users are getting cleared when pressing "Add":

1 User added:

Now press "Add" again:

Line added, but everything else is cleared.

This function seems to be a mess right now.

<!-- gh-comment-id:2437442945 --> @towerplease commented on GitHub (Oct 25, 2024): Error still exists. I it actually worked for me like 2 months and now it stopped. I have a Access-List with 3 Login/Password combinations, which were used for Website-Development. Not i have to configure it as public, as all incoming requests are instantly a 403-forbidden. Also, when i want to change a password for a user, i get this error, when not changing the others.  Next issue: When adding Users, all added but not saved users are getting cleared when pressing "Add": 1 User added:  Now press "Add" again:  Line added, but everything else is cleared. This function seems to be a mess right now.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@EvilrootNix commented on GitHub (Oct 25, 2024):

Same issue, but, a workaround is setup http/2 and force ssl in the host.
The other issue with this is that if i want edit the ACL post creation, i can't, because show me a msgbox "data/items/0/password must NOT have fewer than 1 characters", so, I have to delete the ACL and recreate it.

<!-- gh-comment-id:2438639639 --> @EvilrootNix commented on GitHub (Oct 25, 2024): Same issue, but, a workaround is setup http/2 and force ssl in the host. The other issue with this is that if i want edit the ACL post creation, i can't, because show me a msgbox "data/items/0/password must NOT have fewer than 1 characters", so, I have to delete the ACL and recreate it.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@towerplease commented on GitHub (Oct 25, 2024):

EvilrootNix

I also tried to activate http/2 and force ssl (my default) and issue is still present.

<!-- gh-comment-id:2438645853 --> @towerplease commented on GitHub (Oct 25, 2024): > [EvilrootNix](/EvilrootNix) I also tried to activate http/2 and force ssl (my default) and issue is still present.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@EvilrootNix commented on GitHub (Oct 25, 2024):

EvilrootNix

I also tried to activate http/2 and force ssl (my default) and issue is still present.

Disable it, delete the ACL, enable http/2 on the host, create the ACL and finally setup the ACL in the host.

<!-- gh-comment-id:2438648675 --> @EvilrootNix commented on GitHub (Oct 25, 2024): > > [EvilrootNix](/EvilrootNix) > > I also tried to activate http/2 and force ssl (my default) and issue is still present. Disable it, delete the ACL, enable http/2 on the host, create the ACL and finally setup the ACL in the host.

kerem commented 2026-02-26 06:32:19 +03:00

Author

Owner

Copy link

@BobWs commented on GitHub (Oct 26, 2024):

This issue was reported back in 2020, and four years later, it remains unresolved. It's difficult for me to believe that it will ever be fixed!

<!-- gh-comment-id:2439409275 --> @BobWs commented on GitHub (Oct 26, 2024): This issue was reported back in 2020, and four years later, it remains unresolved. It's difficult for me to believe that it will ever be fixed!

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@bill340 commented on GitHub (Oct 27, 2024):

Same here... Alle you mentioned does not fix it.
It behaves like if the "Satisfy any" switch is ignored.
It ALWAYS asks for user/PW even if I have 0.0.0.0/0 allowed in the access list for testing.
It always behaves like "Satisfy all".

<!-- gh-comment-id:2440165362 --> @bill340 commented on GitHub (Oct 27, 2024): Same here... Alle you mentioned does not fix it. It behaves like if the "Satisfy any" switch is ignored. It ALWAYS asks for user/PW even if I have 0.0.0.0/0 allowed in the access list for testing. It always behaves like "Satisfy all".

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@kozhevyatov commented on GitHub (Oct 28, 2024):

same problem
but! I didn't have this problem when the database was in FILES!
I moved it to MySQL - I have 403 in any case settings

now i have 2 servers npm, one with files database and one in MySQL
basic auth with db in files - work, in mysql - no

<!-- gh-comment-id:2440456788 --> @kozhevyatov commented on GitHub (Oct 28, 2024): same problem but! I didn't have this problem when the database was in FILES! I moved it to MySQL - I have 403 in any case settings now i have 2 servers npm, one with files database and one in MySQL basic auth with db in files - work, in mysql - no

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@EvilrootNix commented on GitHub (Oct 28, 2024):

same problem but! I didn't have this problem when the database was in FILES! I moved it to MySQL - I have 403 in any case settings

now i have 2 servers npm, one with files database and one in MySQL basic auth with db in files - work, in mysql - no

with files database, do you mean sqlite?

<!-- gh-comment-id:2440671046 --> @EvilrootNix commented on GitHub (Oct 28, 2024): > same problem but! I didn't have this problem when the database was in FILES! I moved it to MySQL - I have 403 in any case settings > > now i have 2 servers npm, one with files database and one in MySQL basic auth with db in files - work, in mysql - no with files database, do you mean sqlite?

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@kozhevyatov commented on GitHub (Oct 28, 2024):

same problem but! I didn't have this problem when the database was in FILES! I moved it to MySQL - I have 403 in any case settings
now i have 2 servers npm, one with files database and one in MySQL basic auth with db in files - work, in mysql - no

with files database, do you mean sqlite?

yep! sqlite

<!-- gh-comment-id:2441972936 --> @kozhevyatov commented on GitHub (Oct 28, 2024): > > same problem but! I didn't have this problem when the database was in FILES! I moved it to MySQL - I have 403 in any case settings > > now i have 2 servers npm, one with files database and one in MySQL basic auth with db in files - work, in mysql - no > > with files database, do you mean sqlite? yep! sqlite

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@Tuncay-Ayhan commented on GitHub (Nov 6, 2024):

Same here... Alle you mentioned does not fix it. It behaves like if the "Satisfy any" switch is ignored. It ALWAYS asks for user/PW even if I have 0.0.0.0/0 allowed in the access list for testing. It always behaves like "Satisfy all".

Thanks stranger. 0.0.0.0/0 worked for me, as I also have a password set up!

<!-- gh-comment-id:2459001288 --> @Tuncay-Ayhan commented on GitHub (Nov 6, 2024): > Same here... Alle you mentioned does not fix it. It behaves like if the "Satisfy any" switch is ignored. It ALWAYS asks for user/PW even if I have 0.0.0.0/0 allowed in the access list for testing. It always behaves like "Satisfy all". Thanks stranger. 0.0.0.0/0 worked for me, as I also have a password set up!

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@kozhevyatov commented on GitHub (Nov 8, 2024):

yes, 0.0.0.0/0 worked for me too
thanks

<!-- gh-comment-id:2463678744 --> @kozhevyatov commented on GitHub (Nov 8, 2024): yes, 0.0.0.0/0 worked for me too thanks

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@gitmicha79 commented on GitHub (Nov 9, 2024):

Same error in v3.12.x but it works with v3.11.3

<!-- gh-comment-id:2466139857 --> @gitmicha79 commented on GitHub (Nov 9, 2024): Same error in v3.12.x but it works with v3.11.3

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@demonkazuya commented on GitHub (Nov 9, 2024):

adding 0.0.0.0/0 (allow all ip) seems to work for me as well. Looks like the option to satisfy any doesn't work since you still need to allow any ip to connect. Seems like the ACL defualts to deny any..

<!-- gh-comment-id:2466411101 --> @demonkazuya commented on GitHub (Nov 9, 2024): adding 0.0.0.0/0 (allow all ip) seems to work for me as well. Looks like the option to satisfy any doesn't work since you still need to allow any ip to connect. Seems like the ACL defualts to deny any..

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@sanello84 commented on GitHub (Nov 19, 2024):

I think this was said previously, NPM web UI doesn't seem to be setting 'Satisify Any' when triggered.

After setting up User/pass and allow IPs, I went into the proxy_host ##.conf and manually set 'satisfy all' to 'satisfy any'. This should get you the desired behavior with NPM not prompting for creds with IPs in the whitelist, and prompting for creds with everything else.

Just don't touch the host or access list afterwards as it'll reset the satisfy parameter back to 'all'.

<!-- gh-comment-id:2484709835 --> @sanello84 commented on GitHub (Nov 19, 2024): I think this was said previously, NPM web UI doesn't seem to be setting 'Satisify Any' when triggered. After setting up User/pass and allow IPs, I went into the proxy_host ##.conf and manually set 'satisfy all' to 'satisfy any'. This should get you the desired behavior with NPM not prompting for creds with IPs in the whitelist, and prompting for creds with everything else. Just don't touch the host or access list afterwards as it'll reset the satisfy parameter back to 'all'.

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@Madjarx commented on GitHub (Dec 24, 2024):

@sanello84 Can confirm, web UI doesnt seem to properly make changes in the nginx volumes

I've ran a docker compose stack that includes the nginx-proxy-manager and im using docker volumes mapped to the ./volumes/nginx

i've been playing around for a while, starting/restarting, making changes and from what i can tell is that some features on the UI (creating proxy hosts) work okay but the access host seems buggy

<!-- gh-comment-id:2560451575 --> @Madjarx commented on GitHub (Dec 24, 2024): @sanello84 Can confirm, web UI doesnt seem to properly make changes in the nginx volumes I've ran a docker compose stack that includes the nginx-proxy-manager and im using docker volumes mapped to the `./volumes/nginx` i've been playing around for a while, starting/restarting, making changes and from what i can tell is that some features on the UI (creating proxy hosts) work okay but the access host seems buggy

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@digitaltim-de commented on GitHub (Jan 9, 2025):

Allow 0.0.0.0/0 worked for me too.

<!-- gh-comment-id:2579230053 --> @digitaltim-de commented on GitHub (Jan 9, 2025): Allow 0.0.0.0/0 worked for me too.

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@sir-telengard commented on GitHub (Jun 15, 2025):

Thanking this thread for being here as it solved this very same issue for me today.

<!-- gh-comment-id:2973397515 --> @sir-telengard commented on GitHub (Jun 15, 2025): Thanking this thread for being here as it solved this very same issue for me today.

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@Mixpower commented on GitHub (Sep 16, 2025):

Allow 0.0.0.0/0 worked for me too.

Now you let anyone in, the access list is pointless if you add this.

<!-- gh-comment-id:3298996660 --> @Mixpower commented on GitHub (Sep 16, 2025): > Allow 0.0.0.0/0 worked for me too. Now you let anyone in, the access list is pointless if you add this.

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@Tuncay-Ayhan commented on GitHub (Sep 18, 2025):

Allow 0.0.0.0/0 worked for me too.

Now you let anyone in, the access list is pointless if you add this.

Not entirely. I'm also using authentication based on username and password.

<!-- gh-comment-id:3305254227 --> @Tuncay-Ayhan commented on GitHub (Sep 18, 2025): > > Allow 0.0.0.0/0 worked for me too. > > Now you let anyone in, the access list is pointless if you add this. Not entirely. I'm also using authentication based on username and password.

kerem commented 2026-02-26 06:32:20 +03:00

Author

Owner

Copy link

@BananaAcid commented on GitHub (Sep 19, 2025):

Looks like, there should be an UI optimization or help text - as long as this is not fixable …

<!-- gh-comment-id:3311770574 --> @BananaAcid commented on GitHub (Sep 19, 2025): Looks like, there should be an UI optimization or help text - as long as this is not fixable …

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#326

No description provided.