starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-25 09:25:55 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #420] Access list "Satisfy All" requiring BasicAuth on trusted subnet. #353

New issue
Closed
opened 2026-02-26 06:32:31 +03:00 by kerem · 7 comments
kerem commented 2026-02-26 06:32:31 +03:00
Owner
Copy link

Originally created by @Chewza on GitHub (May 24, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/420

UPDATE NOTE: Having thought about this a little more I've identified the issue. The redirected hosts are currently being proxied by cloudflare. As I am running all DNS through cloudflare and don't have any of these addresses defined in my local dns server even though I'm home, I'm going out to cloudflare to come back in. Thus I think the only way to accomplish what I'm after would be to define the local dns entries I need. While it would be nice to not have to do this I understand why it's happening.

Unless I'm missing something as to a way Nginx PM can read my local IP address even coming through cloudflare when I'm here at home, this issue can be closed.

Checklist

  • Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
    Yes
  • Are you sure you're not using someone else's docker image?
    Yes
  • If having problems with Lets Encrypt, have you made absolutely sure your site is accessible from outside of your network?
    Not an LE issue.

Describe the bug
Selecting "satisfy any" on an access list with both authorization and ip range entered, browsing from a machine on the 10.1.1.0/24 subnet which is defined in the access tab of the access list settings still prompts me for authorization.

  • What version of Nginx Proxy Manager is reported on the login page?
    2.2.4

To Reproduce

  1. Define authorization user
  2. Define allowed ip range (I'm using 10.1.1.0/24)
  3. Select satisfy any on main tab.
  4. Attach access list to redirected host
  5. Attempt to access redirected host from machine on 10.1.1.0/24 subnet
  6. Prompted for username and password.

Expected behavior
When satisfy any for the access list is selected, and I'm browsing from an allowed subnet, in this case 10.1.1.0/24 I would expect NOT to be prompted for login.

Screenshots
image
image
image

Operating System
Docker image running on ubuntu 20.04

Additional context
N/A

Originally created by @Chewza on GitHub (May 24, 2020). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/420 UPDATE NOTE: Having thought about this a little more I've identified the issue. The redirected hosts are currently being proxied by cloudflare. As I am running all DNS through cloudflare and don't have any of these addresses defined in my local dns server even though I'm home, I'm going out to cloudflare to come back in. Thus I think the only way to accomplish what I'm after would be to define the local dns entries I need. While it would be nice to not have to do this I understand why it's happening. Unless I'm missing something as to a way Nginx PM can read my local IP address even coming through cloudflare when I'm here at home, this issue can be closed. **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? Yes - Are you sure you're not using someone else's docker image? Yes - If having problems with Lets Encrypt, have you made absolutely sure your site is accessible from outside of your network? Not an LE issue. **Describe the bug** Selecting "satisfy any" on an access list with both authorization and ip range entered, browsing from a machine on the 10.1.1.0/24 subnet which is defined in the access tab of the access list settings still prompts me for authorization. - What version of Nginx Proxy Manager is reported on the login page? 2.2.4 **To Reproduce** 1) Define authorization user 2) Define allowed ip range (I'm using 10.1.1.0/24) 3) Select satisfy any on main tab. 4) Attach access list to redirected host 5) Attempt to access redirected host from machine on 10.1.1.0/24 subnet 6) Prompted for username and password. **Expected behavior** When satisfy any for the access list is selected, and I'm browsing from an allowed subnet, in this case 10.1.1.0/24 I would expect NOT to be prompted for login. **Screenshots** ![image](https://user-images.githubusercontent.com/8115774/82744009-0cb75d00-9d41-11ea-8cc9-7fa40c7667de.png) ![image](https://user-images.githubusercontent.com/8115774/82744017-1ccf3c80-9d41-11ea-9433-7443df6cbbc3.png) ![image](https://user-images.githubusercontent.com/8115774/82744001-f27d7f00-9d40-11ea-9297-a7ee7b76b745.png) **Operating System** Docker image running on ubuntu 20.04 **Additional context** N/A
kerem 2026-02-26 06:32:31 +03:00
  • closed this issue
  • added the
    stale
    bug
         labels
kerem commented 2026-02-26 06:32:31 +03:00
Author
Owner
Copy link

@Chewza commented on GitHub (May 24, 2020):

Please see update note at top of original issue submission.

<!-- gh-comment-id:633174144 --> @Chewza commented on GitHub (May 24, 2020): Please see update note at top of original issue submission.
kerem commented 2026-02-26 06:32:31 +03:00
Author
Owner
Copy link

@R0GGER commented on GitHub (Jun 1, 2020):

Exact same issue here...
I also use Cloudflare DNS, but not using setting "Proxied" but just "DNS only".
I don't think it has anything to do with using Cloudflare...

<!-- gh-comment-id:637030426 --> @R0GGER commented on GitHub (Jun 1, 2020): Exact same issue here... I also use Cloudflare DNS, but not using setting "Proxied" but just "DNS only". I don't think it has anything to do with using Cloudflare...
kerem commented 2026-02-26 06:32:31 +03:00
Author
Owner
Copy link

@R0GGER commented on GitHub (Jun 10, 2020):

Version 2.3.1 solved my issue. What about you @Chewza ?

<!-- gh-comment-id:641963771 --> @R0GGER commented on GitHub (Jun 10, 2020): Version 2.3.1 solved my issue. What about you @Chewza ?
kerem commented 2026-02-26 06:32:31 +03:00
Author
Owner
Copy link

@Chewza commented on GitHub (Jun 10, 2020):

Unfortunately I haven't had a chance to test recent updates myself. I had to work around the issue by managing split brain DNS.

<!-- gh-comment-id:641996212 --> @Chewza commented on GitHub (Jun 10, 2020): Unfortunately I haven't had a chance to test recent updates myself. I had to work around the issue by managing split brain DNS.
kerem commented 2026-02-26 06:32:31 +03:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Mar 29, 2024):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2026458335 --> @github-actions[bot] commented on GitHub (Mar 29, 2024): Issue is now considered stale. If you want to keep it open, please comment :+1:
kerem commented 2026-02-26 06:32:31 +03:00
Author
Owner
Copy link

@beer73 commented on GitHub (Feb 22, 2025):

Hi, just to comment that I had exactly the same problem with version 2.12.1, but after updating to version 2.12.3 the problem has disappeared and the Access Lists now work as they should.

<!-- gh-comment-id:2676424943 --> @beer73 commented on GitHub (Feb 22, 2025): Hi, just to comment that I had exactly the same problem with version 2.12.1, but after updating to version 2.12.3 the problem has disappeared and the Access Lists now work as they should.
kerem commented 2026-02-26 06:32:31 +03:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Nov 12, 2025):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:3519567929 --> @github-actions[bot] commented on GitHub (Nov 12, 2025): Issue is now considered stale. If you want to keep it open, please comment :+1:
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#353
No description provided.