: Webmin: Cannot login through nginx reverse proxy I've created a reverse proxy for webmin through nginx to run webmin at [site domain]/webmin instead of port 10000 ([site domain]:10000). When I
I've created a reverse proxy for webmin through nginx to run webmin at [site domain]/webmin instead of port 10000 ([site domain]:10000).
When I go to [site domain]/webmin, the login page shows up as you'd expect-- but when I try to login, the login page simply reloads (no error message, no success). The login page has all assets (images, js, etc.) properly loaded.
Looking at /var/webmin/miniserv.log, I'm seeing:
105.23.149.76 - - [26/Jul/2015:14:07:13 -0400] "POST //session_login.cgi HTTP/1.0" 401 2892
Note the 401 (not authorized) error status.
Before I set up the reverse proxy, successful logins looked like this:
145.23.98.124 - - [26/Jul/2015:13:34:38 -0400] "GET /admin/config/session_login.cgi HTTP/1.1" 401 2840
145.23.98.124 - root [26/Jul/2015:13:34:44 -0400] "POST /session_login.cgi HTTP/1.1" 200 871
My system auth log isn't getting pinged by the login attempts, so webmin isn't even making the login call via PEM (it's getting stopped before that).
Does anybody know what could explain this 401 error in my log, or more generally, what might be keeping webmin login from working?
Many thanks!
nginx config:
server {
listen 443 ssl;
server_name site.example.com;
ssl on;
ssl_certificate [ssl cert].crt;
ssl_certificate_key [ssl key].key;
ssl_protocols [ssl protocols];
ssl_ciphers [ssl ciphers];
location /webmin {
proxy_redirect 127.0.0.1:10000/ site.example.com/webmin/; proxy_pass 127.0.0.1:10000/; proxy_set_header Host $host:$server_port;
}
}
More posts by @Gloria169
2 Comments
Sorted by latest first Latest Oldest Best
Check out my answer to this post on StackOverflow:
stackoverflow.com/questions/27581863/webmin-login-keeps-looping-to-session-login-cgi/34229974#34229974
It pertains directly to Apache, but the concepts are likely still applicable.
It sounds like your web browser is naturally caching the problematic login pages and/or the headers returned for the login pages are not correct.
Check the speed of the page load. When you login and press the login button, if the load time is ridiculously fast compared to the first time the login screen has loaded, then you know that the previous page was cached and then being reloaded.
To workaround this problem temporarily, configure your web browser to disable all forms of caching and turn on cookies.
There's also a possibility that cookie values were not used at the time the page is requested after successful login. This results in every user seeing the same content as a guest would.
If you want to go more technical, then look for HTTP headers on each request using an advanced command line tool like CURL or maybe webpagetest.org may help as well, especially with page timings. The most important header to look for is:
Set-Cookie
Once the login button is selected and the correct credentials are used, then the response that is returned back to the browser should come with HTTP headers that contain Set-Cookie to indicate a user is logged in so that the next time a page from the same site is loaded in the same browser, a cookie is sent to the server to indicate the user has already logged in before.
And if you want to increase the chances of server requests being logged from you, just turn off caching for a while and do your testing. You might see a few repeated entries, especially if your pages always contain the same image.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.