mirror of
https://github.com/qbittorrent/qBittorrent.git
synced 2024-10-22 02:36:15 +03:00
clean up and simplify reference configuration
parent
c06bd79920
commit
9b7c174800
1 changed files with 40 additions and 13 deletions
|
@ -1,25 +1,52 @@
|
|||
If you're using NGINX as a reverse proxy for Web UI, assuming your reverse proxy is local, your `location /qbt/` should have the following settings:
|
||||
This configuration allows you to use NGINX as a reverse proxy for the WebUI listening on a local address to expose it outside of your LAN, on the Web. It is assumed that your WebUI is configured to be accessible at `http://127.0.0.1:30000/`, and you wish to be able to access it outside of your LAN at `mywebsite.com/qbt`. Then, in the NGINX configuration used to serve `mywebsite.com`, your `location /qbt/` stanza should have the following settings:
|
||||
|
||||
```nginx
|
||||
location /qbt/ {
|
||||
proxy_pass http://127.0.0.1:8080/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
proxy_pass http://127.0.0.1:30000/;
|
||||
proxy_http_version 1.1;
|
||||
http2_push_preload on; # Enable http2 push
|
||||
|
||||
proxy_set_header Host 127.0.0.1:30000;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
# optionally, you can adjust the POST request size limit, to allow adding a lot of torrents at once:
|
||||
#client_max_body_size 100M;
|
||||
|
||||
# since v4.2.2, is possible to configure qBittorrent
|
||||
# to set the "Secure" flag for the session cookie automatically.
|
||||
# However, that option does nothing unless using qBittorrent's built-in HTTPS functionality.
|
||||
# For this use case, where qBittorrent itself is using plain HTTP
|
||||
# (and regardless of whether or not the external website uses HTTPS),
|
||||
# the flag must be set here, in the proxy configuration itself:
|
||||
proxy_cookie_path / "/; Secure";
|
||||
}
|
||||
```
|
||||
|
||||
Note: qBittorrent currently doesn't read the `X-Forwarded-For` header, so if you find yourself seeing `WebAPI login failure. Reason: IP has been banned, IP: 127.0.0.1` and needing to restart qBittorrent, you may want to set the ban after failure count to `0`.
|
||||
|
||||
---
|
||||
|
||||
Obsolete directives, no longer needed when using recent qBittorrent versions
|
||||
|
||||
- No longer required/discouraged since v4.1.2:
|
||||
|
||||
```nginx
|
||||
# The following directives effectively nullify Cross-site request forgery (CSRF)
|
||||
# protection mechanism in qBittorrent, only use them when you encountered connection problems.
|
||||
# You should consider disable "Enable Cross-site request forgery (CSRF) protection"
|
||||
# setting in qBittorrent instead of using these directives to tamper the headers.
|
||||
# The setting is located under "Options -> WebUI tab" in qBittorrent since v4.1.2.
|
||||
#proxy_hide_header Referer;
|
||||
#proxy_hide_header Origin;
|
||||
#proxy_set_header Referer '';
|
||||
#proxy_set_header Origin '';
|
||||
proxy_hide_header Referer;
|
||||
proxy_hide_header Origin;
|
||||
proxy_set_header Referer '';
|
||||
proxy_set_header Origin '';
|
||||
```
|
||||
|
||||
# Not needed since qBittorrent v4.1.0
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
}
|
||||
```
|
||||
- No longer required since v4.1.0:
|
||||
|
||||
Note: qBittorrent currently doesn't read the `X-Forwarded-For` header, so if you find yourself seeing `WebAPI login failure. Reason: IP has been banned, IP: 127.0.0.1` and needing to restart qBittorrent, you may want to set the ban after failure count to `0`.
|
||||
```nginx
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
```
|
Loading…
Reference in a new issue