mirror of
https://github.com/qbittorrent/qBittorrent.git
synced 2024-10-22 02:36:15 +03:00
clean up and simplify reference configuration
parent
c06bd79920
commit
9b7c174800
1 changed files with 40 additions and 13 deletions
|
@ -1,25 +1,52 @@
|
||||||
If you're using NGINX as a reverse proxy for Web UI, assuming your reverse proxy is local, your `location /qbt/` should have the following settings:
|
This configuration allows you to use NGINX as a reverse proxy for the WebUI listening on a local address to expose it outside of your LAN, on the Web. It is assumed that your WebUI is configured to be accessible at `http://127.0.0.1:30000/`, and you wish to be able to access it outside of your LAN at `mywebsite.com/qbt`. Then, in the NGINX configuration used to serve `mywebsite.com`, your `location /qbt/` stanza should have the following settings:
|
||||||
|
|
||||||
```nginx
|
```nginx
|
||||||
location /qbt/ {
|
location /qbt/ {
|
||||||
proxy_pass http://127.0.0.1:8080/;
|
proxy_pass http://127.0.0.1:30000/;
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
|
||||||
http2_push_preload on; # Enable http2 push
|
http2_push_preload on; # Enable http2 push
|
||||||
|
|
||||||
|
proxy_set_header Host 127.0.0.1:30000;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
|
||||||
|
# optionally, you can adjust the POST request size limit, to allow adding a lot of torrents at once:
|
||||||
|
#client_max_body_size 100M;
|
||||||
|
|
||||||
|
# since v4.2.2, is possible to configure qBittorrent
|
||||||
|
# to set the "Secure" flag for the session cookie automatically.
|
||||||
|
# However, that option does nothing unless using qBittorrent's built-in HTTPS functionality.
|
||||||
|
# For this use case, where qBittorrent itself is using plain HTTP
|
||||||
|
# (and regardless of whether or not the external website uses HTTPS),
|
||||||
|
# the flag must be set here, in the proxy configuration itself:
|
||||||
|
proxy_cookie_path / "/; Secure";
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
Note: qBittorrent currently doesn't read the `X-Forwarded-For` header, so if you find yourself seeing `WebAPI login failure. Reason: IP has been banned, IP: 127.0.0.1` and needing to restart qBittorrent, you may want to set the ban after failure count to `0`.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
Obsolete directives, no longer needed when using recent qBittorrent versions
|
||||||
|
|
||||||
|
- No longer required/discouraged since v4.1.2:
|
||||||
|
|
||||||
|
```nginx
|
||||||
# The following directives effectively nullify Cross-site request forgery (CSRF)
|
# The following directives effectively nullify Cross-site request forgery (CSRF)
|
||||||
# protection mechanism in qBittorrent, only use them when you encountered connection problems.
|
# protection mechanism in qBittorrent, only use them when you encountered connection problems.
|
||||||
# You should consider disable "Enable Cross-site request forgery (CSRF) protection"
|
# You should consider disable "Enable Cross-site request forgery (CSRF) protection"
|
||||||
# setting in qBittorrent instead of using these directives to tamper the headers.
|
# setting in qBittorrent instead of using these directives to tamper the headers.
|
||||||
# The setting is located under "Options -> WebUI tab" in qBittorrent since v4.1.2.
|
# The setting is located under "Options -> WebUI tab" in qBittorrent since v4.1.2.
|
||||||
#proxy_hide_header Referer;
|
proxy_hide_header Referer;
|
||||||
#proxy_hide_header Origin;
|
proxy_hide_header Origin;
|
||||||
#proxy_set_header Referer '';
|
proxy_set_header Referer '';
|
||||||
#proxy_set_header Origin '';
|
proxy_set_header Origin '';
|
||||||
|
```
|
||||||
|
|
||||||
# Not needed since qBittorrent v4.1.0
|
- No longer required since v4.1.0:
|
||||||
|
|
||||||
|
```nginx
|
||||||
add_header X-Frame-Options "SAMEORIGIN";
|
add_header X-Frame-Options "SAMEORIGIN";
|
||||||
}
|
```
|
||||||
```
|
|
||||||
|
|
||||||
Note: qBittorrent currently doesn't read the `X-Forwarded-For` header, so if you find yourself seeing `WebAPI login failure. Reason: IP has been banned, IP: 127.0.0.1` and needing to restart qBittorrent, you may want to set the ban after failure count to `0`.
|
|
Loading…
Reference in a new issue