nginx

4 readers

1 users here now

The nginx community on Reddit. Reddit gives you the best of the internet in one place.

founded 1 year ago

MODERATORS

[email protected]

nginx LDAP or AD Authentication - secure in production? (zerobytes.monster)

submitted 3 weeks ago by [email protected] to c/[email protected]

0 comments fedilink hide all child comments

The original post: /r/nginx by /u/WHYAMIONTHISSHIT on 2024-11-28 10:51:25.

https://github.com/nginxinc/nginx-ldap-auth - explicitly "not hardened for prodution"

https://github.com/kvspb/nginx-auth-ldap - no such warning, but old project, not particularly maintined it seems

https://github.com/caltechads/nginx-ldap-auth-service - more recently maintained, but barely any stars...

we're using nginx as a reverse proxy and we'd like a frontline of security to the webapp. most of our stuff is hosted with apache with the ldap auth done as follows. im just looking forsomething in nginx that is equally secure (new to the company - haven't worked with apache before which is why i stuck to what i know proxying with nginx). do i have to migrate to apache instead?

<Location "/">
  AuthName "____"
  AuthType Basic
  AuthBasicProvider ldap
  AuthLDAPURL "____"
  AuthLDAPBindDN "____"
  AuthLDAPBindPassword "____"
  <RequireAny>
    Require ip 10.
    Require valid-user
  </RequireAny>
</Location>

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here