kx-waf/ld6/ld.smbc-rm-saml.firstderivatives.com.conf

upstream ld-smbc-rm-saml {
    hash $remote_addr consistent;
    zone ld-smbc-rm-saml 64k;
    server 10.60.32.11:4025; # Use your own IP address
    server 10.60.32.12:4025;
    keepalive 120;
}

server {
   listen 80;
   server_name ld.smbc-rm-saml.firstderivatives.com;
   return 301 https://ld.smbc-rm-saml.firstderivatives.com$request_uri;
}

server {
   listen 443 ssl;
   server_name ld.smbc-rm-saml.firstderivatives.com;
   ssl_certificate  /etc/ssl/client/ld.smbc-rm-saml.firstderivatives.com.cer; # Client Supplied Certificate
   ssl_certificate_key  /etc/ssl/client/ld.smbc-rm-saml.firstderivatives.com.key; # Client Supplied Certificate
   ssl_prefer_server_ciphers on;
   ssl_protocols TLSv1.2 TLSv1.3;
   access_log /var/log/nginx/ld.smbc-rm-saml.firstderivatives.com.access.log main ;
   access_log syslog:server=10.60.64.56:514,tag=nginx,severity=info;
   error_log /var/log/nginx/ld.smbc-rm-saml.firstderivatives.com.error.log;
   error_log syslog:server=10.60.64.56:514,tag=nginx_error,severity=warn;
   status_zone status_zone;

### WAF Component ###
   include conf.d/00-waf_enable.conf;
### WAF Component ###

   location / {
        proxy_pass http://ld-smbc-rm-saml/;
        proxy_set_header   Origin https://ld.smbc-rm-saml.firstderivatives.com;
        proxy_hide_header  Access-Control-Allow-Origin;
        add_header         Access-Control-Allow-Origin $http_origin;
        proxy_set_header   Host ld.smbc-rm-saml.firstderivatives.com; # Required if Proxy Header is needed
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $remote_addr;

### Web Sockets (wss) ###
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
### Web Sockets (wss) ###
    }
}
Adding stuff 2024-12-18 11:46:51 +00:00			`upstream ld-smbc-rm-saml {`
			`hash $remote_addr consistent;`
			`zone ld-smbc-rm-saml 64k;`
			`server 10.60.32.11:4025; # Use your own IP address`
			`server 10.60.32.12:4025;`
			`keepalive 120;`
			`}`

			`server {`
			`listen 80;`
			`server_name ld.smbc-rm-saml.firstderivatives.com;`
			`return 301 https://ld.smbc-rm-saml.firstderivatives.com$request_uri;`
			`}`

			`server {`
			`listen 443 ssl;`
			`server_name ld.smbc-rm-saml.firstderivatives.com;`
			`ssl_certificate /etc/ssl/client/ld.smbc-rm-saml.firstderivatives.com.cer; # Client Supplied Certificate`
			`ssl_certificate_key /etc/ssl/client/ld.smbc-rm-saml.firstderivatives.com.key; # Client Supplied Certificate`
			`ssl_prefer_server_ciphers on;`
			`ssl_protocols TLSv1.2 TLSv1.3;`
			`access_log /var/log/nginx/ld.smbc-rm-saml.firstderivatives.com.access.log main ;`
			`access_log syslog:server=10.60.64.56:514,tag=nginx,severity=info;`
			`error_log /var/log/nginx/ld.smbc-rm-saml.firstderivatives.com.error.log;`
			`error_log syslog:server=10.60.64.56:514,tag=nginx_error,severity=warn;`
			`status_zone status_zone;`

			`### WAF Component ###`
			`include conf.d/00-waf_enable.conf;`
			`### WAF Component ###`

			`location / {`
			`proxy_pass http://ld-smbc-rm-saml/;`
			`proxy_set_header Origin https://ld.smbc-rm-saml.firstderivatives.com;`
			`proxy_hide_header Access-Control-Allow-Origin;`
			`add_header Access-Control-Allow-Origin $http_origin;`
			`proxy_set_header Host ld.smbc-rm-saml.firstderivatives.com; # Required if Proxy Header is needed`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $remote_addr;`

			`### Web Sockets (wss) ###`
			`proxy_http_version 1.1;`
			`proxy_set_header Upgrade $http_upgrade;`
			`proxy_set_header Connection $connection_upgrade;`
			`### Web Sockets (wss) ###`
			`}`
			`}`