Nginx Addon: Tighter security on acme challenge

The current NGinx Addon works great for rerouting https: to local 80, as well as support for Lets Encrypt SSL proxy.

The issue is it completely opens port 80, so the challenge can work successfully, rather than only opening it for the /.well-known/acme-challenge/ path.

ie: Limit access to acme challenge only

My issue is my Hue Emulation is now exposed to the world, rather than only the acme challenge url.

Updating/enhancing this would greatly improve security of the entire system

Dont forget to vote yourself

Not aware of the specifics of the addon, but you can basically do anything in Nginx Proxy Manager.

What prevents you to apply the settings you linked?

The addon is specifically to support the Let’s Encrypt and (DuckDns) to do certificate renewal on a regular basis (as is needed for free SSL certificates) and website based authentication challenges.

So I can do things separately, but it is the specific purpose of this addon to support exactly this situation.

Thus I would hope the addon would only allow what is necessary thru any firewall and not allow or supply a wider hole in the wall.

And the specific option you show is not available via this addon

Ah ok, the other one, thus :wink:

Still, it seems to allow customization: