Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 530 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Inspect Https traffic destined for NGINX webserver.

Mastadon

I am running an Ubuntu 20.04 lts Cloudron server that has a NGINX webserver installed. I have Lets encrypt Certs installed automatically. I have a Mini PC, enroute that I plan on installing Sophos Xg on. I would like to scan all HTTPS traffic destined for the web server prior to it reaching the webserver.  Whats the best way to go about this certificates wise? How do I do this? Do I need to export my let's encrypts certs from my webserver and import them to the  sophos xg? The more i've read the documentation the more i'm getting confused . Thanks in advance for the help.



This thread was automatically locked due to age.
  • 0

    Hello Mastadon,

    Thank you for contacting the Sophos Community.

    You can use WAF (Web Server Protection) to protect your NGINX web server, you’ll need to export your certificates to the XG. 

    Regards,

  • 0 in reply to emmosophos

    WAF isn't working g fully as protection  for your assets. It requires  fixing bugs like not scanning for malware. Example? I'm using Synology that is hosting Drive( sth like one drive) I thought  that I'll check AV scanner - eicar test malware file AND ? SOPHOS  JUST PASS THRU file WITHOUT  ANY WARNING Warning️ ^^ just worth to mentioning  ^^