Access List Issues

Issue:

Implementing an Access List on a Proxy Host results in a '403: Forbidden' message rather than bringing up the basic authentication pop-up window.

Access List may have worked correctly previously, but any change made and saved to the proxy host, even unrelated changes, breaks the access list functionality.

Version(s) Affected: 2.12.1

This problem has appeared off and on in various previous versions to the version outlined here.

Cause & Solution:

NPM is removing the authentication authorization header in the NGINX configuration when the proxy host is modified and saved. This breaks authentication.

As a workaround, you will will have to:

Manually add proxy_set_header Authorization ""; inside the location block in the NGINX configuration file for the specific proxy host affected.
Restart the NGINX service to apply the changes.

Until the problem is officially corrected in an NPM version update. This will have to be performed EVERY time you make a change to a proxy host.

Step By Step

Navigate to the /data/nginx/proxy_host directory under the location where you installed NPM. In my case, the would look like /npm/data/nginx/proxy_host
Identify which proxy_host.conf file is the one you need to fix. This may require you to open each one to see what website it is as the proxy host conf files only show a number; as in 1.conf, 2.conf, etc.
Once identified, open the file for editing. You will need to have appropriate permissions to edit the file. In my case, I use: sudo nano #.conf where # is the number of the conf file I need to fix.
Find the Location block in the file. Under that, you should have your Authorization section displaying that authorization is required and which access list is tied to this host. The line highlighted in green in the image below is the line that will be missing and the line that must be there for your access list to work correctly.
Save the file and restart your NPM instance. Your site should now ask for authentication.