From 21e65cff1e47927c0bd3f768889bf2772a6cba8e Mon Sep 17 00:00:00 2001 From: Emil Sandnabba Date: Wed, 14 Aug 2024 22:04:08 +0200 Subject: [PATCH] Adding a note about TLS --- docs/docs/guides/reverse_proxy.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/docs/guides/reverse_proxy.md b/docs/docs/guides/reverse_proxy.md index 754eea365..07dfce336 100644 --- a/docs/docs/guides/reverse_proxy.md +++ b/docs/docs/guides/reverse_proxy.md @@ -14,6 +14,13 @@ Before setting up a reverse proxy, check if any of the built-in functionality in |Authentication|Please see the [authentication](../configuration/authentication.md) documentation| |IPv6|[Advanced configuration #enabling-ipv6](../configuration/advanced.md#enabling-ipv6) +**Note about TLS** +When using a reverse proxy, the TLS session is usually terminated at the proxy, sending the internal request over plain HTTP. If this is the desired behavior, TLS must first be disabled in Frigate, or you will encounter an HTTP 400 error: "The plain HTTP request was sent to HTTPS port." +To disable TLS, set the following in your Frigate configuration: +```yml +tls: + enabled: false +``` :::warning A reverse proxy can be used to secure access to an internal web server, but the user will be entirely reliant on the steps they have taken. You must ensure you are following security best practices. @@ -21,6 +28,8 @@ This page does not attempt to outline the specific steps needed to secure your i Please use your own knowledge to assess and vet the reverse proxy software before you install anything on your system. ::: +## Proxies + There are many solutions available to implement reverse proxies and the community is invited to help out documenting others through a contribution to this page. * [Apache2](#apache2-reverse-proxy)