Fault: Unresponsive UI when putting EVE-NG behind an NGINX reverse proxy

For the purposes of this article I’m making an assumption that the reader has already completed all of the steps required to place EVE-NG behind an NGINX reverse proxy. Using the default settings this can cause the EVE-NG HTML5 GUI to act in an unpredictable manner and at times appear to act like there is extreme latency and jitter on the connection.

This same effect can often be seen on other reverse proxy-like applications and can affect other web applications that rely on real-time or near real time communications. Most notibly Cisco Anyconnects Web SSL VPN appears to suffer from this effect however it can be observed to come and go. There is no resolution for Cisco Anyconnect as the configuration options to resolve the root cause are not available to us.

Root cause: The cause of this behaviour is that NGINX will buffer the traffic to the EVE-NG server and therfore to the Apache Guacamole in behind EVE-NG. While this makes for an efficent proxy; It will prevent connections being made correctly for Apache Guacamole correctly and cause sessions to time out. This eventually will exchaust all available sessions and prevent users from connecting.

Resolution: Disable proxy buffering in your proxy.conf on the NGINX server.

This solution may be suitable for other reverse proxies and SSL Web VPNs if the options are configurable. This is the required configuration to be added to the location section of the config file:

proxy_buffering off;

The below is the full required config for the location section of the reverse proxy configuration should it be required for reference:

location / {
proxy_set_header x-real-IP $remote_addr;
proxy_set_header x-forwarded-for $proxy_add_x_forwarded__for;
proxy_set_header host $host;
proxy_pass https://INTERNALIP:443;
proxy_buffering off;
}

 3,735 total views,  1 views today

4 thoughts to “Fault: Unresponsive UI when putting EVE-NG behind an NGINX reverse proxy”

  1. What is the complete setup for eve-ng behind a proxy? I can hit the login in page but then when you actually hit login it doesnt go anywhere

    1. Are you using EVE-NG Pro or Community edition? For config above is pretty much it bar the SSL part of the config which certbot will provide if you’re using LetsEncrypt for your public certs.

  2. Hello,
    I am using nginx proxy manager (GUI) to host the Eve-ng. I am facing the same error. Tried to add proxy_buffering off; in custom config but no luck. Please help me

    1. Unfortunately I am not familiar with the nginx proxy manager as a product. If you suspect you’re having issues as described in my article then I suggest you engage users which support nginx proxy manager and explain that you want to entirely disable buffering.

      My method only works for a standard install and it’s entirely possible that Nginx proxy manager uses different files for these settings and overrides the default config files but if you are able to disable buffering the end result should be the same.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.