Reverse Proxy Examples


Reverse Proxy Examples

Crafty Controller makes use of WSS. As such you may experience issues using reverse proxies without the proper configurations. These examples make clear what needs to be done for your reverse proxy to support WSS.


Config based on
Edits for 4.0 compatibility by pretzelDewey -
upstream crafty {
    server "<DOMAIN>";

server {
    listen 80;
    server_name <DOMAIN>;
    if ($host !~* ^<SUBDOMAIN>\.<EXAMPLE>\.com$ ) {
        return 444;
    rewrite ^(.*) https://$host$1 permanent;

server {
    listen 443 ssl;
    server_name <DOMAIN>;
    if ($host !~* ^<SUBDOMAIN>\.<EXAMPLE>\.com$ ) {
        return 444;
    ssl_certificate <CERIFICATE_LOCATION>;
    ssl_certificate_key <KEYFILE_LOCATION>;
    location / {
        #This is important for websockets
        proxy_http_version 1.1;
        proxy_redirect off;

        #These are important for websockets. They are required for crafty to function properly.
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        #End important websocket parts

        proxy_pass https://localhost:8443;
        proxy_buffering off;
        client_max_body_size 0;
        proxy_connect_timeout  3600s;
        proxy_read_timeout  3600s;
        proxy_send_timeout  3600s;
        send_timeout  3600s;


Base config made by Justman10000 and Zedifus (
Adapted for WSS by pretzelDewey
For this config you need to add the following mods:
<VirtualHost _default_:80>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

<VirtualHost _default_:443>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    ProxyPreserveHost On
    SSLProxyEngine On
	    SSLProxyVerify none 
	    SSLProxyCheckPeerCN off
	    SSLProxyCheckPeerName off
	    SSLProxyCheckPeerExpire off

#This is important for web sockets which are required by crafty to run!

    RewriteEngine on
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} upgrade [NC]
    RewriteRule .* "wss://{REQUEST_URI}" [P]

#End important for WSS

    SSLCertificateFile /var/opt/minecraft/crafty4/app/config/web/certs/commander.cert.pem

    SSLCertificateKeyFile /var/opt/minecraft/crafty4/app/config/web/certs/commander.key.pem

    ProxyPass /
    ProxyPassReverse /
    ProxyRequests off

Nginx Proxy Manager (NPM)

Make sure to turn on 'Websocket Support' or Crafty will not run properly.

Trouble with WSS Still?

Warning - Some AD blockers will block WSS connections. Try whitelisting the domain or disabling your ad blocker and see if that resolves the problem.