Running Atlassian Confluence/Bamboo/Bitbucket behind Nginx with SSL

It’s easy to set up a reverse proxy forwarding requests to Atlassian’s products. If you look up posts on Atlassian’s official confluence, you’ll get something correct but confusing. Here is my nginx configuration, for all products except Confluence:

I have haproxy in front of Nginx, if you don’t, let nginx listens to and … Continue reading “Running Atlassian Confluence/Bamboo/Bitbucket behind Nginx with SSL”

Hijack HTTPS over TLS 1.2 without Charles Proxy

TLS 1.2 Charles Proxy 3.9 uses the bouncycastle 1.4 for SSL/TLS, but TLS 1.2 is not yet supported in bcprov’s latest release(1.51), that’s why I got a

on some sites. I tried to upgrade bcprov.jar, some incompatible exceptions were thrown. To check if a https site uses TLSv1.2:

Incoming search terms:receive fatal alert … Continue reading “Hijack HTTPS over TLS 1.2 without Charles Proxy”

mallory proxy update

Here is my fork of mallory:, which, as it’s said, is a powerful TCP/UDP proxy, but way too old. Here you can find how to install it, but the official repo one. I created a pull request here, but seems IntrepidusGroup guys are not working on this anymore. And the TCP/UDP raw protocol debug … Continue reading “mallory proxy update”

Nginx proxy for Google URLs in WordPress

I wrote a script how to make not bring down the load speed of WordPress for visitors from China. Here is the link: Google Font Api Proxy for WordPress To use this proxy, I have to edit themes’ files even the script-loader.php by WordPress, that’s a disaster for upgrading. Another problem is, I have … Continue reading “Nginx proxy for Google URLs in WordPress”

Hijack DnsPod HttpDNS

劫持DNS是个很简单的工作,家用路由器基本都自带dnsmasq,直接加解析就行。 之前某次尝试劫持某视频App的广告接口解析到一个空的本地服务器上,发现该App使用了DnsPod的HttpDNS服务,所以传统的DNS劫持方案不好用。而EdgeRouter的DPI功能也没有对外开放墙一般的高级接口,所以这次用NAT来实现。 Incoming search terms:awaycx8characteristic4qqdnspod httpdnshomebhrimageemaimportance8eqolderencsuggesthw8Link to this post!