auto update script executed

api.go

@@ -54,6 +54,7 @@ func initAPIs() {
 	authRouter.HandleFunc("/api/proxy/tlscheck", HandleCheckSiteSupportTLS)
 	authRouter.HandleFunc("/api/proxy/setIncoming", HandleIncomingPortSet)
 	authRouter.HandleFunc("/api/proxy/useHttpsRedirect", HandleUpdateHttpsRedirect)
+	authRouter.HandleFunc("/api/proxy/listenPort80", HandleUpdatePort80Listener)
 	authRouter.HandleFunc("/api/proxy/requestIsProxied", HandleManagementProxyCheck)
 	//Reverse proxy root related APIs
 	authRouter.HandleFunc("/api/proxy/root/listOptions", HandleRootRouteOptionList)

log/zr_2023-11.log

@@ -0,0 +1,153 @@
+2023-11-25 12:13:54.133523|info             [INFO]Starting ACME handler
+2023-11-25 12:13:54.143832|info             [INFO]Serving inbound port 443
+2023-11-25 12:13:54.143832|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 12:13:54.143832|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 12:13:54.144351|info             [INFO]Force HTTPS mode disabled
+2023-11-25 12:13:54.531437|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 12:13:54.651239|info             [INFO]Assigned temporary port:42345
+2023-11-25 12:13:54.651239|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 12:13:59.722024|info             [INFO]Uptime Monitor background service started
+2023-11-25 12:14:24.128940|info             [INFO]mDNS Startup scan completed
+2023-11-25 12:15:57.781758|info             [INFO]Starting ACME handler
+2023-11-25 12:15:57.787336|info             [INFO]Serving inbound port 443
+2023-11-25 12:15:57.787336|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 12:15:57.787851|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 12:15:57.787851|info             [INFO]Force HTTPS mode disabled
+2023-11-25 12:15:58.102203|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 12:15:58.287700|info             [INFO]Assigned temporary port:37300
+2023-11-25 12:15:58.287700|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 12:16:03.256018|info             [INFO]Uptime Monitor background service started
+2023-11-25 12:16:27.771289|info             [INFO]mDNS Startup scan completed
+2023-11-25 12:17:00.844866|Uptime           [INFO]Uptime monitor config updated
+2023-11-25 12:19:24.778475|Uptime           [INFO]Uptime monitor config updated
+2023-11-25 12:20:13.423358|info             [INFO]Starting ACME handler
+2023-11-25 12:20:13.429601|info             [INFO]Serving inbound port 443
+2023-11-25 12:20:13.429601|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 12:20:13.429601|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 12:20:13.430127|info             [INFO]Force HTTPS mode disabled
+2023-11-25 12:20:13.747414|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 12:20:13.931813|info             [INFO]Assigned temporary port:34026
+2023-11-25 12:20:13.931813|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 12:20:19.486691|info             [INFO]Uptime Monitor background service started
+2023-11-25 12:20:38.193730|Uptime           [INFO]Uptime monitor config updated
+2023-11-25 12:20:43.422101|info             [INFO]mDNS Startup scan completed
+2023-11-25 12:21:22.667115|Uptime           [INFO]Uptime monitor config updated
+2023-11-25 12:21:47.111795|Uptime           [INFO]Uptime monitor config updated
+2023-11-25 12:23:43.680756|info             [INFO]Starting ACME handler
+2023-11-25 12:23:43.685759|info             [INFO]Serving inbound port 443
+2023-11-25 12:23:43.686761|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 12:23:43.686761|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 12:23:43.686761|info             [INFO]Force HTTPS mode disabled
+2023-11-25 12:23:43.998078|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 12:23:44.186330|info             [INFO]Assigned temporary port:41937
+2023-11-25 12:23:44.186330|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 12:23:49.572467|info             [INFO]Uptime Monitor background service started
+2023-11-25 12:24:13.666606|info             [INFO]mDNS Startup scan completed
+2023-11-25 12:24:39.008306|Uptime           [INFO]Uptime monitor config updated
+2023-11-25 12:24:57.977139|Uptime           [INFO]Uptime monitor config updated
+2023-11-25 12:28:57.491409|info             [INFO]Starting ACME handler
+2023-11-25 12:28:57.497626|info             [INFO]Serving inbound port 443
+2023-11-25 12:28:57.497626|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 12:28:57.498143|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 12:28:57.498143|info             [INFO]Force HTTPS mode disabled
+2023-11-25 12:28:57.812174|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 12:28:57.998555|info             [INFO]Assigned temporary port:62962
+2023-11-25 12:28:57.998555|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 12:29:03.132338|info             [INFO]Uptime Monitor background service started
+2023-11-25 12:29:27.482768|info             [INFO]mDNS Startup scan completed
+2023-11-25 13:00:13.253183|info             [INFO]Starting ACME handler
+2023-11-25 13:00:13.260130|info             [INFO]Serving inbound port 443
+2023-11-25 13:00:13.260130|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 13:00:13.260646|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 13:00:13.260646|info             [INFO]Force HTTPS mode disabled
+2023-11-25 13:00:13.569533|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 13:00:13.766015|info             [INFO]Assigned temporary port:65228
+2023-11-25 13:00:13.766015|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 13:00:18.711731|info             [INFO]Uptime Monitor background service started
+2023-11-25 13:00:43.248141|info             [INFO]mDNS Startup scan completed
+2023-11-25 13:01:47.095374|info             [INFO]Updating prefered ACME CA to Let's Encrypt
+2023-11-25 13:02:59.240815|info             [INFO]Updating prefered ACME CA to Buypass
+2023-11-25 13:03:02.740665|info             [INFO]Updating prefered ACME CA to ZeroSSL
+2023-11-25 13:15:43.242821|info             [INFO]mDNS scan result updated
+2023-11-25 13:23:38.282048|info             [INFO]Config Removed: conf/proxy/home_localhost.config
+2023-11-25 13:23:38.282566|Uptime           [INFO]Uptime monitor config updated
+2023-11-25 13:30:43.253279|info             [INFO]mDNS scan result updated
+2023-11-25 13:45:43.247112|info             [INFO]mDNS scan result updated
+2023-11-25 13:48:07.912697|info             [INFO]Starting ACME handler
+2023-11-25 13:48:07.918880|info             [INFO]Serving inbound port 443
+2023-11-25 13:48:07.919390|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 13:48:07.919390|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 13:48:07.919390|info             [INFO]Force HTTPS mode disabled
+2023-11-25 13:48:08.234075|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 13:48:08.420662|info             [INFO]Assigned temporary port:52269
+2023-11-25 13:48:08.420662|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 13:48:13.777078|info             [INFO]Uptime Monitor background service started
+2023-11-25 13:48:37.906315|info             [INFO]mDNS Startup scan completed
+2023-11-25 13:48:50.519011|info             [INFO]Starting ACME handler
+2023-11-25 13:48:50.526714|info             [INFO]Serving inbound port 443
+2023-11-25 13:48:50.526714|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 13:48:50.526714|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 13:48:50.527228|info             [INFO]Force HTTPS mode disabled
+2023-11-25 13:48:50.837461|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 13:48:51.035001|info             [INFO]Assigned temporary port:50629
+2023-11-25 13:48:51.035001|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 13:48:56.373026|info             [INFO]Uptime Monitor background service started
+2023-11-25 13:49:13.867270|info             [INFO]Updating force HTTPS redirection to true
+2023-11-25 13:49:20.502507|info             [INFO]mDNS Startup scan completed
+2023-11-25 13:59:04.925900|info             [INFO]Starting ACME handler
+2023-11-25 13:59:04.932134|info             [INFO]Serving inbound port 443
+2023-11-25 13:59:04.932650|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 13:59:04.932650|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 13:59:04.932650|info             [INFO]Port 80 listener disabled
+2023-11-25 13:59:04.933159|info             [INFO]Force HTTPS mode enabled
+2023-11-25 13:59:05.255091|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 13:59:05.439447|info             [INFO]Assigned temporary port:58953
+2023-11-25 13:59:05.439447|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 13:59:10.364327|info             [INFO]Uptime Monitor background service started
+2023-11-25 13:59:34.910811|info             [INFO]mDNS Startup scan completed
+2023-11-25 14:10:36.701310|info             [INFO]Starting ACME handler
+2023-11-25 14:10:36.707505|info             [INFO]Serving inbound port 443
+2023-11-25 14:10:36.707505|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 14:10:36.708021|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 14:10:36.708021|info             [INFO]Port 80 listener disabled
+2023-11-25 14:10:36.708021|info             [INFO]Force HTTPS mode enabled
+2023-11-25 14:10:37.026773|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 14:10:37.216525|info             [INFO]Assigned temporary port:35633
+2023-11-25 14:10:37.216525|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 14:10:42.046391|info             [INFO]Uptime Monitor background service started
+2023-11-25 14:11:06.685281|info             [INFO]mDNS Startup scan completed
+2023-11-25 14:13:15.329475|info             [INFO]Updating minimum TLS version to v1.2 or above
+2023-11-25 14:13:16.933245|info             [INFO]Updating minimum TLS version to v1.0 or above
+2023-11-25 14:13:18.120690|info             [INFO]Updating force HTTPS redirection to false
+2023-11-25 14:14:20.137877|info             [INFO]Starting ACME handler
+2023-11-25 14:14:20.146681|info             [INFO]Serving inbound port 443
+2023-11-25 14:14:20.146681|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 14:14:20.147205|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 14:14:20.147205|info             [INFO]Port 80 listener disabled
+2023-11-25 14:14:20.147205|info             [INFO]Force HTTPS mode disabled
+2023-11-25 14:14:20.456324|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 14:14:20.656107|info             [INFO]Assigned temporary port:47960
+2023-11-25 14:14:20.656107|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 14:14:26.048563|info             [INFO]Uptime Monitor background service started
+2023-11-25 14:14:50.128280|info             [INFO]mDNS Startup scan completed
+2023-11-25 14:16:38.690328|info             [INFO]Enabling port 80 listener
+2023-11-25 14:24:17.195047|info             [INFO]Disabling port 80 listener
+2023-11-25 14:24:29.465492|info             [INFO]Enabling port 80 listener
+2023-11-25 14:24:30.305827|info             [INFO]Disabling TLS mode on reverse proxy
+2023-11-25 14:24:43.570605|info             [INFO]Enabling TLS mode on reverse proxy
+2023-11-25 14:24:48.745864|info             [INFO]Updating force HTTPS redirection to true
+2023-11-25 14:24:54.228283|info             [INFO]Updating force HTTPS redirection to false
+2023-11-25 14:29:50.143826|info             [INFO]mDNS scan result updated
+2023-11-25 14:30:10.288366|info             [INFO]Starting ACME handler
+2023-11-25 14:30:10.295045|info             [INFO]Serving inbound port 443
+2023-11-25 14:30:10.295045|info             [INFO]TLS mode enabled. Serving proxxy request with TLS
+2023-11-25 14:30:10.295045|info             [INFO]Force latest TLS mode disabled. Minimum TLS version is set to v1.0
+2023-11-25 14:30:10.295045|info             [INFO]Port 80 listener enabled
+2023-11-25 14:30:10.295567|info             [INFO]Force HTTPS mode disabled
+2023-11-25 14:30:10.609482|info             [INFO]Dynamic Reverse Proxy service started
+2023-11-25 14:30:10.797025|info             [INFO]Assigned temporary port:31774
+2023-11-25 14:30:10.797025|info             [INFO]Zoraxy started. Visit control panel at http://localhost:8000
+2023-11-25 14:30:15.599808|info             [INFO]Uptime Monitor background service started
+2023-11-25 14:30:40.289262|info             [INFO]mDNS Startup scan completed
+2023-11-25 14:45:40.293781|info             [INFO]mDNS scan result updated
+2023-11-25 15:00:40.301089|info             [INFO]mDNS scan result updated

mod/dynamicproxy/dynamicproxy.go

@@ -60,6 +60,12 @@ func (router *Router) UpdateTLSVersion(requireLatest bool) {
 	router.Restart()
 }
 
+// Update port 80 listener state
+func (router *Router) UpdatePort80ListenerState(useRedirect bool) {
+	router.Option.ListenOnPort80 = useRedirect
+	router.Restart()
+}
+
 // Update https redirect, which will require updates
 func (router *Router) UpdateHttpToHttpsRedirectSetting(useRedirect bool) {
 	router.Option.ForceHttpsRedirect = useRedirect
@@ -112,16 +118,56 @@ func (router *Router) StartProxyService() error {
 		}
 		router.Running = true
 
-		if router.Option.Port != 80 && router.Option.ForceHttpsRedirect {
+		if router.Option.Port != 80 && router.Option.ListenOnPort80 {
 			//Add a 80 to 443 redirector
 			httpServer := &http.Server{
 				Addr: ":80",
 				Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-					protocol := "https://"
-					if router.Option.Port == 443 {
-						http.Redirect(w, r, protocol+r.Host+r.RequestURI, http.StatusTemporaryRedirect)
+					//Check if the domain requesting allow non TLS mode
+					domainOnly := r.Host
+					if strings.Contains(r.Host, ":") {
+						hostPath := strings.Split(r.Host, ":")
+						domainOnly = hostPath[0]
+					}
+					sep := router.getSubdomainProxyEndpointFromHostname(domainOnly)
+					if sep != nil && sep.BypassGlobalTLS {
+						//Allow routing via non-TLS handler
+						originalHostHeader := r.Host
+						if r.URL != nil {
+							r.Host = r.URL.Host
+						} else {
+							//Fallback when the upstream proxy screw something up in the header
+							r.URL, _ = url.Parse(originalHostHeader)
+						}
+
+						sep.Proxy.ServeHTTP(w, r, &dpcore.ResponseRewriteRuleSet{
+							ProxyDomain:  sep.Domain,
+							OriginalHost: originalHostHeader,
+							UseTLS:       sep.RequireTLS,
+							PathPrefix:   "",
+						})
+						return
+					}
+
+					if router.Option.ForceHttpsRedirect {
+						//Redirect to https is enabled
+						protocol := "https://"
+						if router.Option.Port == 443 {
+							http.Redirect(w, r, protocol+r.Host+r.RequestURI, http.StatusTemporaryRedirect)
+						} else {
+							http.Redirect(w, r, protocol+r.Host+":"+strconv.Itoa(router.Option.Port)+r.RequestURI, http.StatusTemporaryRedirect)
+						}
 					} else {
-						http.Redirect(w, r, protocol+r.Host+":"+strconv.Itoa(router.Option.Port)+r.RequestURI, http.StatusTemporaryRedirect)
+						//Do not do redirection
+						if sep != nil {
+							//Sub-domain exists but not allow non-TLS access
+							w.WriteHeader(http.StatusBadRequest)
+							w.Write([]byte("400 - Bad Request"))
+						} else {
+							//No defined sub-domain
+							http.NotFound(w, r)
+						}
+
 					}
 
 				}),

mod/dynamicproxy/typedef.go

@@ -27,6 +27,7 @@ type RouterOption struct {
 	Port               int    //Incoming port
 	UseTls             bool   //Use TLS to serve incoming requsts
 	ForceTLSLatest     bool   //Force TLS1.2 or above
+	ListenOnPort80     bool   //Enable port 80 http listener
 	ForceHttpsRedirect bool   //Force redirection of http to https endpoint
 	TlsManager         *tlscert.Manager
 	RedirectRuleTable  *redirection.RuleTable

reverseproxy.go

@@ -45,10 +45,20 @@ func ReverseProxtInit() {
 		SystemWideLogger.Println("Force latest TLS mode disabled. Minimum TLS version is set to v1.0")
 	}
 
+	listenOnPort80 := false
+	sysdb.Read("settings", "listenP80", &listenOnPort80)
+	if listenOnPort80 {
+		SystemWideLogger.Println("Port 80 listener enabled")
+	} else {
+		SystemWideLogger.Println("Port 80 listener disabled")
+	}
+
 	forceHttpsRedirect := false
 	sysdb.Read("settings", "redirect", &forceHttpsRedirect)
 	if forceHttpsRedirect {
 		SystemWideLogger.Println("Force HTTPS mode enabled")
+		//Port 80 listener must be enabled to perform http -> https redirect
+		listenOnPort80 = true
 	} else {
 		SystemWideLogger.Println("Force HTTPS mode disabled")
 	}
@@ -58,6 +68,7 @@ func ReverseProxtInit() {
 		Port:               inboundPort,
 		UseTls:             useTls,
 		ForceTLSLatest:     forceLatestTLSVersion,
+		ListenOnPort80:     listenOnPort80,
 		ForceHttpsRedirect: forceHttpsRedirect,
 		TlsManager:         tlsCertManager,
 		RedirectRuleTable:  redirectTable,
@@ -396,6 +407,10 @@ func ReverseProxyHandleEditEndpoint(w http.ResponseWriter, r *http.Request) {
 		BasicAuthCredentials: targetProxyEntry.BasicAuthCredentials,
 	}
 	SaveReverseProxyConfigToFile(&thisProxyConfigRecord)
+
+	//Update uptime monitor
+	UpdateUptimeMonitorTargets()
+
 	utils.SendOK(w)
 }
 
@@ -428,6 +443,9 @@ func DeleteProxyEndpoint(w http.ResponseWriter, r *http.Request) {
 		uptimeMonitor.CleanRecords()
 	}
 
+	//Update uptime monitor
+	UpdateUptimeMonitorTargets()
+
 	utils.SendOK(w)
 }
 
@@ -742,6 +760,35 @@ func ReverseProxyList(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+// Handle port 80 incoming traffics
+func HandleUpdatePort80Listener(w http.ResponseWriter, r *http.Request) {
+	enabled, err := utils.GetPara(r, "enable")
+	if err != nil {
+		//Load the current status
+		currentEnabled := false
+		err = sysdb.Read("settings", "listenP80", &currentEnabled)
+		if err != nil {
+			utils.SendErrorResponse(w, err.Error())
+			return
+		}
+		js, _ := json.Marshal(currentEnabled)
+		utils.SendJSONResponse(w, string(js))
+	} else {
+		if enabled == "true" {
+			sysdb.Write("settings", "listenP80", true)
+			SystemWideLogger.Println("Enabling port 80 listener")
+			dynamicProxyRouter.UpdatePort80ListenerState(true)
+		} else if enabled == "false" {
+			sysdb.Write("settings", "listenP80", false)
+			SystemWideLogger.Println("Disabling port 80 listener")
+			dynamicProxyRouter.UpdatePort80ListenerState(true)
+		} else {
+			utils.SendErrorResponse(w, "invalid mode given: "+enabled)
+		}
+		utils.SendOK(w)
+	}
+}
+
 // Handle https redirect
 func HandleUpdateHttpsRedirect(w http.ResponseWriter, r *http.Request) {
 	useRedirect, err := utils.GetPara(r, "set")

web/components/rules.html

@@ -8,7 +8,7 @@
                         <div class="field">
                             <label>Proxy Type</label>
                             <div class="ui selection dropdown">
-                                <input type="hidden" id="ptype" value="subd">
+                                <input type="hidden" id="ptype" value="subd" onchange="handleProxyTypeOptionChange(this.value)">
                                 <i class="dropdown icon"></i>
                                 <div class="default text">Proxy Type</div>
                                 <div class="menu">
@@ -22,7 +22,7 @@
                             <input type="text" id="rootname" placeholder="s1.mydomain.com">
                         </div>
                         <div class="field">
-                            <label>IP Address or Domain Name with port</label>
+                            <label>Target IP Address or Domain Name with port</label>
                             <input type="text" id="proxyDomain" onchange="autoCheckTls(this.value);">
                             <small>E.g. 192.168.0.101:8000 or example.com</small>
                         </div>
@@ -44,13 +44,13 @@
                                     <div class="field">
                                         <div class="ui checkbox">
                                             <input type="checkbox" id="skipTLSValidation">
-                                            <label>Ignore TLS/SSL Verification Error<br><small>E.g. self-signed, expired certificate (Not Recommended)</small></label>
+                                            <label>Ignore TLS/SSL Verification Error<br><small>For targets that is using self-signed, expired certificate (Not Recommended)</small></label>
                                         </div>
                                     </div>
                                     <div class="field">
                                         <div class="ui checkbox">
                                             <input type="checkbox" id="bypassGlobalTLS">
-                                            <label>Bypass Global TLS<br><small>Allow this subdomain / vdir to be connected without TLS</small></label>
+                                            <label>Allow plain HTTP access<br><small>Allow this subdomain to be connected without TLS (Require HTTP server enabled on port 80)</small></label>
                                         </div>
                                     </div>
                                     <div class="field">
@@ -214,6 +214,14 @@
         
     }
 
+    function handleProxyTypeOptionChange(newType){
+        if (newType == "subd"){
+            $("#bypassGlobalTLS").parent().removeClass("disabled");
+        }else if (newType == "vdir"){
+            $("#bypassGlobalTLS").parent().addClass("disabled");
+        }
+    }
+
     //Generic functions for delete rp endpoints 
     function deleteEndpoint(ptype, epoint){
         if (confirm("Confirm remove proxy for :" + epoint + " (type: " + ptype + ")?")){
@@ -339,7 +347,7 @@
         var columns = row.find('td[data-label]');
         var payload = $(row).attr("payload");
         payload = JSON.parse(decodeURIComponent(payload));
-     
+        console.log(payload);
         //console.log(payload);
         columns.each(function(index) {
             var column = $(this);
@@ -355,34 +363,38 @@
             var datatype = $(this).attr("datatype");
             if (datatype == "domain"){
                 let domain = payload.Domain;
+                //Target require TLS for proxying
                 let tls = payload.RequireTLS;
                 if (tls){
                     tls = "checked";
                 }else{
                     tls = "";
                 }
+
+                //Require TLS validation
+                let skipTLSValidation = payload.SkipCertValidations;
+                let checkstate = "";
+                if (skipTLSValidation){
+                    checkstate = "checked";
+                }
+
                 input = `
                     <div class="ui mini fluid input">
                         <input type="text" class="Domain" value="${domain}">
                     </div>
                     <div class="ui checkbox" style="margin-top: 0.4em;">
                         <input type="checkbox" class="RequireTLS" ${tls}>
-                        <label>Require TLS</label>
+                        <label>Require TLS<br>
+                            <small>Proxy target require HTTPS connection</small></label>
+                    </div><br>
+                    <div class="ui checkbox" style="margin-top: 0.4em;">
+                        <input type="checkbox" class="SkipCertValidations" ${checkstate}>
+                        <label>Skip Verification<br>
+                        <small>Check this if proxy target is using self signed certificates</small></label>
+                        
                     </div>
                 `;
                 column.empty().append(input);
-
-            }else if (datatype == "skipver"){
-                let skipTLSValidation = payload.SkipCertValidations;
-                let checkstate = "";
-                if (skipTLSValidation){
-                    checkstate = "checked";
-                }
-                column.empty().append(`<div class="ui checkbox" style="margin-top: 0.4em;">
-                    <input type="checkbox" class="SkipCertValidations" ${checkstate}>
-                    <label>Skip Verification</label>
-                    <small>Check this if you are using self signed certificates</small>
-                </div>`);
             }else if (datatype == "basicauth"){
                 let requireBasicAuth = payload.RequireBasicAuth;
                 let checkstate = "";
@@ -400,6 +412,16 @@
                 <button title="Cancel" onclick="exitProxyInlineEdit('${endpointType}');" class="ui basic small circular icon button"><i class="ui remove icon"></i></button>
                 <button title="Save" onclick="saveProxyInlineEdit('${uuid}');" class="ui basic small circular icon button"><i class="ui green save icon"></i></button>
                 `);
+            }else if (datatype == "inbound" && payload.ProxyType == 0){
+                let originalContent = $(column).html();
+                column.empty().append(`${originalContent}
+                    <div class="ui divider"></div>
+                    <div class="ui checkbox" style="margin-top: 0.4em;">
+                        <input type="checkbox" ${payload.BypassGlobalTLS?"checked":""}>
+                        <label>Allow plain HTTP access<br>
+                            <small>Allow inbound connections without TLS/SSL</small></label>
+                    </div><br>
+                `);
             }else{
                 //Unknown field. Leave it untouched
             }

web/components/status.html

@@ -72,10 +72,15 @@
         <label>Use TLS to serve proxy request</label>
     </div>
     <br>
-    <div id="redirect" class="ui toggle notloopbackOnly tlsEnabledOnly checkbox" style="margin-top: 0.6em;">
+    <div id="listenP80" class="ui toggle notloopbackOnly tlsEnabledOnly checkbox" style="margin-top: 0.6em;" >
         <input type="checkbox">
-        <label>Force redirect HTTP request to HTTPS<br>
-            <small>(Only apply when listening port is not 80)</small></label>
+        <label>Enable HTTP server on port 80<br>
+        <small>(Only apply when TLS enabled and not using port 80)</small></label>
+    </div>
+    <br>
+    <div id="redirect" class="ui toggle notloopbackOnly tlsEnabledOnly checkbox" style="margin-top: 0.6em; padding-left: 2em;">
+        <input type="checkbox">
+        <label>Force redirect HTTP request to HTTPS</label>
     </div>
     <div class="ui basic segment" style="background-color: #f7f7f7; border-radius: 1em;">
         <div class="ui accordion advanceSettings">
@@ -181,6 +186,7 @@
                 $("#serverstatus").removeClass("green");
             }
             $("#incomingPort").val(data.Option.Port);
+            
         });
         
     }
@@ -305,6 +311,27 @@
         });
     }
 
+    function handleP80ListenerStateChange(enabled){
+        $.ajax({
+            url: "/api/proxy/listenPort80",
+            data: {"enable": enabled},
+            success: function(data){
+                if (data.error != undefined){
+                    console.log(data.error);
+                    return;
+                }
+                if (enabled){
+                    $("#redirect").show();
+                    msgbox("Port 80 listener enabled");
+                }else{
+                    $("#redirect").hide();
+                    msgbox("Port 80 listener disabled");
+                }
+            }
+        });
+       
+    }
+
 
     function handlePortChange(){
         var newPortValue = $("#incomingPort").val();
@@ -323,6 +350,25 @@
         });
     }
 
+    function initPort80ListenerSetting(){
+        $.get("/api/proxy/listenPort80", function(data){
+            if (data){
+                $("#listenP80").checkbox("set checked");
+                $("#redirect").show();
+            }else{
+                $("#listenP80").checkbox("set unchecked");
+                $("#redirect").hide();
+            }
+
+            $("#listenP80").find("input").on("change", function(){
+                let enabled = $(this)[0].checked;
+                handleP80ListenerStateChange(enabled);
+            })
+        });
+        
+    }
+    initPort80ListenerSetting();
+
     function initHTTPtoHTTPSRedirectSetting(){
         $.get("/api/proxy/useHttpsRedirect", function(data){
             if (data == true){
@@ -356,8 +402,6 @@
                     })
             });
         });
-
-          
     }
     initHTTPtoHTTPSRedirectSetting();
 

web/components/subd.html

@@ -9,7 +9,6 @@
                 <tr>
                     <th>Matching Domain</th>
                     <th>Proxy To</th>
-                    <th>TLS/SSL Verification</th>
                     <th>Basic Auth</th>
                     <th class="no-sort" style="min-width: 7.2em;">Actions</th>
                 </tr>
@@ -41,19 +40,14 @@
                     let subdData = encodeURIComponent(JSON.stringify(subd));
                     if (subd.RequireTLS){
                         tlsIcon = `<i class="green lock icon" title="TLS Mode"></i>`;
-                    }
-
-                    let tlsVerificationField = "";
-                    if (subd.RequireTLS){
-                        tlsVerificationField = !subd.SkipCertValidations?`<i class="ui green check icon"></i>`:`<i class="ui yellow exclamation circle icon" title="TLS/SSL Verification will be skipped on this host"></i>`
-                    }else{
-                        tlsVerificationField = "N/A"
+                        if (subd.SkipCertValidations){
+                            tlsIcon = `<i class="yellow lock icon" title="TLS/SSL mode without verification"></i>`
+                        }
                     }
 
                     $("#subdList").append(`<tr eptuuid="${subd.RootOrMatchingDomain}" payload="${subdData}" class="subdEntry">
-                        <td data-label="" editable="false"><a href="//${subd.RootOrMatchingDomain}" target="_blank">${subd.RootOrMatchingDomain}</a></td>
+                        <td data-label="" editable="true" datatype="inbound"><a href="//${subd.RootOrMatchingDomain}" target="_blank">${subd.RootOrMatchingDomain}</a></td>
                         <td data-label="" editable="true" datatype="domain">${subd.Domain} ${tlsIcon}</td>
-                        <td data-label="" editable="true" datatype="skipver">${tlsVerificationField}</td>
                         <td data-label="" editable="true" datatype="basicauth">${subd.RequireBasicAuth?`<i class="ui green check icon"></i>`:`<i class="ui grey remove icon"></i>`}</td>
                         <td class="center aligned" editable="true" datatype="action" data-label="">
                             <button class="ui circular mini basic icon button editBtn" onclick='editEndpoint("subd","${subd.RootOrMatchingDomain}")'><i class="edit icon"></i></button>

web/components/uptime.html

@@ -86,7 +86,7 @@
 
         let id = value[0].ID;
         let name = value[0].Name;
-        let url = value[0].URL;
+        let url = value[value.length - 1].URL;
         let protocol = value[0].Protocol;
 
         //Generate the status dot
@@ -112,6 +112,9 @@
                 if (thisStatus.StatusCode >= 500 && thisStatus.StatusCode < 600){
                     //Special type of error, cause by downstream reverse proxy
                     dotType = "error";
+                }else if (thisStatus.StatusCode == 401){
+                    //Unauthorized error
+                    dotType = "error";
                 }else{
                     dotType = "offline";
                 }
@@ -141,6 +144,28 @@
                 currentOnlineStatus = `<i class="exclamation circle icon"></i> Misconfigured`;
                 onlineStatusCss = `color: #f38020;`;
                 reminderEle = `<small style="${onlineStatusCss}">Downstream proxy server is online with misconfigured settings</small>`;
+            }else if (value[value.length - 1].StatusCode >= 400 && value[value.length - 1].StatusCode <= 405){
+                switch(value[value.length - 1].StatusCode){
+                    case 400:
+                        currentOnlineStatus = `<i class="exclamation circle icon"></i> Bad Request`;
+                        break;
+                    case 401:
+                        currentOnlineStatus = `<i class="exclamation circle icon"></i> Unauthorized`;
+                        break;
+                    case 403:
+                        currentOnlineStatus = `<i class="exclamation circle icon"></i> Forbidden`;
+                        break;
+                    case 404: 
+                        currentOnlineStatus = `<i class="exclamation circle icon"></i> Not Found`;
+                        break; 
+                    case 405: 
+                        currentOnlineStatus = `<i class="exclamation circle icon"></i> Method Not Allowed`;
+                        break;
+                }
+                
+                onlineStatusCss = `color: #f38020;`;
+                reminderEle = `<small style="${onlineStatusCss}">Target online but not accessible</small>`;
+            
             }else{
                 currentOnlineStatus = `<i class="circle icon"></i> Offline`;
                 onlineStatusCss = `color: #df484a;`;

web/components/vdir.html

@@ -9,7 +9,6 @@
                 <tr>
                     <th>Virtual Directory</th>
                     <th>Proxy To</th>
-                    <th>TLS/SSL Verification</th>
                     <th>Basic Auth</th>
                     <th class="no-sort" style="min-width: 7.2em;">Actions</th>
                 </tr>
@@ -43,6 +42,9 @@
                     let vdirData = encodeURIComponent(JSON.stringify(vdir));
                     if (vdir.RequireTLS){
                         tlsIcon = `<i class="green lock icon" title="TLS Mode"></i>`;
+                        if (vdir.SkipCertValidations){
+                            tlsIcon = `<i class="yellow lock icon" title="TLS/SSL mode without verification"></i>`
+                        }
                     }
 
                     let tlsVerificationField = "";
@@ -55,7 +57,6 @@
                     $("#vdirList").append(`<tr eptuuid="${vdir.RootOrMatchingDomain}" payload="${vdirData}" class="vdirEntry">
                         <td data-label="" editable="false">${vdir.RootOrMatchingDomain}</td>
                         <td data-label="" editable="true" datatype="domain">${vdir.Domain} ${tlsIcon}</td>
-                        <td data-label="" editable="true" datatype="skipver">${tlsVerificationField}</td>
                         <td data-label="" editable="true" datatype="basicauth">${vdir.RequireBasicAuth?`<i class="ui green check icon"></i>`:`<i class="ui grey remove icon"></i>`}</td>
                         <td class="center aligned" editable="true" datatype="action" data-label="">
                             <button class="ui circular mini basic icon button editBtn" onclick='editEndpoint("vdir","${vdir.RootOrMatchingDomain}")'><i class="edit icon"></i></button>

wrappers.go

@@ -103,7 +103,21 @@ func HandleCountryDistrSummary(w http.ResponseWriter, r *http.Request) {
 /*
 	Up Time Monitor
 */
-//Generate uptime monitor targets from reverse proxy rules
+
+// Update uptime monitor targets after rules updated
+// See https://github.com/tobychui/zoraxy/issues/77
+func UpdateUptimeMonitorTargets() {
+	if uptimeMonitor != nil {
+		uptimeMonitor.Config.Targets = GetUptimeTargetsFromReverseProxyRules(dynamicProxyRouter)
+		go func() {
+			uptimeMonitor.ExecuteUptimeCheck()
+		}()
+
+		SystemWideLogger.PrintAndLog("Uptime", "Uptime monitor config updated", nil)
+	}
+}
+
+// Generate uptime monitor targets from reverse proxy rules
 func GetUptimeTargetsFromReverseProxyRules(dp *dynamicproxy.Router) []*uptime.Target {
 	subds := dp.GetSDProxyEndpointsAsMap()
 	vdirs := dp.GetVDProxyEndpointsAsMap()