Webmin behind Nginx Proxy Manager is not reachable

sharbich · February 16, 2026, 9:15am

Hello everyone,
i’ve installed Webmin in a Docker container. OS System Debian 13. Webmin Version 2.620. Additionally, I’m running an Nginx Proxy Manager in a separate Docker container.
The proxy manager is accessible from the internal network via the IP address 192.168.20.130.
The Webmin user interface is accessible via the same IP address, but on port 10000.
Now I want to access the Webmin website via the following FQDN: “webmin.intern.harnet.de”.
I’ve configured the following settings in the Nginx Proxy Manager and in the miniserv.conf file:
miniserv.conf:

webprefix=/webmin
referer=webmin.intern.harnet.de
port=10000
root=/usr/share/webmin
mimetypes=/usr/share/webmin/mime.types
addtype_cgi=internal/cgi
realm=Webmin Server
logfile=/var/webmin/miniserv.log
errorlog=/var/webmin/miniserv.error
pidfile=/var/webmin/miniserv.pid
logtime=168
ssl=0
no_ssl2=1
no_ssl3=1
ssl_honorcipherorder=1
no_sslcompression=1
env_WEBMIN_CONFIG=/etc/webmin
env_WEBMIN_VAR=/var/webmin
atboot=1
logout=/etc/webmin/logout-flag
listen=10000
denyfile=\.pl$
log=1
blockhost_failures=5
blockhost_time=60
syslog=1
ipv6=1
session=1
premodules=WebminCore
server=MiniServ/2.620
userfile=/etc/webmin/miniserv.users
keyfile=/etc/webmin/miniserv.pem
logclear=1
ssl_hsts=1
ssl_enforce=2
passwd_file=/etc/shadow
passwd_uindex=0
passwd_pindex=1
passwd_cindex=2
passwd_mindex=4
passwd_mode=0
preroot=authentic-theme
passdelay=1
cipher_list_def=1
failed_script=/etc/webmin/failed.pl
no_trust_ssl=1
logout_script=/etc/webmin/logout.pl
login_script=/etc/webmin/login.pl
sudo=1
error_handler_404=404.cgi
error_handler_401=401.cgi
error_handler_403=403.cgi
websockets_/authentic-theme/ws-555=host=127.0.0.1 port=555 wspath=/ user=root buser=root time=1771232258

Nginx Proxy Manager:

Custom Nginx Configuration

location / {
    proxy_pass http://127.0.0.1:10000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    # Wichtig für Webmin Websockets (Terminal)
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
}

When I try to access the Webmin website via the FQDN, I always get a page with the following error:
“502 Bad Gateway”.
I just can’t get it to work. I would appreciate any help.
Regards, Stefan

Joe · February 16, 2026, 8:16pm

It’s not clear if you’ve followed our documentation for running Webmin behind a proxy. If not, that’s where you should start: FAQs | Webmin

There is a section for nginx (though not “Nginx Proxy Manager”, which I’m not familiar with, but I assume it’s just a UI over nginx).

sharbich · February 16, 2026, 11:22pm

I’ve adjusted everything as described. The error message hasn’t changed at all. I don’t understand it. Is there a way to enable debug logging? I can’t find any clues in the logs either.
config:

root@webmin:/# cat /etc/webmin//config 
referers=webmin.intern.harnet.de
passwd_pindex=1
passwd_uindex=0
passwd_cindex=2
by_view=0
ld_env=LD_LIBRARY_PATH
tempdelete_days=7
passwd_mindex=4
passwd_file=/etc/shadow
find_pid_command=ps auwwwx | grep NAME | grep -v grep | awk '{ print $2 }'
path=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin
os_type=debian-linux
os_version=13
real_os_type=Debian Linux
real_os_version=13
lang=de
log=1
logclear=1
referers_none=1
md5pass=0
theme=authentic-theme
product=webmin
noselfwebminup=1
webprefix=
relative_redir=0
error_stack=0
acceptlang=0
charset=UTF-8
langauto=0
locale=
dateformat=dd/mon/yyyy
os_eol_in=
os_eol_about=0
os_ext_eol=30/Jun/2030
os_eol_db=2.620
os_eol=09/Aug/2028

miniserv.conf

root@webmin:/# cat /etc/webmin/miniserv.conf
redirect_ssl=1
redirect_host=webmin.intern.harnet.de
port=10000
root=/usr/share/webmin
mimetypes=/usr/share/webmin/mime.types
addtype_cgi=internal/cgi
realm=Webmin Server
logfile=/var/webmin/miniserv.log
errorlog=/var/webmin/miniserv.error
pidfile=/var/webmin/miniserv.pid
logtime=168
ssl=1
no_ssl2=1
no_ssl3=1
ssl_honorcipherorder=1
no_sslcompression=1
env_WEBMIN_CONFIG=/etc/webmin
env_WEBMIN_VAR=/var/webmin
atboot=1
logout=/etc/webmin/logout-flag
listen=10000
denyfile=\.pl$
log=1
blockhost_failures=5
blockhost_time=60
syslog=1
ipv6=1
session=1
premodules=WebminCore
server=MiniServ/2.620
userfile=/etc/webmin/miniserv.users
keyfile=/etc/webmin/miniserv.pem
logclear=1
ssl_hsts=1
ssl_enforce=2
passwd_file=/etc/shadow
passwd_uindex=0
passwd_pindex=1
passwd_cindex=2
passwd_mindex=4
passwd_mode=0
preroot=authentic-theme
passdelay=1
cipher_list_def=1
failed_script=/etc/webmin/failed.pl
no_trust_ssl=1
logout_script=/etc/webmin/logout.pl
login_script=/etc/webmin/login.pl
sudo=1
error_handler_404=404.cgi
error_handler_401=401.cgi
error_handler_403=403.cgi
certfile=/etc/webmin/miniserv.cert
websockets_/authentic-theme/ws-557=host=127.0.0.1 port=557 wspath=/ user=root buser=root time=1771269985

Joe · February 16, 2026, 11:25pm

Literally nothing? No request at all? If that’s the case, then the problem is at the proxy, not in Webmin.

ID10T · February 16, 2026, 11:32pm

What do the Nginx logs say?

ID10T · February 16, 2026, 11:50pm

I’m not a fan of containers, but, I’m probably just stupid on how to use them. If the Proxy is in a container then how does the request get back out to Webmin? Isn’t 127.x.x.x going to be used inside the container? It’s going to have to be rerouted back out. Now we have a network issue?

sharbich · February 17, 2026, 10:16am

I found the error. I’m sorry. The problem was with my laptop. I thought I had changed the old DNS settings. That was wrong. The FQDN was still pointing to the old IP address. That meant nothing could reach the Nginx Proxy Manager. I changed the DNS settings and now it works. One more thing: Since I’m working with self-signed certificates and using both the FQDN and the IP address in the certificates, it’s absolutely essential to enter “proxy_pass” the container’s IP address in the Nginx Proxy Manager’s “Custom Nginx Configuration,” not the loopback address.

# Disable proxying for all /.well-known requests. It will 
# only be useful, if a domain has "root" defined
location ^~ /.well-known/ {
  try_files $uri /;
}

# Proxying both HTTP and websockets
location / {
  proxy_pass https://192.168.20.130:10000/;
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection Upgrade;
  proxy_set_header Host $host;

  # Disable buffering to make progressive
  # output work as expected
  proxy_buffering off;
  proxy_request_buffering off;

  # Enable large file uploads
  client_max_body_size 64g;
}

system · February 25, 2026, 10:17am

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.