{"id":1802,"date":"2017-09-12T11:29:39","date_gmt":"2017-09-12T10:29:39","guid":{"rendered":"https:\/\/wordpress.apeconsulting.co.uk\/wordpress\/adrian\/?p=1802"},"modified":"2018-01-15T21:51:29","modified_gmt":"2018-01-15T21:51:29","slug":"ssl-reverse-proxy-jail","status":"publish","type":"post","link":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/","title":{"rendered":"SSL Reverse Proxy Jail"},"content":{"rendered":"

\"Reverse<\/p>\n

I’ve written a few blogs about this subject too (most recently here<\/a>), so after several attempts which worked, but were a little messy, I’ve done a bit more research. \u00a0That’s led me to create a single jail to work as a both a reverse proxy with SSL. \u00a0I’ll be using all the same tools as before, so NGINX<\/a> for the reverse-proxy and Certbot<\/a> to create (and hopefully automatically renew) the LetsEncrypt<\/a> certificates.<\/p>\n

<\/p>\n

Configure the Jail<\/h3>\n

My first job was to create the jail and install all the required components. \u00a0In the past, I’ve taken the easy option and installed everything using the package route, but it was suggested that installing from the ports tree with some specific settings would result in a more secure installation and avoid the\u00a0CVE-2016-2107 vulnerability (which affects the package version because it’s built against the base version of OpenSSL in FreeBSD 10.3). \u00a0So here are the commands:<\/p>\n

# pkg update<\/span>
\n# pkg upgrade<\/span>
\n# pkg install nano (my preferred editor, and no package dependencies)<\/span>
\n# portsnap fetch<\/span>
\n# portsnap extract<\/span>
\n# nano \/etc\/make.conf (add the line: DEFAULT_VERSIONS+=ssl=openssl)<\/span>
\n# cd \/usr\/ports\/security\/openssl\/ && make install clean<\/span>
\n# cd \/usr\/ports\/www\/nginx\/ && make install clean
\n# cd \/usr<\/span>\/ports\/lang\/python<\/span>\/ && make install clean<\/span>
\n# cd \/usr\/ports\/security\/py-certbot\/ && make install clean<\/span>
\n# nano \/etc\/rc.conf (add the line:\u00a0<\/span>nginx_enable=”YES”)<\/span><\/span><\/p>\n

I installed everything with the default options, so after lots of ‘returns’ and a restart of the jail, I checked the NGINX was running before getting into the configuration. \u00a0I also took a snapshot at this point, so if I screw anything up, I can roll-back to a clean jail with everything installed.<\/p>\n

Create the Certificates<\/h3>\n

So first things first – the SSL certificates. \u00a0Before I can run the certbot command though, I need to change the port forwarding on my router to direct traffic on port 80 and 443 to this new jail, which will bring down everything else for a short time. \u00a0Once I’d done that I ran:<\/p>\n

# certbot<\/span> certonly<\/span> —<\/span>webroot<\/span> –<\/span>w<\/span> \/usr\/local<\/span>\/<\/span>www<\/span>\/<\/span> –<\/span>d<\/span> home.domain.<\/span>co.uk<\/span><\/span><\/p>\n

After following the on-screen prompts, this created an error, as I’d forgotten to change the root location in the nginx.conf file. \u00a0I changed this to \/usr\/local\/www and certbot then generated the certificate into the \/usr\/local\/etc\/letsencrypt folder.<\/p>\n

I then reran this for all of the domains I needed certificates for. \u00a0It would have been possible to do this as a single command each with -d prefix.domain.co.uk, but I wanted to see each one created successfully.<\/p>\n

Set-up NGINX<\/h3>\n

My existing reverse proxy jail works fine, so I took the easy option and simply copied across all the nginx configuration files. \u00a0I’ve got this setup using sites-enabled, so each web service that is being proxied has its own service.conf file, rather than trying to combine everything into one. \u00a0This might be a little overkill given I’m managing everything, but it seems to be ‘best practice’ and should keep things simpler once everything is configured. \u00a0This was simply a case of copying over the nginx.conf file and sites-available folder and then create symbolic links to the ‘available’ files in the ‘enabled’ folder I created.<\/p>\n

# cp \/mnt\/pool\/jails\/nginx-proxy\/usr\/local\/etc\/nginx\/files \/mnt\/pool\/jails\/ssl_proxy\/usr\/local\/etc\/nginx\/files<\/span>
\n #\u00a0ln -s .\/sites-available\/*.* .\/sites-enabled<\/span><\/p>\n

I then needed to edit the SSL locations in the service.conf files, and remembered that I also need to recreate the\u00a0Diffie-Hellman (DH) Key, which is pretty straightforward but takes a little time.<\/p>\n

# cd \/usr\/local\/etc\/ssl<\/span>
\n# openssl dhparam -out dhparam.pem 4096<\/span><\/p>\n

Once this was done, I restarted the nginx service and crossed my fingers! \u00a0 After a few minor tweaks to the nginx.conf files where I’d not typed the changes correctly, everything is working as expected. \u00a0Whoo Hoo!!!<\/strong><\/p>\n

Test Renewal<\/h3>\n

As the last test, I thought I’d simulate renewing the certificates, so I know everything should work in 3 months time. \u00a0This is So now at least I have my SSL certificates created inside my reverse proxy jail.<\/p>\n

# certbot<\/span> renew –dry-run<\/span><\/span><\/p>\n

It would have all been a bit too easy if this had worked, but it didn’t take too long to find my problem. \u00a0The service.conf files only had locations from the reverse proxy, and for the certbot renewal to work it needs access to the \/.well-known folder. \u00a0Only adding a location at the bottom of the server block resolved this, and the dry run worked fine.<\/p>\n

# location \/.well-known {
\n<\/span># \u00a0 \u00a0root \/usr\/local\/www;<\/span>
\n# }<\/span><\/p>\n

Hopefully, when I come to renew in 3 months they will all update, and everything will be a lot simpler to manage moving forward. \u00a0Maybe by then, Letencrypt will offer wildcard certificates (e.g. *.domain.co.uk) which will allow me to use just one certificate, rather than the 5 I have now!<\/p>\n

<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
I’ve written a few blogs about this subject too (most recently here), so after several attempts which worked, but were a little messy, I’ve done a bit more research. \u00a0That’s led me to create a single jail to work as a both a reverse proxy with SSL. \u00a0I’ll be using all the same tools as […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[19,2,9],"tags":[21],"class_list":["post-1802","post","type-post","status-publish","format-standard","hentry","category-freenas","category-it","category-server","tag-spellchecked"],"yoast_head":"\nSSL Reverse Proxy Jail - Adrian's Blog<\/title>\n<meta name=\"description\" content=\"A blog on finally getting my SSL certificates under some control with everything in a FreeNAS jail running NGINX reverse proxy and certbot\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SSL Reverse Proxy Jail - Adrian's Blog\" \/>\n<meta property=\"og:description\" content=\"A blog on finally getting my SSL certificates under some control with everything in a FreeNAS jail running NGINX reverse proxy and certbot\" \/>\n<meta property=\"og:url\" content=\"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/\" \/>\n<meta property=\"og:site_name\" content=\"Adrian's Blog\" \/>\n<meta property=\"article:published_time\" content=\"2017-09-12T10:29:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-01-15T21:51:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-content\/uploads\/sites\/2\/2017\/06\/Slide1.png\" \/>\n<meta name=\"author\" content=\"Adrian\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Adrian\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/\"},\"author\":{\"name\":\"Adrian\",\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/#\\\/schema\\\/person\\\/f63f15ff50bb8f956afdd86a816c5d2a\"},\"headline\":\"SSL Reverse Proxy Jail\",\"datePublished\":\"2017-09-12T10:29:39+00:00\",\"dateModified\":\"2018-01-15T21:51:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/\"},\"wordCount\":833,\"commentCount\":7,\"publisher\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/#\\\/schema\\\/person\\\/f63f15ff50bb8f956afdd86a816c5d2a\"},\"image\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2017\\\/06\\\/Slide1.png\",\"keywords\":[\"Checked\"],\"articleSection\":[\"FreeNAS\",\"IT\",\"Server\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/\",\"url\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/\",\"name\":\"SSL Reverse Proxy Jail - Adrian's Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2017\\\/06\\\/Slide1.png\",\"datePublished\":\"2017-09-12T10:29:39+00:00\",\"dateModified\":\"2018-01-15T21:51:29+00:00\",\"description\":\"A blog on finally getting my SSL certificates under some control with everything in a FreeNAS jail running NGINX reverse proxy and certbot\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/#primaryimage\",\"url\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2017\\\/06\\\/Slide1.png\",\"contentUrl\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2017\\\/06\\\/Slide1.png\",\"width\":604,\"height\":354},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/ssl-reverse-proxy-jail\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SSL Reverse Proxy Jail\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/#website\",\"url\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/\",\"name\":\"Adrian's Blog\",\"description\":\"Ramblings of an IT Geek\",\"publisher\":{\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/#\\\/schema\\\/person\\\/f63f15ff50bb8f956afdd86a816c5d2a\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/home.apeconsulting.co.uk\\\/adrian\\\/#\\\/schema\\\/person\\\/f63f15ff50bb8f956afdd86a816c5d2a\",\"name\":\"Adrian\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c2e5d9012573aedee25fd68deb071781d974af50ae74bf73aeb0e70433f7390c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c2e5d9012573aedee25fd68deb071781d974af50ae74bf73aeb0e70433f7390c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c2e5d9012573aedee25fd68deb071781d974af50ae74bf73aeb0e70433f7390c?s=96&d=mm&r=g\",\"caption\":\"Adrian\"},\"logo\":{\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c2e5d9012573aedee25fd68deb071781d974af50ae74bf73aeb0e70433f7390c?s=96&d=mm&r=g\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SSL Reverse Proxy Jail - Adrian's Blog","description":"A blog on finally getting my SSL certificates under some control with everything in a FreeNAS jail running NGINX reverse proxy and certbot","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/","og_locale":"en_GB","og_type":"article","og_title":"SSL Reverse Proxy Jail - Adrian's Blog","og_description":"A blog on finally getting my SSL certificates under some control with everything in a FreeNAS jail running NGINX reverse proxy and certbot","og_url":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/","og_site_name":"Adrian's Blog","article_published_time":"2017-09-12T10:29:39+00:00","article_modified_time":"2018-01-15T21:51:29+00:00","og_image":[{"url":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-content\/uploads\/sites\/2\/2017\/06\/Slide1.png","type":"","width":"","height":""}],"author":"Adrian","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Adrian","Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/#article","isPartOf":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/"},"author":{"name":"Adrian","@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/#\/schema\/person\/f63f15ff50bb8f956afdd86a816c5d2a"},"headline":"SSL Reverse Proxy Jail","datePublished":"2017-09-12T10:29:39+00:00","dateModified":"2018-01-15T21:51:29+00:00","mainEntityOfPage":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/"},"wordCount":833,"commentCount":7,"publisher":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/#\/schema\/person\/f63f15ff50bb8f956afdd86a816c5d2a"},"image":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/#primaryimage"},"thumbnailUrl":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-content\/uploads\/sites\/2\/2017\/06\/Slide1.png","keywords":["Checked"],"articleSection":["FreeNAS","IT","Server"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/","url":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/","name":"SSL Reverse Proxy Jail - Adrian's Blog","isPartOf":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/#website"},"primaryImageOfPage":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/#primaryimage"},"image":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/#primaryimage"},"thumbnailUrl":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-content\/uploads\/sites\/2\/2017\/06\/Slide1.png","datePublished":"2017-09-12T10:29:39+00:00","dateModified":"2018-01-15T21:51:29+00:00","description":"A blog on finally getting my SSL certificates under some control with everything in a FreeNAS jail running NGINX reverse proxy and certbot","breadcrumb":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/#primaryimage","url":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-content\/uploads\/sites\/2\/2017\/06\/Slide1.png","contentUrl":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-content\/uploads\/sites\/2\/2017\/06\/Slide1.png","width":604,"height":354},{"@type":"BreadcrumbList","@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/ssl-reverse-proxy-jail\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/home.apeconsulting.co.uk\/adrian\/"},{"@type":"ListItem","position":2,"name":"SSL Reverse Proxy Jail"}]},{"@type":"WebSite","@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/#website","url":"https:\/\/home.apeconsulting.co.uk\/adrian\/","name":"Adrian's Blog","description":"Ramblings of an IT Geek","publisher":{"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/#\/schema\/person\/f63f15ff50bb8f956afdd86a816c5d2a"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/home.apeconsulting.co.uk\/adrian\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":["Person","Organization"],"@id":"https:\/\/home.apeconsulting.co.uk\/adrian\/#\/schema\/person\/f63f15ff50bb8f956afdd86a816c5d2a","name":"Adrian","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/c2e5d9012573aedee25fd68deb071781d974af50ae74bf73aeb0e70433f7390c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/c2e5d9012573aedee25fd68deb071781d974af50ae74bf73aeb0e70433f7390c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c2e5d9012573aedee25fd68deb071781d974af50ae74bf73aeb0e70433f7390c?s=96&d=mm&r=g","caption":"Adrian"},"logo":{"@id":"https:\/\/secure.gravatar.com\/avatar\/c2e5d9012573aedee25fd68deb071781d974af50ae74bf73aeb0e70433f7390c?s=96&d=mm&r=g"}}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p90DI4-t4","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/posts\/1802","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/comments?post=1802"}],"version-history":[{"count":9,"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/posts\/1802\/revisions"}],"predecessor-version":[{"id":22648,"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/posts\/1802\/revisions\/22648"}],"wp:attachment":[{"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/media?parent=1802"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/categories?post=1802"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/home.apeconsulting.co.uk\/adrian\/wp-json\/wp\/v2\/tags?post=1802"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}