Suricata with NginX in Proxy Mode

I’m trying to do the following, and not sure if i’m trying to do the impossible or doing something wrong.

I have nginx listening on port 80, proxying the requests to http://remoteserver/
On the same nginx box, I have suricata with $HOME_NET=“myip, localhost” where myip is the IP of eth0.
$EXTERNAL_NET is set to !$HOME_NET

My problem is Suricata seems to have no visibility of traffic for some reason and the rules never trigger.

If I disable proxying on NginX and just host a little PHP page locally and try some attacks in emerging rules - Suricata works 100% and logs the alerts.

But as soon as NginX is set to act as a proxy to an upstream webserver, Suricata cannot see anything nginx is doing anymore. But it should, since its still getting an HTTP POST/GET its just that NginX is forwarding it after that?

Think i may know the issue: If create my own HTTP POST rules they work, so i’m going to check and make sure that the Emerging web rules actually have HTTP POST entries not just HTTP GET request checks.

It also depends on how you run suricata in that case, can you give us more details like how you run it (command line) and the configuration?