I can set up nginx as a reverse proxy with no major issues, but if I do a simple static page test like this, the server doesn't serve pages:
server {
server_name localhost;
listen 12345;
location / {
root /Volumes/E/static/;
index index.html index.htm;
}
}
error.log says:
2023/02/09 22:39:10 [crit] 53512#0: *18710 open() "/Volumes/E/static/index.html" failed (1: Operation not permitted), client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost:12345"
...and I get a "500 Internal Server Error" in the browser when entering http://localhost:12345/.
I've tried chmod -R 755 /Volumes/E/static, no effect.
Why is that?
Related
I have two domains, let's say ex.io and example.com. I own both and have access to both servers. Both run NGINX.
Goal: I'd like to have any request from ex.io forward to a specific path under example.com, e.g. http://ex.io passes to https://example.com/foo/bar. This has to be done without a redirect (more in Context)
Context: The goal is to host a shell script at https://example.com/foo/bar so that curl ex.io | sh will run the shell script. I'd like no redirects to happen so no additional flags are needed for curl.
My current .conf setup for both servers follows:
server {
listen 80;
listen [::]:80;
server_name example.com
return 308 https://$host$request_uri;
}
server {
listen 80;
listen [::]:80;
server_name ex.io;
return 308 https://example.com/foo/bar;
}
# ...
This works, but requires the extra flag -L to run properly under curl. How can I proxy ex.io to go directly to https://example.io/foo/bar?
EDIT: I'm forwarding http://ex.io/ to https://example.com/foo/bar which may be tricky going from http to https. Bananenkönig's response fails with a 502 Bad Gateway error and the following logs:
2020/10/26 23:28:45 [error] 223#223: *281 SSL_do_handshake() failed (SSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:SSL alert number 40) while SSL handshaking to upstream, client: XXX.XXX.XXX.XXX, server: ex.io, request: "GET / HTTP/1.1", upstream: "https://XXX.XXX.XXX.XXX:443/foo/bar/", host: "ex.io"
2020/10/26 23:28:45 [warn] 223#223: *281 upstream server temporarily disabled while SSL handshaking to upstream, client: XXX.XXX.XXX.XXX, server: ex.io, request: "GET / HTTP/1.1", upstream: "https://XXX.XXX.XXX.XXX:443/foo/bar/", host: "ex.io"
I would try it like this:
server {
listen 80;
listen [::]:80;
server_name ex.io;
location /some/location/on/ex.io/ {
proxy_pass https://example.com/some/location/on/example.com/;
}
}
when you want ex.io/ (on location /) to be forwarded to example.com/... write "location / { "
Here is what I need,
when its localhost:80 I need Nginx welcome page to be served, but when its localhost:80/pass, my application(react app) to be served, here is my Nginx.conf looks like,
server {
listen 80;
server_name localhost;
location /pass {
root build;
index index.html index.htm;
proxy_pass http://localhost:3000;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
am I missing something, because it's serving me this
An error occurred.
Sorry, the page you are looking for is currently unavailable.
Please try again later.If you are the system administrator of this resource then you should check the error log for details.Faithfully yours, nginx.
here is my error.log
2020/09/19 21:54:00 [error] 10888#1388: *35 connect() failed (10061: No connection could be made because the target machine actively refused it) while connecting to upstream, client: 127.0.0.1, server: localhost, request: "GET /pass HTTP/1.1", upstream: "http://[::1]:3000/", host: "localhost"
2020/09/19 21:54:39 [error] 10888#1388: *35 connect() failed (10061: No connection could be made because the target machine actively refused it) while connecting to upstream, client: 127.0.0.1, server: localhost, request: "GET /pass HTTP/1.1", upstream: "http://127.0.0.1:3000/", host: "localhost"
what is happening:
Im using following nginx.conf file for load balancing. web application is up and running on nginx 8080 port and able to access the landing page. however, when moving from landing page to "signup" page, it is throwing error.
what is expected:
nginx load balancer should redirect the load to the page as mentioned in the Location directive. but that is not happening.
nginx file :
events {
}
http {
upstream 3.121.253.126 {
server 3.121.253.126:8080;
server 3.121.253.126:8080;
server 3.121.253.126:8080;
}
error_log /etc/nginx/error_log.log warn;
client_max_body_size 20m;
proxy_cache_path /etc/nginx/cache keys_zone=one:500m max_size=1000m;
server {
listen 8080;
server_name 3.121.253.126;
root /etc/nginx/html;
index index.html;
location /signup {
root /etc/nginx/html;
index add-user.html;
# proxy_pass http://localhost:8080/signup;
# proxy_set_header Host $host;
# rewrite ^/welcome(.*)$ $1 break;
}
}
}
here is the error log:
2019/02/21 09:07:42 [error] 6#6: *510 recv() failed (104: Connection
reset by peer) while reading response header from upstream, client:
127.0.0.1, server: 3.121.253.126, request: "GET /signup HTTP/1.0", upstream: "http://127.0.0.1:8080/signup", host: "localhost:8080",
referrer: "http://3.121.253.126:8080/" 2019/02/21 09:07:42 [warn] 6#6:
*510 upstream server temporarily disabled while reading response header from upstream, client: 127.0.0.1, server: 3.121.253.126,
request: "GET /signup HTTP/1.0", upstream:
"http://127.0.0.1:8080/signup", host: "localhost:8080", referrer:
"http://3.121.253.126:8080/" 2019/02/21 09:13:10 [error] 6#6: *1
open() "/etc/nginx/html/signup" failed (2: No such file or directory),
client: 157.33.175.127, server: 3.121.253.126, request: "GET /signup
HTTP/1.1", host: "3.121.253.126:8080", referrer:
"http://3.121.253.126:8080/" 2019/02/21 09:15:57 [error] 6#6: *3
open() "/etc/nginx/html/signup" failed (2: No such file or directory),
client: 157.33.175.127, server: 3.121.253.126, request: "GET /signup
HTTP/1.1", host: "3.121.253.126:8080", referrer:
"http://3.121.253.126:8080/"
as per log, it is expecting signup html file. however, i am instructing it to use the add-user.html file. not sure why this is not happening.
please suggest
You want to point the URI /signup to the file located at /etc/nginx/html/add-user.html
There are a number of ways to achieve that using Nginx, including the rewrite and try_files directives.
For example:
location /signup {
try_files /add-user.html =404;
}
The root directive does not need to be repeated within this location block, as it will inherit the same value from the surrounding block.
The =404 does nothing as add-user.html always exists, but try_files requires two parameters. See this document for details.
The above location will process any request that begins with /signup (e.g. /signup/ or /signups).
To restrict it to the single URI /signup use the = modifier. See this document for details.
For example:
location = /signup {
try_files /add-user.html =404;
}
In an attempt to implement the upload progress module, the following server configuration is resulting in too many open files error
2014/11/19 12:10:34 [alert] 31761#0: *1010 socket() failed (24: Too many open files) while connecting to upstream, client: 127.0.0.1, server: xxx, request: "GET /documents/15/edit HTTP/1.0", upstream: "http://127.0.0.1:80/documents/15/edit", host: "127.0.0.1"
2014/11/19 12:10:34 [crit] 31761#0: *1010 open() "/usr/share/nginx/html/50x.html" failed (24: Too many open files), client: 127.0.0.1, server: xxx, request: "GET /documents/15/edit HTTP/1.0", upstream: "http://127.0.0.1:80/documents/15/edit", host: "127.0.0.1"
The following is the relevant part of the server bloc which is generating the conflict
passenger_enabled on;
rails_env development;
root /home/user/app/current/public;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location / {
# proxy to upstream server
proxy_pass http://127.0.0.1;
proxy_redirect default;
# track uploads in the 'proxied' zone
# remember connections for 30s after they finished
track_uploads proxied 30s;
}
location ^~ /progress {
# report uploads tracked in the 'proxied' zone
report_uploads proxied;
}
Being a relative n00b to nginx, I do not comprehend where this is generating the too many files error. I assumed that the error pages are only for 500-504 server errors...
First check and increase open files limit in the root shell (system-wide, it is 1024 usually):
# ulimit -n
# ulimit -n 16384
Then you can increase nginx's open files limit (main context, top of nginx.conf):
worker_rlimit_nofile 16384
Then restart nginx )
If this not help, check more detail solutions like
Nginx: 24: Too Many Open Files Error And Solution
I was looking through my nginx error log and found strange records
2014/10/01 13:41:20 [error] 9825#0: *1628 "/home/mysite/public_html/phone/99476982139/index.html" is not found (2: No such file or directory), client: 37.187.107.37, server: mysite.com, request: "GET /phone/99476982139/ HTTP/1.1", host: "blabla.co.uk"
2014/10/01 13:41:22 [error] 9825#0: *1629 "/home/mysite/public_html/phone/99476982139/index.html" is not found (2: No such file or directory), client: 180.76.5.145, server: mysite.com, request: "GET /phone/99476982139/ HTTP/1.1", host: "blabla.com.ar"
But what happened next was astonishing - I visited those strange domains - blabla.co.uk and blabla.com.ar, and they have THE SAME CONTENT AS MY mysite.com!!! If I change my index.html file, content is changed on those domains which I see for the fist time in my life!
My nginx config for this site is quite simple
server{
listen 80;
server_name www.mysite.com mysite.com;
root /home/mysite/public_html;
}
How can that happen?
How can I protect my server from requests to random domains?
I guess the domains just point to the IP of your server.
In order to protect yourself from this kind of thing, simply add a default server block in your config. All requests not explicitly pointed at your domain are sent to the default server and will eventually drop.. Here's a quick example:
server {
listen 80;
server_name www.mysite.com mysite.com;
root /home/mysite/public_html;
}
server {
listen 80 default_server;
root /var/www/dead;
}
'dead' is some empty folder.. you might also wanna try adding a deny all; to the default server block.