Develop Reference

Allow access service / proxy_pass only from a certain URL in nginx

I have a website running at https://mywebsite.com. I also install another application (Minio) on the same server running at port 9000.
NOTE: When access Minio via myServerIP:9000, it automatically goes to myServerIP:9000/minio/. If I haven't logged in yet, then I will be redirected to myServerIP:9000/minio/login. If I go to myServerIP:9000/minio/anyRandomPath, I will also be redirected to the login page or another default page (if I have already logged in)
Now I want to access Minio via address https://mywebsite.com/files, so I setup my nginx as below
location /files/ {
proxy_pass http://127.0.0.1:9000/minio/;
proxy_set_header URI_REQUEST_ORIGIN $request_uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Proto $scheme;
}
This doesn't work (it shows a blank page with title "Minio login"). When I check the browser's console, it says there's an error message Uncaught SyntaxError: Unexpected token < with a link to https://mywebsite.com/minio/index_bundle_xxx.js. So I try adding another location block in my nginx.conf:
location /minio/ {
proxy_pass http://127.0.0.1:9000/minio/;
proxy_set_header URI_REQUEST_ORIGIN $request_uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Proto $scheme;
After that, it works as expected. But the problem is that now I can access Minio via both /minio and /files
Now how can I block direct access to Minio via https://mywebsite.com/minio?
I tried some workaround like adding below location blocks:
location =/minio/ {
return 404;
}
location =/minio/login/ {
return 404;
}
But this is clearly a bad way and also not efficient, since I can just go to mywebsite.com/minio/typeAnythingHere to be redirected to the login page.

Nginx - How to let proxypass destination know the request is from Nginx?

Below is my Nginx config -
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://destination_server;
}
Is there any way for the destination_server know that the request is coming from the Nginx server?
A possible solution might proxy_set_header Nginx-Name $custom_name. And then on the destination_server, I can check the request header to see if the request is coming from a certain Nginx.
If there a better way for that? Thanks.

Configuring nginx to map pgadmin to a URI

I have an nginx and a pgadmin Docker container connected to each other. Only nginx container is exposed to the outside. How can I map pgadmin to a sub URI?
If the host is example.com, I want the pgadmin to be reachable at example.com/pgadmin/. So far, I have this in my nginx.conf file:
location ^~ /pgadmin/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://pgadmin:80/;
}
A request to example.com/pgadmin/ goes through to pgadmin but when pgadmin redirects to the login page, it redirects to example.com/login?next=%2F, not to example.com/pgadmin/login?next=%2F.
How can I make pgadmin to work at example.com/pgadmin?

I understand that you want to map http://pgadmin:80/ to http://example.com/pgadmin/.
Add the below entry in your hosts file to map pgadmin to example.com
pgadmin example.com
Now to map the :80 to /pgadmin, add the following in your nginx.conf :
location /pgadmin {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://pgadmin:80/;
}

Using nginx as a reverse proxy to IIS server

I have multiple ASP.NET applications running on a single IIS server with different ports for each application.
I have installed nginx on the same server so that my clients can access all my applications only using port 80.
Nginx is running all right on port 80. My individual ASP.NET applications are also up and running.
I made these changes in nginx conf file
location /students/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:84;
}
location /registration/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:82;
}
Then I restarted nginx and typed the url http://127.0.0.1/students/ in my browser. Nginx served a 404 page.
I made no other changes to the conf file.
What I am doing wrong?

I believe that the problem you are having is related to the start of the URL path. Does the URL http://120.0.0.1:84/students/ return the page, or a 404? If you are expecting to go to http://127.0.0.1:80/students/ and see the page at http://127.0.0.1/, you will find that nginx does not transform the path for you with this configuration. Rather, it looks for exactly the same path at the proxied server.
You need to put the / on the end of the URL in the proxy_pass directive:
location /students/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:84/;
}
This is a subtle but important gotcha in nginx configs! If you don't include the backslash, http://127.0.0.1:84 will be treated as a server location. If you do have the backslash, it will be regarded as a URL, and it will replace everything in the proxy URL up to the 'location' part.

If you want to transform IIS 127.0.0.1:84/students to nginx 127.0.0.1/students . try below code..
location /students {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:84/students;
}
location /registration {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:82/registration;
}

Try to use this directive
upstream http://localhost {
server 127.0.0.1:84;
}
and the same block for 2nd

nginx rewrite rule for redirection

I have two apps running on host1:7000 and host2:7000. I am fronting the two hosts by an nginx reverse proxy, where I want mydomain.com/admin to point to host1:7000/portal and mydomain.com/user to host2:7000/portal.
I have written the following config
listen 80;
server_name mydomain.com *.mydomain.com;
location ~ ^/admin/(.*)$ {
proxy_pass $scheme://<IP-ADDRESS>/$1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
I can get to mydomain.com/admin to be redirected to host1:7000/portal but when the app redirects from host1:7000/portal on to host1:7000/login via relative path, in the browser I see mydomain.com/login. What do I need to do to get the second redirect go mydomain/admin/login?

Why do people use regexps for no reason and have all kind of problems with it?…
location /admin/ {
proxy_pass http://host1:7000/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
This will automatically strip /admin/ from proxied request and prepend it in Location header (which is used in redirect).
See proxy_pass and proxy_redirect docs.