I have a question, is it possible to specify a URI in the Nginx proxy_pass directive?
I currently host two websites on my windows server on a lan network that are set up and accessible via nginx. But I have one problem. One of these sites, which is hosted at my home, needs to specify a uri, because it is not possible to reach it via the normal ip address that I have set in nginx.
To be specific, a subdomain "emfavm.emfasandbox.tk" is reverse proxyed to lan ip "192.168.1.106" by using proxy_pass. I can get to this page using this ip address, but I need to specify the uri, something like this: "https://192.168.1.106/some/uri". I host these pages on another virtual server. When I put this uri as above in proxy_pass in nginx.conf, and I connect to the domain "emfavm.emfasandbox.tk", it gives me an error "bad request, your browser sent a request that this server could not understand"
Here is my nginx.conf:
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
server_names_hash_bucket_size 64;
include mime.types;
default_type application/octet-stream;
#=============== HERE IS THE CONF WITH THE HOSTED WEBISTES ======================
include C:/Users/Administrator/Desktop/nginx/conf/sites-enabled/*.conf;
#================================================================================
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
And this is the conf with the website in C:/nginx/sites-enabled/emfavm.conf
server {
listen 80;
server_name emfavm.emfasandbox.tk;
location / {
proxy_pass https://192.168.1.106/#/?username=www.emfasandbox.tk&password=emfasandbox/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Thanks for any help :)
Maybe you can try to change https to http in C:/nginx/sites-enabled/emfavm.conf
Related
I've just installed nginx on my Netgear R7000 with DD-WRT firmware, but I'm unable to set it up to use it as a reverse proxy for my different webservers (running on a public ip).
This is the setup:
user nobody;
worker_processes 1;
#error_log /opt/var/log/nginx/error.log;
#error_log /opt/var/log/nginx/error.log notice;
#error_log /opt/var/log/nginx/error.log info;
pid /opt/var/run/nginx.pid;
events {
worker_connections 64;
}
http {
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 64;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log /opt/var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /opt/var/log/nginx/host.access.log;
location / {
root /opt/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
server {
listen 80;
#listen somename:8080;
server_name xxx.xxxx.it;
location / {
proxy_pass http://192.168.x.xxx:5000;
}
}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
The error is
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
What is wrong?
Thank you in advance
Port 80 is the default HTTP port and it is most likely being used by the DD-WRT admin interface. You will need to bind your reverse proxy to a different port or change the port DD-WRT's HTTP server listens on.
I am using nginx-1.10.3 as a load balancer. In my architecture, I have two servers-
Hostname - sal15062hkb152, IP Address - 172.15.54.116
Hostname - sal15062hkb184, IP Address - 172.15.54.105
I want both should work in active-passive mode with nginx. My application is running on both servers and client can access my application using URL -
https://sal15062hkb152/views or https://sal15062hkb184/views
My nginx.conf is -
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name sal15062hkb152;
#http://sal15062hkb152/oneview/;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
server {
listen 443 ssl;
server_name sal15062hkb152;
#ssl_certificate cert.pem;
#ssl_certificate_key cert.key;
ssl_certificate iperspective.crt;
ssl_certificate_key iperspective.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root http://oneview;
index index.html index.htm;
}
}
}
I am trying to access https://sal15062hkb152/views but I am getting "404 Not Found" in browser. I believe, my nginx.conf file configuration is not correct. Please let me know proper configuration for my nginx.conf file. Thanks
Add a default virtual server for 80 and 443 otherwise specific configurations wont work.
server {
listen 80;
server_name _; # for every server without specific configuration
return 404; # doesnt matter
}
server {
listen 443;
server_name _; # for every server without configuration
return 404; # doesnt matter
}
Edit: By the way when you got the stuff working, I highly recommend you to have a look at this documentation about secure ssl configuration.
They are based on this article.
I am going crazy because I got the same error over and over again have been looking around the internet but havent found nothing .
So please someone help me with this error I wanne add this https://rarut.wordpress.com/2012/06/25/hls-support-in-nginx-rtmp-16-2/#comment-321
into my nginx.conf .
But I have the sam error saying ""location" directive is not allowed" when I start the nginx server in putty .
This is my nxgin.conf
rtmp {
server {
listen 1935;
chunk_size 4096;
location /live {
alias /home/auro/hls-media;
}
application live {
live on;
hls on;
hls_path /tmp/app;
#hls_sync 100ms;
hls_fragment 5s;
}
}
}
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 90;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
As u can see the location is add into the server block that is what other users have been posted here in the past
Thanks for the help :)
This is my first time using Arch based Linux environment (Manjaro Linux), and also Nginx.
I installed Nginx, opened http://localhost and it showed the standard Welcome to Nginx page.
Then I created 2 folders:
/etc/nginx/sites-available
etc/nginx/sites-enabled
In sites-available, I created a conf file named iima, with following data:
server {
listen 80;
server_name iima.merged.localhost;
passenger_enabled on;
location / {
root /home/path/redacted/public;
}
}
and then created a symbolic link:
sudo ln -s /etc/nginx/sites-available/iima /etc/nginx/sites-enabled/iima
Then in the /opt/nginx/conf/nginx.conf, I added:
include /etc/nginx/sites-enabled/*;
In the /etc/hosts, I added the following line at the end of the file:
127.0.0.1 iima.merged.localhost iima.merged.localhost
# I also tried below line while removing above line
127.0.0.1 iima.merged.localhost
Restarted the nginx server using sudo systemctl restart nginx (also tried with reload), but typing iima.merged.localhost always points to localhost page.
Am I missing anything? There are no error(s).log created in /var/log/nginx.
EDIT:
Content of /opt/nginx/conf/nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
passenger_root /home/harsh/.rbenv/versions/1.8.7-p375/lib/ruby/gems/1.8/gems/passenger-4.0.45;
passenger_ruby /home/harsh/.rbenv/versions/1.8.7-p375/bin/ruby;
include mime.types;
include /etc/nginx/sites-enabled/*;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
# server_name_in_redirect off;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
I have an application which will be served using GET & POST method's. For better security, I have configured Nginx to serve the pages using only POST requests. Below is the config I have used in Nginx.
Config in Nginx:
if ($request_method !~ ^(POST)$ ){
return 404; }
This is working perfectly.
Now, I wanted to change above configuration in Nginx to serve certain pages with both GET & POST requests. But, I am unable to do it.
I have used lot of combinations, but no luck.
Can some one please help me in configuring nginx for the same.
Below is my Nginx configuration file.
Note: I am using Nginx (at front end) as a webserver and apache (at back end) for serving application. I have configured nginx to redirect the web pages requested to apache successfully.
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 8081;
server_name localhost;
#charset koi8-r;
access_log /logs/host.access.log;
location /WebGoat {
#root html;
#index index.html index.htm;
proxy_pass http://localhost:8080/WebGoat/;
}
location /application { ##sample project
#root html;
#index index.html index.htm;
if ($request_method !~ ^(POST)$){
return 404;
}
proxy_pass http://localhost:8080/application/;
}
location ~ ^register\.html {##register.html page should be served with GET & POST requests
if ($request_method !~ ^(GET|POST)$){
return 500;
}
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443;
# server_name localhost;
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_timeout 5m;
# ssl_protocols SSLv2 SSLv3 TLSv1;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
Thanks in Advance,
Sandeep
I would write something like this:
location /application {
proxy_pass http://<host>;
limit_except POST {
deny all;
}
}
## Below three pages should be served with GET & POST
location ~ ^/application/(RegisterServet|pd|LoginServlet)$ {
proxy_pass http://<host>;
}
Changes:
There is almost no reason to write limit_except GET POST. A don't think that it's important to you to forbid OPTIONS request to these addresses.
Do you really want to allow urls like /APPLICATION/Pd/? I don't think so, and I've changed ~* to ~.
Removed path parts from proxy_pass, so nginx will proxy original path.
Removed named location.
Easy way to allow only required request methods
if ($request_method !~ ^(GET|HEAD)$ ) {
return 444;
}