I have a domain example.com which is registered and working.
I am now trying redirect all requests to example.com and www.example.com to a specific port.
the default config in sites-enabled looks like this:
server{
listen 80;
listen [::]:80;
server_name example.com www.example.com;
location / {
return 301 https://example.com:8081/;
}
}
the above config does not work (when accessing example.com in the browser, i get infinite loading)
While when using this config, example.com/test works.
server{
listen 80;
listen [::]:80;
server_name example.com www.example.com;
location /test {
return 301 https://example.com:8081/;
}
}
nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/sites-enabled/*;
}
Related
i got "return" directive is not allowed here in error on nginx -t
here is my nginx.conf
user nginx;
worker_processes auto;
worker_rlimit_nofile 100000;
events {
use epoll;
worker_connections 1024;
multi_accept on;
}
http {
access_log off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 30;
keepalive_requests 100000;
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate ssl/example.pem;
ssl_certificate_key ssl/example.key;
ssl_conf_command Options KTLS;
ssl_protocols TLSv1.2 TLSv1.3;
location / {
root /usr/local/etc/nginx/html;
index index.html index.htm;
charset utf-8;
}
}
}
nginx -t command gives me
"return" directive is not allowed here in /usr/local/etc/nginx/nginx.conf:22
i tried remove conf file and created again, no luck
additional note: if i remove part of config
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}
it works
UPDATE :
if you compile nginx from source, if u do not add rewrite module it happens because return directive part of rewrite module
Could you please advice what is wrong with my Nginx configuration?
When I try "curl localhost:80" the response is the start nginx page, so it doesn't proxy traffic. I have checked the nginx documentation but I have no idea about this behavior. Have anybody an idea?
Here are the configuration files:
sites-enabled/default.conf
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
set $ups tst;
proxy_pass http://$ups:8080/;
proxy_set_header Host $http_host;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
}
nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
daemon off;
events {
worker_connections 768;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
include conf/upstream.conf;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
conf/upstream.conf
upstream tst {
server xxx.xxx.xxx.xxx;
server xxx.xxx.xxx.xxx;
}
Thanks in advance!
My simple nginx.conf:
http {
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
server_tokens on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /_nginx_logs/access.log;
error_log /_nginx_logs/error.log;
gzip on;
server {
server_name www.example.pro;
listen 80;
listen 443 ssl;
return 301 https://example.pro$request_uri;
ssl_certificate "/etc/letsencrypt/live/www.example.pro/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/www.example.pro/privkey.pem";
}
server {
server_name example.pro
listen 80;
listen 443 ssl;
ssl_certificate "/etc/letsencrypt/live/example.pro/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/example.pro/privkey.pem";
location / {
proxy_pass http://localhost:3000;
}
location /api {
proxy_pass http://localhost:7500;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
server_name _;
listen 80 default_server;
location / {
root /projects/site-stub;
}
}
}
When I open my site as https://example.pro everything is ok.
When I open my site as http://example.pro, nginx answers from server block with server_name _.
Why? IP and port are the same, server_name value has exact word for Host header, but server_name example.pro not works for http://.
But it works good for https://!
I have this nginx config:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
server {
listen 443 default_server ssl;
ssl_certificate /etc/nginx/certs/fullchain.pem;
ssl_certificate_key /etc/nginx/certs/privkey.pem;
location /private/ {
#root /usr/share/nginx/html;
#index index.html;
proxy_pass http://localhost:5001/;
}
location / {
proxy_pass http://localhost:5000/;
}
}
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets on;
ssl_session_timeout 28h;
ssl_early_data on;
ssl_buffer_size 16k;
http2_chunk_size 8k;
Also I have same python servers on my localhost :
tcp 0 0 127.0.0.1:5000 0.0.0.0:* LISTEN 549524/python3
tcp 0 0 127.0.0.1:5001 0.0.0.0:* LISTEN 549204/python3
The problem is that
proxy_pass in location / always works, and if I turn off python server on 5000 port, nginx will raise me 504 bad gateway. proxy_pass in the location /private/ doesn't work, and nginx server always raise me 404 not found.
If i turn off my server on 5001 nothing will change. But if i change this area this way:
location /private/ {
root /usr/share/nginx/html;
index index.html;
#proxy_pass http://localhost:5001/;
}
Everything will work and nginx return me index.html.
Why doesn't work proxy_pass in this location area?
I'm trying to set up nginx as reverse proxy to an application.
When I set up the same request over http it works fine
I think I've done everything and I still have the 400 error. Any help will be really nice.
My nginx configuration file :
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
large_client_header_buffers 4 16k;
client_max_body_size 10M;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
My site configuration :
server {
listen 80;
server_name example.com;
location /eai {
proxy_pass http://192.168.44.128:8000;
}
}
server {
listen 443 ssl;
ssl_certificate /etc/nginx/certificates/myssl.crt;
ssl_certificate_key /etc/nginx/certificates/myssl.key;
server_name example.com;
location /eai {
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_pass http://192.168.44.128:8000;
}
}
My python code to call the application behind the proxy :
import requests
url = 'https://example.com/eai/request/import'
file_list = [
('file', ('test.csv', open('test.csv', 'rb'), 'text/html')),
]
r = requests.post(url, files=file_list, proxies={"https":"https://192.168.44.241","http":"http://192.168.44.241"}, verify=False)
The info line in the error.log
client sent invalid request while reading client request line, client: 192.168.44.1, server: example.com, request: "CONNECT example.com:443 HTTP/1.0"
Thanks in advance for any help
Regards
Here is your problem:
proxies={"https":"https://192.168.44.241","http":"http://192.168.44.241"}
Your client connection is not actually going through a proxy, so this should not be present at all. You are just making a normal HTTPS request to a normal HTTPS server.