First i have a webserver hosting 5 websites using nginx.
I am trying to configure nginx loadbalancer for multiple websites with 2 servers.
Like my both servers are hosting the same 2 websites.
I created a loadbalancer.conf file. Nginx loadbalancer redirects to example3.com but in my config i have example and example2.com ( When i type ip-adressofserver:443 in my browser it also goes example3.com)
How can i solve this
Thank you guys for your answers
upstream backend1 {
server 10.72.11.21:443;
server 10.72.111.20:443;
}
upstream backend2 {
server 10.72.11.21:443;
server 10.72.111.20:443;
}
server {
listen 80;
server_name example.com.tr www.example.com.tr;
return 301 https://example.com;
location / {
proxy_pass https://backend1;
}
}
server {
listen 443 ssl;
server_name www.example.com.tr example.com.tr;
ssl_certificate /etc/nginx/ssl/examplecomtr.crt;
ssl_certificate_key /etc/nginx/ssl/examplecomtr.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass https://backend1;
}
}
server {
listen 80;
server_name example2.com www.example2.com.;
return 301 https://wwww.example.com;
location / {
proxy_pass https://backend2;
}
}
server {
listen 443 ssl;
server_name example2.com www.example2.com;
ssl_certificate /etc/nginx/ssl/starexample2.crt;
ssl_certificate_key /etc/nginx/ssl/example2.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass https://backend2;
}
}
Related
I have my below nginx config, I'm trying to redirect everything to https://www regardless of what comes in for example http://example.com, http://www.example.com or https://example.com.
I've looked at numerous topics on SO and tried a couple of things but still stumped, I can't ever get https://example.com to redirect to the https://www pattern!?
server {
listen 80;
listen 443 ssl;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_timeout 30m;
ssl_session_cache shared:SSL:10m;
ssl_buffer_size 8k;
add_header Strict-Transport-Security max-age=31536000;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
Make one server block a default server and give the other server block the one true server_name.
server {
listen 80 default_server;
listen 443 ssl default_server;
ssl_certificate ...;
ssl_certificate_key ...;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate ...;
ssl_certificate_key ...;
...
}
The default server for https requires a valid certificate. Assuming you have a wildcard certificate - most of the ssl_ statements could be moved into the outer block and be inherited by both server blocks. For example:
ssl_certificate ...;
ssl_certificate_key ...;
ssl_...;
server {
listen 80 default_server;
listen 443 ssl default_server;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
...
}
See this document for more.
I have a domain name called example.com now I have server running in VPS and example.com working fine. Now I want to redirect www.example.com to https://example.com
Working:
When user lands http://example.com -> nginx -> https://example.com now I want
I want:http://www.example.com -> https://example.com or http://example.com
Here is my existing domain configurations
nginx config
upstream backend {
server localhost:3000;
server localhost:3001;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate cert.cert;
ssl_certificate_key privatekey.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://backend;
}
}
server {
listen 80;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 80;
return 301 https://$host$request_uri;
}
My nginx revers proxy server is like below. It shows the login page but i cannot login to it.
server {
listen 80;
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
location / {
proxy_pass "http://202.124.190.115:8080/derananews/";
}
}
I deployed a website on digitalocean with nginx as a proxypass. The Site works but sometimes I have to refresh to reach the site. I am afraid that my nginx or my dns configuration is wrong, since I'm doing this the first time.
Here is my nginx config: (the server should run only on https)
server {
listen 80;
server_name <site_name>.com;
return 301 https://www.<site_name>.com$request_uri;
}
server {
listen 80;
server_name www.<site_name>.com;
return 301 https://www.<site_name>.com$request_uri;
}
server {
listen 443 ssl;
server_name <site_name>.com;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/certs/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/certs/private.key;
return 301 $scheme://www.<site_name>.com$request_uri;
}
server {
listen 443;
server_name www.<site_name>f.com;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
ssl on;
ssl_certificate /etc/nginx/ssl/certs/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/certs/private.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass http://localhost:8000;
}
}
Here are my dns settings:
A Record host:# value: TTL: automatic
A Record host:www value: TTL: 1 min
Any idea what is going wrong?
Thx!
When the site fails to load what is the error message, if any? I doubt this is a DNS issue, since it works sometimes.
How to rewrite the url to use www and https all the time?
// The url can have https but not www
https://example.com
// The url can have www but not https
http://www.example.com
// The url can have neither https, neither www
http://example.com
=> rewrite to https://www.example.com
I already use the following to add https to all requests but what about http? Is there an efficient way of adding it?
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
Thanks
Create 2 server blocks to handle the exceptions and 1 server block for the usual stuff.
server {
listen 80;
server_name www.domain.com
domain.com;
return 301 https://www.domain.com$request_uri;
}
server {
listen 443 ssl;
server_name domain.com;
return 301 https://www.domain.com$request_uri;
}
server {
listen 443 ssl;
server_name www.domain.com;
#
# The usual stuff..
#
}
TanHongTat answers is good but you have to take into account the default server behavior of nginx. If no server block matches, it will take the first one even though you defined server_name.
Also, do not forget to add the ssl certificate and key even for the block with only a return.
I ended up doing the following:
# Default server for http
server {
listen 80;
listen [::]:80;
return 301 https://www.domain.com$request_uri;
}
# Default server for https
server {
listen 443;
return 301 https://www.domain.com$request_uri;
ssl on;
ssl_certificate /..../ssl_certificate.crt;
ssl_certificate_key /..../ssl_certificate.key;
# Disable SSLv3 vulnerability
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
server {
listen 443;
server_name www.domain.com;
ssl on;
ssl_certificate /..../ssl_certificate.crt;
ssl_certificate_key /..../ssl_certificate.key;
# Disable SSLv3 vulnerability
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#
# The usual stuff..
#
}