My new website's address is foo.pro, when I go my old website bar.pro, it shows the content of the new foo.pro as expected but the URL remains bar.pro.
How to replace bar.pro by foo.pro in my Nginx configuration below ?
upstream foo_upstream {
server 127.0.0.1:3003;
keepalive 64;
}
server {
server_name www.foo.pro;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://foo_upstream;
proxy_redirect off;
proxy_read_timeout 240s;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.foo.pro/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.foo.pro/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.foo.pro) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name www.foo.pro;
return 404; # managed by Certbot
}
server {
listen 80;
server_name foo.pro;
return 301 https://www.foo.pro;
}
=== EDIT ===
I tried to add this directive in my conf:
server {
listen 80;
server_name bar.pro;
return 301 https://foo.pro;
}
But it's still not renaming the URL to foo.pro.
Related
I have a problem with adding some new routes to the current proxy which I have on the server .
The current file is located on :
/etc/nginx/sites-enabled/proxy_nginx
with this content :
# proxy cache
proxy_cache_path /tmp/cache keys_zone=cache:10m levels=1:2 inactive=600s max_size=100m;
# redirect all HTTP to HTTPS
server {
listen 80 default_server;
return 301 https://$host$request_uri;
}
server {
return 301 https://$host$request_uri;
server_name www.api.mysite.org; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/api.mysite.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/api.mysite.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.api.mysite.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
server_name www.api.mysite.org;
return 404; # managed by Certbot
}
Now I need to add these lines into it but I'm confused where to put them :
server {
listen 80 default backlog=16384;
listen [::]:80 default backlog=16384;
location /route1{
proxy_set_header Host decide.externalURL.com;
proxy_set_header X-Real-IP $http_x_forwarded_for;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_pass https://z.externalURL.com/route1;
}
location /route2 {
proxy_set_header Host api.externalURL.com;
proxy_set_header X-Real-IP $http_x_forwarded_for;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_pass https://api.externalURL.com/route2;
}
I know that I shouldn't have a duplicate default-server because I wasn't able to add the above lines into my default nginx.conf file.
So the question is how to mix these lines into the /etc/nginx/sites-enabled/proxy_nginx file.
I configured Nginx as a reverse proxy for a front-end application. The front-end takes an endpoint URL via a .env file. when I change the endpoint's value which is a URL on the .env, Nginx still picks the old value even after restarting Nginx
my Nginx config
upstream App{
ip_hash;
server localhost:3050;
}
server {
server_name app.com www.app.com ;
root /var/www/App;
access_log /var/log/nginx/app-access.log;
error_log /var/log/nginx/app-error.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
location / {
proxy_pass http://App/;
}
location /socket.io/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://App/socket.io/;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/app.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/app.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.app.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = app.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80 ipv6only=on default_server;
server_name app.com www.app.com ;
return 404; # managed by Certbot
}
I have a node server running on port 4000 and postgres running on 5432 on a GCP VM. I want to be able to access the node server at api.mydomain.com and postgres at db.mydomain.com.
I'm able to access the server at the desired subdomain with the SSL cert, but I'm getting a "502 Bad Gateway" for the db endpoint.
To configure the server block for the db, I copied over the one for the server and had certbot generate the necessary ssl certificate.
Here's the config in /etc/nginx/sites-available/default
server {
server_name api.mydomain.com;
location / {
proxy_pass http://localhost:4000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/api.mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/api.mydomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = api.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name api.mydomain.com;
listen 80;
return 404; # managed by Certbot
}
server {
server_name db.mydomain.com;
location / {
proxy_pass http://localhost:5432;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/db.mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/db.mydomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = db.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name db.mydomain.com;
listen 80;
return 404; # managed by Certbot
}
Both resources are available
here's my nginx.conf:
upstream blah_upstream {
server web:7000;
}
server {
listen 80;
server_name blah.com www.blah.com;
# redict to HTTPS for all requests
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name blah_upstream;
server_tokens off;
# generated with help of certbot
ssl_certificate /etc/letsencrypt/live/blah.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/blah.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://blah_upstream;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /static/ {
alias /usr/src/app/public/;
}
}
this works for http://www.blah.com -> https://www.blah.com (it redirects fine).
however http://blah.com -> https://blah_upstream which of course absolutely doesn't work.
what am I doing wrong? I don't understand why it would work for the www version and not the other.
I tried switching the server_name order in
server_name blah.com www.blah.com;
but that didn't work either.
I am using node.js project in a nginx digital ocean server.
I have configured the server with reverse proxy to the node project. All works great. But my socket doesn't work. It seems 80 and 443 problems.
I tried to do this bellow configuration in my server
server {
root /home/sadek/project/node;
index index.html index.htm index.nginx-debian.html;
server_name domain.com www.domain.com;
location / {
proxy_pass http://localhost:8181;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 443 ssl;
server_name domain.com www.domain.com;
return 404; # managed by Certbot
}
But I get this error conflicting server name "domain.com" on 0.0.0.0:443, ignored
Thank you.
Try this:
server {
listen 443 ;
server_name abc.com www.abc.com;
large_client_header_buffers 8 32k;
if ($http_user_agent ~* Googlebot) {
return 403;
}
access_log /var/log/nginx/access.log;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://localhost:8181;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffers 8 32k;
proxy_buffer_size 64k;
}
}