I accidently deleted my default.conf file. Luckily, I copied and pasted the original text into another file. My problem is, when I try to start NGINX after creating a new default.conf file and pasting in the text using nano editor, I get the following error:
unknown directive " " in /etc/nginx/conf.d/default.conf:3
I suspect the pasted text is injecting some unneeded stuff. If I'm correct, how do I identify that and clear it out?
Here's what I'm adding to the default.conf file:
server {
#listen 80;
server_name xr7tsi.com www.xr7tsi.com;
access_log /home/ubuntu/client/server_logs/host.access.log main;
location / {
root /home/ubuntu/client/build;
index index.html index.htm;
try_files $uri /index.html;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
}
large_client_header_buffers 4 64k;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
server_tokens off;
location ~ /\.ht {
deny all;
}
location /api {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:5000;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xr7tsi.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xr7tsi.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.xr7tsi.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = xr7tsi.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name xr7tsi.com www.xr7tsi.com;
return 404; # managed by Certbot
}
Related
I have an issue with redirecting from www to non-www.
My expected behaviour: all requests on port 80 and 443 should be redirected to non-www.
I also have a subdomain dev.example.com requests on this subdomain should also be redirected to non-www.
All is working fine with my current configuration except one thing:
If I request http://example.com then i'll be redirected to https://dev.example.com and i cannot find the reason for that.
Can anyone tell me what i did wrong?
I have 3 conf files in my nginx sites-enabled directory linked:
first :
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.* dev.*;
return 301 https://$host$request_uri;
}
server {
listen 443 default_server ssl;
listen [::]:443 ssl;
server_name example.com;
root /var/www/my-site/public;
# Path of the SSL certificate
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
# Use the file generated by certbot command.
include /etc/letsencrypt/options-ssl-nginx.conf;
# Define the path of the dhparam.pem file.
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
disable_symlinks off;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php index.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
second:
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name dev.example.com;
root /var/www/my-dev-site/public;
# Path of the SSL certificate
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
# Use the file generated by certbot command.
include /etc/letsencrypt/options-ssl-nginx.conf;
# Define the path of the dhparam.pem file.
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
disable_symlinks off;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php index.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
third(for mailserver):
server {
if ($host = autoconfig.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = autodiscover.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = mail.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name mail.example.com autodiscover.* autoconfig.*;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mail.example.com autodiscover.* autoconfig.*;
# Path of the SSL certificate
ssl_certificate /etc/letsencrypt/live/steamangel.de/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/steamangel.de/privkey.pem; # managed by Certbot
# Use the file generated by certbot command.
include /etc/letsencrypt/options-ssl-nginx.conf;
# Define the path of the dhparam.pem file.
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 75;
proxy_send_timeout 3650;
proxy_read_timeout 3650;
proxy_buffers 64 256k;
client_body_buffer_size 512k;
client_max_body_size 0;
}
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
}
The site just works fine on https but doesn't respond when using http
https://onsitecourse.com -> This works
http://onsitecourse.com -> This does not work
I have tried a lot of way to bifurcate server blocks for both HTTP and HTTPS, but nothing seems to be working.
My current NGINX config is :
server {
listen 80;
listen [::]:80;
server_name onsitecourse.com www.onsitecourse.com;
return 301 https://www.onsitecourse.com$request_uri;
}
server {
server_name onsitecourse.com www.onsitecourse.com;
root /var/www/onsiteacademy/public;
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
fastcgi_read_timeout 240;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/onsitecourse.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/onsitecourse.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.onsitecourse.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = onsitecourse.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
}
Would really appreciate some assistance here from anyone!
I run websocket server on local php artisan websocket:serve.
My nginx server configration is
server {
root /var/www/laravel/public;
index index.html index.htm index.php;
server_name testingdomain.com;
location / {
try_files $uri $uri/ /index.php?$query_string ;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
location ~ /\.ht {
deny all;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/testingdomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/testingdomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = testingdomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name testingdomain.com;
return 404; # managed by Certbot
}
I tried like this.
by adding location /ws {---} but not working.
server {
root /var/www/laravel/public;
index index.html index.htm index.php;
server_name testingdomain.com;
location / {
try_files $uri $uri/ /index.php?$query_string ;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
location ~ /\.ht {
deny all;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/testingdomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/testingdomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location /ws {
proxy_pass http://127.0.0.1:6001;
proxy_set_header Host $host;
proxy_read_timeout 60;
proxy_connect_timeout 60;
proxy_redirect off;
# Allow the use of websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
if ($host = testingdomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name testingdomain.com;
return 404; # managed by Certbot
}
My client side js is
const token = window.localStorage.getItem('access_token');
import Echo from 'laravel-echo';
window.Pusher = require('pusher-js');
window.Echo = new Echo({
broadcaster: 'pusher',
key: process.env.MIX_PUSHER_APP_KEY,
wsHost: window.location.hostname,
wsPort: 6001,
wssPort: 6001,
forceTLS: false,
disableStats: true,
enabledTransports: ['ws','wss'],
auth:{
headers:{
Authorization: `Bearer ${token}`
}
}
});
window.Echo.channel('channelname')
.listen('.channelevent',(e)=>{
console.log(e);
});
But not working
I get an error like this.
WebSocket connection to 'wss://testingdomain.com/app/any_key?
protocol=7&client=js&version=7.0.3&flash=false' failed:
Error during WebSocket handshake: Unexpected response code: 404
My project is all fine on local. But, When I deploying, I am getting websocket connection error. How can I config and fix it?
I think I'm probably having a brainfart but the solution is evading me for now.
On startup, Nginx is returning the following error in journalctl.
"A duplicate default server for 0.0.0.0:80 in /etc/nginx/sites-enabled/default"
I can't see the duplicate for default.
This is my sites-enabled default file can anyone else point me to the cause of the error?
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
}
server {
listen 80;
listen [::]:80;
server_name demo4.review;
root /var/www/static;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
server {
server_name wp.demo4.review;
root /var/www/wp_demo;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/wp.demo4.review/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/wp.demo4.review/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = wp.demo4.review) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name wp.demo4.review;
return 404; # managed by Certbot
}
server {
listen 80;
server_name api.demo4.review;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
if ($host = wp.demo4.review) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name wp.demo4.review;
listen 80;
return 404; # managed by Certbot
}
server {
server_name ukl.demo4.review;
root /var/www/ukl;
## This should be in your http block and if it is, it's not needed here.
index index.php;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ukl.demo4.review/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ukl.demo4.review/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = ukl.demo4.review) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name ukl.demo4.review;
listen 80;
return 404; # managed by Certbot
}
I was having the same error and when I look into the /etc/nginx/sites-enabled folder there is a duplicated file that was created by default removing that file solves the problem:
ubuntu#2172-web-01:~$ sudo nginx -t
nginx: [emerg] a duplicate default server for 0.0.0.0:80 in /etc/nginx/sites-enabled/default-:22
nginx: configuration file /etc/nginx/nginx.conf test failed
ubuntu#2172-web-01:~$ cd /etc/nginx/sites-enabled/
ubuntu#2172-web-01:/etc/nginx/sites-enableds ls
default default~
ubuntu#2172-web-01:/etc/nginx/sites-enabled$ sudo rm default
ubuntu#2172-web-01:/etc/nginx/sites-enabled$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
There was a default.save file in the same directory that Nginx was also reading.
I have my Laravel app configured on Ubuntu 16.04.6 x64 with nginx and I keep getting a 404 page when I try to load the site with the “www” prefix
It all works perfect at https://example.com, but https://www.example.com will cause a 404 error
I have A records setup for both the www.example.com and example.com pointing to the same IP address
Ideally I would like to redirect all https://www.example.com traffic to https://example.com
The nginx conf file is below, would appreciate some help debugging
I’ve tried adding a 301 redirect at the start and end of the file but it doesn’t seem to work
Interestingly I can access static files fine at www, it’s any of the laravel paths that seem to trigger a 404
server {
root /var/www/example.com/web/public;
error_log /var/www/example.com/errors.log;
access_log /var/log/nginx/example.comaccess_log.log;
index index.php index.html;
server_name example.com www.example.com;
client_max_body_size 80m;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
location ~ /\.ht {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://example.com$request_uri;
} # managed by Certbot
if ($host = example.co) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name example.com www.example.com;
listen 80;
return 404; # managed by Certbot
}
server {
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
Something to this effect should do it. If you go to http://www.example.com, you should be redirected to https://www.example.com, which intern redirects to https://example.com.
server {
root /var/www/example.com/web/public;
error_log /var/www/example.com/errors.log;
access_log /var/log/nginx/example.comaccess_log.log;
index index.php index.html;
server_name example.com;
client_max_body_size 80m;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
location ~ /\.ht {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
# Force all HTTP traffic to SSL
listen 80;
return 301 https://$host$request_uri;
}
server {
# Redirect www.example.com to example.com
listen 443 ssl;
# This needs to be the cert for www.example.com or *.example.com
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# Remember, if nginx doesnt find the server_name, it uses the first vhost.
server_name www.example.com;
return 301 https://example.com$request_uri;
}