I’m trying to host 2 different websites - one static non-wordpress site, and one wordpress subdomain site - on my own pi server (test sites). Whenever accessing the subdomain site test.mysite.co.uk, it instead loads test.mysite.co.uk:4323 at the unwanted port 4323. The main mysite.co.uk site loads correctly however.
Initially I’ve been running these test sites locally (on different ports - the main site on port 4321 and subdomain on 4323) until I decided to deploy them using real domain names. However, presumably you cannot configure DNS to point to a specific IP and port (presumably a DNS record just points to an IP only), so I changed both the 2 domains’ conf files to listen to port 80 (as apparently you can define the server names to tell nginx which site to load - called virtual hosts?). Note that I have DNS A records for mysite.co.uk and test.mysite.co.uk that both point to the same public IP address of my router.
Nowhere is there a reference to port 4323 anymore, so I am confused as to why the subdomain still insists on forwarding to that port. I’ve been using incognito mode on chrome so there should be no caching issues. My router forwards external port 80 to internal port 80, and I’ve restarted the nginx server multiple times. The default port of my pi itself is no longer 80.
Here’s the /etc/nginx/sites-available/mysite.co.uk.conf file:
server {
listen 80;
listen [::]:80;
root /var/www/mysite.co.uk;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name mysite.co.uk www.mysite.co.uk;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
}
And here’s the /etc/nginx/sites-available/test.mysite.co.uk.conf file:
upstream wp-php-handler {
server unix:/var/run/php/php7.4-fpm.sock;
}
server {
listen 80;
server_name test.mysite.co.uk;
root /var/www/wp.mysite.co.uk;
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass wp-php-handler;
}
}
Both .conf files are also symlinked to their respective sites-enabled folders.
Not sure if this means anything but loading local_ip:80 (or without :80 as presumably it assumes :80) in a web browser returns the Apache2 Ubuntu Default Page.
As per this post, I’ve tried adding port_in_redirect off, autoindex on and proxy_redirect http://test.mysite.co.uk:4323/ http://test.mysite.co.uk/ but to no avail.
Does anyone have any ideas of what I’m doing wrong?
UPDATE:
I've managed to create another test non-wordpress site that's exactly the same as the first non-wordpress site but called copy.mysite.co.uk, which seems to work. I'm assuming the problem with the wordpress test site may be to do with its config (although I can't see anything wrong with the code I've listed here)?
Related
I am quite new to nginx and could not figure out how to configure nginx for the following scenario:
I have a domain domain1.com at some web hoster. There, an nginx server is running on a VPS serving for domain1.com -> everything is running as expected.
I have a domain domain2.com at another web hoster. There, I configured domain2.com to be forwarded to the IP of my VPS at the first web hoster. This does not work. Calling domain2.com via browser leads to a 404 error.
My nginx configuration looks like this:
server {
root /var/www/domain2.com/public;
index index.html;
server_name domain2.com www.domain2.com;
location / {
root /var/www/domain2.com/public/html;
try_files $uri $uri/ =404;
}
}
What's missing? I guess that I have to tell nginx somehow how to get the original domain (domain2.com) since (as I assume) it currently uses the IP/domain of the second web hoster to identify the correct config. But I do not know how I can do this.
I’m trying to figure out the best way of securing access to my MariaDB database. I have a root non-wordpress site with 2 wordpress sites as directories (/blog and /shop) - each with separate databases - that use phpMyAdmin as a database viewer (accessible at /phpmyadmin). I want to increase the security so that it can’t be hacked so easily. However, I can’t seem to implement any of the recommended security measures.
Creating a .htaccess and in /usr/share/phpmyadmin and adding the following to whitelist IPs and block all other IPs has no effect:
Order Deny,Allow
Deny from All
Allow from 12.34.56.78
Changing the phpMyAdmin url via the config file (so it’s not accessible at /phpmyadmin) also seems to have no effect.
I’m assuming that it’s because apache is not running (I use Nginx to run my main domain and the 2 wordpress sites). I can’t run apache and Nginx simultaneously (presumably because they’re both fighting for port 80), but what I don’t get is that when Nginx is running and apache is supposedly not running, how is the /phpmyadmin link still accessible?
Here’s my .conf file in /etc/nginx/sites-available (also symlinked to sites-enabled):
upstream wp-php-handler-four {
server unix:/var/run/php/php7.4-fpm.sock;
}
server {
listen 1234 default_server;
listen [::]:1234 default_server;
root /var/www/site;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /blog {
try_files $uri $uri/ /blog/index.php?$args;
}
location /shop {
try_files $uri $uri/ /shop/index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass wp-php-handler-four;
}
}
I followed a tutorial to set this up (maybe I’m misunderstanding how it’s fully set up) but is this not actually using apache to access /phpmyadmin or is it using some web socket? How can I make the above security attempts work?
Note: the /usr/share/phpmyadmin/ dir is symlinked to /var/www/site/
Creating a .htaccess in /usr/share/phpmyadmin and adding the following to whitelist IPs and block all other IPs has no effect:
Order Deny,Allow
Deny from All
Allow from 12.34.56.78
Of course it won't have any effect since this file processed only by apache.
I can’t run apache and Nginx simultaneously (presumably because they’re both fighting for port 80)
In an early days of nginx there was a technique to use nginx for static files and apache to process PHP scripts. Apache was running on some other port (for example, 8080) and listening only on local IP (127.0.0.1). Nginx configuration for that was looking like
upstream apache {
server 127.0.0.1:8080;
}
server {
...
location ~ \.php$ {
proxy_pass http://apache;
}
}
Nowadays it is rarely used since using PHP-FPM is more flexible and gives a less server overhead. However it can be used when you have a complex .htaccess configuration and don't want to rewrite it for nginx/PHP-FPM.
but what I don’t get is that when Nginx is running and apache is supposedly not running, how is the /phpmyadmin link still accessible?
...
Is this not actually using apache to access /phpmyadmin or is it using some web socket?
This configuration uses UNIX socket /var/run/php/php7.4-fpm.sock where PHP-FPM daemon is listening for requests (you can read an introduction to this article to get some additional details).
How can I make the above security attempts work?
One of many possible solutions is
Unlink /usr/share/phpmyadmin/ from /var/www/site/
Use the following location block (put it before the location ~ \.php$ { ... } one:
location ~ ^/phpmyadmin(?<subpath>/.*)? {
allow 12.34.56.78;
# add other IPs here
deny all;
alias /usr/share/phpmyadmin/;
index index.php;
try_files $subpath $subpath/ =404;
location ~ \.php$ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$subpath;
fastcgi_pass wp-php-handler-four;
}
}
To add to the otherwise quite thorough answer:
Since Nginx doesn't use .htaccess files or the same syntax as Apache, you aren't being restricted as Apache would do. You may wish to find some other solution, or you could use what's built in to phpMyAdmin: there is a allow/deny functionality built in that you can learn about in the documentation: https://docs.phpmyadmin.net/en/latest/config.html#cfg_Servers_AllowDeny_order (and https://docs.phpmyadmin.net/en/latest/config.html#cfg_Servers_AllowDeny_rules); this will let you restrict access based on username and IP address.
I have a problem with my Nginx configuration, I'm able to access a domain, but unable to access a "custom" subdomain of a given DNS.
www.myDomain.com => works perfectly
test.myDomain.com => works perfectly
test.myDomain2.com => ERR_CONNECTION_TIMED_OUT
I have an entry in my DNS for all the mentioned address for the same server IP, and when I ping them, they both works well.
www.myDomain2.com is a website an another domain, and I already have some subdomain redirected to other servers.
This is my config right now.
If I replace test.myDomain2.com by www.myDomain.com or test.myDomain2.com it's working (so link beetween sites-enable and available seems to be ok).
server {
listen 80;
listen [::]:80;
root /var/www/myDomain.com/html;
index index.html index.htm index.nginx-debian.html;
server_name test.myDomain2.com;
location / {
try_files $uri $uri/ =404;
}
}
No SSL involved, it's the next step !
Pretty sure I'm missing something here, but I'm unable to find the solution... A little help will be really appreciated !
édit: more information, maybe not Nginx but DNS related, but since the pings are working I'm lost..
I have setup a Virtual Box guest machine running Ubuntu Server 18.0.4. I am trying to setup a test environment on my local system for a Wordpress website running on the LEMP stack. Followed some articles on the net and set up php7.2-fpm and nginx server alongwith mysql community edition. The LEMP setup seems to be fine as I have validated it with a test file containing phpinfo function. A dummy static ip address has been configured on the virtual box guest for testing purposes.
There are two server blocks in NGINX - default, which points to phpinfo and knowhow.com which points to the intended Wordpress website. The symbolic link is present in the sites-enabled directory and the knowhow.com file is setup in the sites-available directory. However, when I try to access the Wordpress site with /knowhow.com, I get a 404 Not Found error.
Did some digging around and it appears that some of the re-write rules in the knowhow.com config file might not be correct. I have no clue as to what should be the correct format. I want to access my website. Hence, all requests should ideally go to index.php. The contents of the knowhow.com config file are provided below. Can someone please help?
# Default server configuration
#
server {
listen 80;
listen [::]:80;
root /var/www/knowhow.com/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name knowhow.com www.knowhow.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
}
I have solved the issue! Actually, it was never an issue in the first place. The configuration file is correctly defined. Only, the means of accessing the website was incorrect. I was trying to access the site as static-ip-address/knowhow.com from my local host machine (outside the vm). I should have simply accessed the site as knowhow.com or www.knowhow.com. Using the ip address was incorrect since the server block file (knowhow.com) shall automatically redirect the web request to the appropriate website root path on the target server. I had already updated my /etc/hosts file to point to the static IP address for knowhow.com and www.knowhow.com. Silly me! 😋
Sorry for all the confusion. My setup is working as intended. Cheers! 🙂🎉
I'm having trouble configuring my nginx proxy despite reading a number of guides and trying for three consecutive evenings.
Here is my topology:
(From internet) All traffic from port 80 is redirected to 192.168.1.4, a ubuntu-server virtual running nginx.
I have a NAS which has a subdomain myName.surname.com which connects to the admin page. On that NAS, I have apache webserver running hosting a couple of sites on port 81, 82,
The NAS uses virtualhosts, so domains successfully redirect (without using nginx).
I also have an ASP.NET website running on IIS on another 192.168.1.3:9810.
Now here is my NGINX configuration. I tried configuring it a few times but broke it so I've put it back to its default state:
server {
listen 80 default_server;
root /usr/share/nginx/html;
index index.html index.htm;
server_name localhost;
location / {
proxy_pass http://192.168.1.1; #WORKS OK
}
}
If I go on myName.surname.com or wordpressWebsite.co.uk or myIISSiteDomain.co.uk I am with config above greeted with the correct page at 192.168.1.1:8080 OR 192.168.1.1:81.
It's a start.
First problem is When I navigate to any other page (not home page) like wordpressWebsite.co.uk/blog, it breaks giving 404. So I have tried to differentiate between URLs? I read that the config should be something like:
server {
listen 80;
server_name wordpressWebsite.co.uk;
location / {
proxy_pass http://192.168.1.1:81;
}
}
server {
listen 80;
server_name myName.surname.com;
location / {
proxy_pass http://192.168.1.1;
}
}
server {
listen 80 myIISSiteDomain.co.uk
location / {
proxy_pass http://192.168.1.3:9810;
}
}
But this is not quite right.
1) wordpressWebsite.co.uk loads up the page, but as soon as I go to any other link like wordpressWebsite.co.uk/blog it breaks, giving me my NAS error message like its trying to access 192.168.1.1/blog rather than the virtualhost ~/blog. It actually changes my URL in navbar to 192.168.1.1 so why is it behaving like this?
2) if I'm using virtual host, I don't think I should need to pass in the port via nginx for 192.168.1.1:81 (wordpressWebsite.co.uk). Surely I just need to point it to 192.168.1.1, and then virtualhost should detect that the url maps to 81? I'm not sure how to to do this as I don't fully understand what actually gets passed from nginx to the server?
You can add try_files $uri $uri/ /index.php?$args;
See this https://www.geekytuts.net/linux/ultimate-nginx-configuration-for-wordpress/