I have two domains, let's say ex.io and example.com. I own both and have access to both servers. Both run NGINX.
Goal: I'd like to have any request from ex.io forward to a specific path under example.com, e.g. http://ex.io passes to https://example.com/foo/bar. This has to be done without a redirect (more in Context)
Context: The goal is to host a shell script at https://example.com/foo/bar so that curl ex.io | sh will run the shell script. I'd like no redirects to happen so no additional flags are needed for curl.
My current .conf setup for both servers follows:
server {
listen 80;
listen [::]:80;
server_name example.com
return 308 https://$host$request_uri;
}
server {
listen 80;
listen [::]:80;
server_name ex.io;
return 308 https://example.com/foo/bar;
}
# ...
This works, but requires the extra flag -L to run properly under curl. How can I proxy ex.io to go directly to https://example.io/foo/bar?
EDIT: I'm forwarding http://ex.io/ to https://example.com/foo/bar which may be tricky going from http to https. Bananenkönig's response fails with a 502 Bad Gateway error and the following logs:
2020/10/26 23:28:45 [error] 223#223: *281 SSL_do_handshake() failed (SSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:SSL alert number 40) while SSL handshaking to upstream, client: XXX.XXX.XXX.XXX, server: ex.io, request: "GET / HTTP/1.1", upstream: "https://XXX.XXX.XXX.XXX:443/foo/bar/", host: "ex.io"
2020/10/26 23:28:45 [warn] 223#223: *281 upstream server temporarily disabled while SSL handshaking to upstream, client: XXX.XXX.XXX.XXX, server: ex.io, request: "GET / HTTP/1.1", upstream: "https://XXX.XXX.XXX.XXX:443/foo/bar/", host: "ex.io"
I would try it like this:
server {
listen 80;
listen [::]:80;
server_name ex.io;
location /some/location/on/ex.io/ {
proxy_pass https://example.com/some/location/on/example.com/;
}
}
when you want ex.io/ (on location /) to be forwarded to example.com/... write "location / { "
Related
I can set up nginx as a reverse proxy with no major issues, but if I do a simple static page test like this, the server doesn't serve pages:
server {
server_name localhost;
listen 12345;
location / {
root /Volumes/E/static/;
index index.html index.htm;
}
}
error.log says:
2023/02/09 22:39:10 [crit] 53512#0: *18710 open() "/Volumes/E/static/index.html" failed (1: Operation not permitted), client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost:12345"
...and I get a "500 Internal Server Error" in the browser when entering http://localhost:12345/.
I've tried chmod -R 755 /Volumes/E/static, no effect.
Why is that?
I have the following nginx configuration which returns 502
server {
listen 2052;
listen 2082;
server_name good.abc.com;
location / {
proxy_pass http://goodServer:$server_port;
}
}
Testing:
proxy_pass http://goodServer:2052; When the fixed port is 2052
curl good.abc.com:2052 It can be accessed normally.
Question:
The port I want to forward user requests to
For example.
curl good.abc.com:2052 ---> goodServer:2052
curl good.abc.com:2082 ---> goodServer:2082
So the port must be a variable, just like $server_port
Log:
2021/04/04 14:10:11 [error] 24#24: *19 good could not be resolved (3: Host not found), client: 162.158.91.119, server: good.abc.com, request: "GET / HTTP/1.1", host: "good.abc.com:2052"
I'm serving my app with uWSGI using uwsgi --http-socket 127.0.0.1:3031 -w app:app, which works when I go to 127.0.0.1:3031 in a browser. I want to use Nginx, so I told it to uwsgi_pass to that url, but now I get a 502 Bad Gateway error. How do I put uWSGI behind Nginx?
server {
listen 8080;
server_name 127.0.0.1;
location / {
uwsgi_pass 127.0.0.1:3031;
include uwsgi_params;
}
location /static {
alias /static/folder/location;
}
}
2016/05/16 19:50:09 [error] 6810#0: *4 upstream prematurely closed
connection while reading response header from upstream, client:
127.0.0.1, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream:
"uwsgi://127.0.0.1:3031", host: "127.0.0.1:8080"
You can use http-socket between nginx and uWSGI.
For example, if you launch your python app with uWSGI:
uwsgi --http-socket 127.0.0.1:3031 --wsgi-file application.py --callable app --processes 4 --threads 2 --stats 127.0.0.1:9191
Configure Nginx with:
location / {
proxy_pass http://127.0.0.1:3031/;
}
Use socket, not http-socket.
uwsgi --socket 127.0.0.1:3031 -w app:app
http-socket makes uWSGI act like a web server that speaks HTTP, and is not correct if you're using Nginx, since it understands uWSGI directly.
I was looking through my nginx error log and found strange records
2014/10/01 13:41:20 [error] 9825#0: *1628 "/home/mysite/public_html/phone/99476982139/index.html" is not found (2: No such file or directory), client: 37.187.107.37, server: mysite.com, request: "GET /phone/99476982139/ HTTP/1.1", host: "blabla.co.uk"
2014/10/01 13:41:22 [error] 9825#0: *1629 "/home/mysite/public_html/phone/99476982139/index.html" is not found (2: No such file or directory), client: 180.76.5.145, server: mysite.com, request: "GET /phone/99476982139/ HTTP/1.1", host: "blabla.com.ar"
But what happened next was astonishing - I visited those strange domains - blabla.co.uk and blabla.com.ar, and they have THE SAME CONTENT AS MY mysite.com!!! If I change my index.html file, content is changed on those domains which I see for the fist time in my life!
My nginx config for this site is quite simple
server{
listen 80;
server_name www.mysite.com mysite.com;
root /home/mysite/public_html;
}
How can that happen?
How can I protect my server from requests to random domains?
I guess the domains just point to the IP of your server.
In order to protect yourself from this kind of thing, simply add a default server block in your config. All requests not explicitly pointed at your domain are sent to the default server and will eventually drop.. Here's a quick example:
server {
listen 80;
server_name www.mysite.com mysite.com;
root /home/mysite/public_html;
}
server {
listen 80 default_server;
root /var/www/dead;
}
'dead' is some empty folder.. you might also wanna try adding a deny all; to the default server block.
So. I am using Nginx as a load balancer to load traffic between couple of instances.
Let's say my Nginx loadbalancer is at platform.staging.com (example).
I am trying to redirect traffic from
platform.staging.com/sync
To one of these:
sync1.staging.com:12345
sync2.staging.com:12345
Notice that what I am trying to achieve is to have /sync part stripped down and requests to sync instances should have path /.
This is what I tried but it doesn't work:
upstream sync-cluster {
ip_hash;
server sync1.staging.com:12345;
server sync2.staging.com:12345;
}
server {
listen 443 ssl spdy;
server_name platform.staging.com;
location /sync {
proxy_pass http://sync-cluster;
}
}
In the logs I can see:
2014/01/14 23:20:38 [error] 2385#0: *1 connect() failed (111: Connection refused) while connecting to upstream, client: XX.XXX.XX.XXX, server: platform.staging.com, request: "GET /sync HTTP/1.1", upstream: "http://X.X.X.XXX:12345/sync", host: "platform.staging.com"
Try adding a rewrite before doing the proxy pass, I'll assume you are going to preserve what's after /sync, hope this works for you
location ^~ /sync(.*) {
rewrite ^ $1;
proxy_pass ...;
}