Permanent redirect while reverse proxying with nginx - nginx

I have setup an nginx reverse proxy server which proxy blog.xxx.com to xxx.com/blog. Here is my config file.
server {
listen 80;
root /var/www/html;
server_name xxx.com www.xxx.com;
location /.well-known/acme-challenge {
root /tmp/letsencrypt/www;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443;
server_name xxx.com;
root /var/www/html;
include /etc/nginx/snippet/ssl.conf;
location /blog/ {
proxy_pass https://blog.xxx.com;
proxy_set_header Host blog.xxx.com;
rewrite /blog/(.*) /$1 break;
proxy_redirect off;
expires -1;
add_header Cache-Control no-store;
proxy_read_timeout 90;
proxy_connect_timeout 90;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Connection "";
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://xxx:8090;
}
}
It works just fine. But I need to have a permanent redirect on blog.xxx.com to xxx.com/blog as well. Once I set the redirect rule, a too many redirects situation happens.
Is there any way to have both reverse proxy and 301 redirect at the same time?

Do I understand correctly that the two sites mentioned are hosted in different places? If so, I would do a 303 redirect to your second page on the first page. If you don't have Nginx on the first page, you can probably do this in your blog software (or directly in HTML, PHP, etc.) To prevent endless redirection, you can rewrite them while sending them to the client:
https://serverfault.com/a/986034/304842

Related

Nginx proxy_pass with rewrite in url?

I would like to implement a reverse proxy which redirect request of http://www.dummy.com/foo/bar/test to http://127.0.0.1/hello/world. I have tried to add rewrite before the pass and it seems not working ...
server {
listen 80;
listen [::]:80;
server_name www.dummy.com;
# access_log /var/log/nginx/upstream_log.log
location / {
root /usr/share/nginx/html/dummy;
}
location /foo/bar/test {
rewrite ^/foo/bar/test /hello/world break;
proxy_pass http://127.0.0.1/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
access_log /var/log/nginx/upstream_log.log upstream_logging;
}
}
Is there something missing or wrongly configured?
The above config works as expected... The other server was misconfigured when I test the above configuration.

NGINX force SSL for all but health check file?

I have a Rails app with an NGINX reverse proxy behind an AWS ELB. I am terminating SSL on the ELB and I have NGINX configured to force any attempt at HTTP to rewrite as HTTPS. This setup works fine, but I'm also serving the site through ECS, and since the ELB health check is on HTTP port 80, when it gets the redirect and returns 301, the ELB health check fails and the instance is deregistered.
How do I set up NGINX to send all but the health check file through HTTPS?
Here is my server block from nginx.conf:
server {
listen 80;
server_name localhost;
root /var/www/html;
location ~ ^elbcheck\.html$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://rails_app;
break;
}
location / {
proxy_redirect off;
proxy_next_upstream error;
if ($http_x_forwarded_proto != "https") {
rewrite ^ https://$host$request_uri? permanent;
}
try_files $uri $uri/ #proxy;
}
location ~* \.(jpg|jpeg|svg|png|gif|ico|css|js|eot|woff|woff2|map)$ {
proxy_cache APP;
proxy_cache_valid 200 1d;
proxy_cache_valid 404 5m;
proxy_ignore_headers "Cache-Control";
expires 1d;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
add_header X-Cache-Status $upstream_cache_status;
proxy_pass http://rails_app;
}
location #proxy {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://rails_app;
}
}
I had the same problem, and found this answer somewhere on the internet (don't have the source anymore, it was a while ago)
server {
listen 80;
set $redirect_to_https 0;
if ($http_x_forwarded_proto != 'https') {
set $redirect_to_https 1;
}
if ($request_uri = '/status') {
set $redirect_to_https 0;
}
if ($redirect_to_https = 1) {
return 301 https://$host$request_uri;
}
...
}
Found a simple answer that worked great at this post. Here is what #ceejayoz suggested there:
server {
location /elb-status {
access_log off;
return 200;
}
}
Seems to be working--ECS hasn't terminated my service due to failed health checks anymore.

How to rewrite the URL using nginx

I have a URL as
https://test.rockon.me/Profiles/XYZ-ABC-PQRS/default.aspx
now using nginx i have to write rules for creating a subdomain which can make the URL as https://XYZ-ABC-PQRS/test.rockon.me/Profiles/default.aspx here XYZ-ABC-PQRS is the username of some user.
server
{
access_log /var/log/nginx/subcalls.log;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header Access-Control-Allow-Origin *;
listen 80;
server_name ~^(?<subdomain>.+)\nithinveer\.com$;
location /
{
proxy_pass http://192.168.6.190/Profiles/$subdomain$request_uri/;
}
Yours not working, probably because you expect $request_uri = /default.aspx which is not, it is actually, everything after subdomain i.e., /Profiles/user/default.aspx
Try this,
server {
server_name test.rockon.me;
rewrite ^/Profiles/(.*)/default.aspx http://$1/test.rockon.me/Profiles/default.aspx permanent;
}
The other option using proxy_pass can be,
server{
server_name test.rockon.me;
location / {
rewrite /Profiles/(.*)/(.*) /Profiles/$1/$2 break;
proxy_pass http://192.168.6.190;
}
}
Hope it helps. :)

nginx redirect all http to https with exceptions

I would like to redirect all http traffic to https with a handful of exceptions. Anything with /exception/ in the url I would like to keep on http.
Have tried the following suggested by Redirect all http to https in nginx, except one file
but it's not working. The /exception/ urls will be passed from nginx to apache for some php processing in a laravel framework but that shouldn't matter.
Any suggestions for improvement much appreciated!
server {
listen 127.0.0.1:80;
location / {
proxy_pass http://127.0.0.1:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location /exception/ {
# empty block do nothing
# I've also tried adding "break;" here
}
return 301 https://localhost$request_uri;
}
Nginx finds the longest matching location and processes it first, but your return at the end of the server block was being processed regardless. This will redirect everything but /exception/ which is passed upstream.
server {
listen 127.0.0.1:80;
access_log off;
location / {
return 301 https://localhost$request_uri;
}
location /exception/ {
proxy_pass http://127.0.0.1:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
}
}

Nginx proxy: rewrite rule for root request

I have nginx installed on port 80 and a node application on port 2368 behind nginx
nginx configuration looks like this
server {
server_name domain.com www.domain.com;
listen 80;
location / {
proxy_pass http://localhost:2368;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}
}
This configuration works exactly as expected. For example / request turns into http://localhost:2368/, and /post/mypost turns into http://localhost:1234/post/mypost etc.
What I want is that only / request turned into http://localhost:2368/latestpost/. And all other requests are handled the same way as in example above. Thnx!
You could use rewrite directive:
server {
server_name domain.com www.domain.com;
listen 80;
location / {
rewrite ^/$ /latestpost/ break;
proxy_pass http://localhost:2368;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}
}
or in separate location:
server {
server_name domain.com www.domain.com;
listen 80;
location = / {
rewrite ^.* /latestpost/;
}
location / {
proxy_pass http://localhost:2368;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}
}
Second variant is slightly more efficient as it will not try rewrite every request. But difference will be unnoticeable, I guess.

Resources