I have an html web server running on my EC2 instance on port 80 (HTTP). I'm using Nginx as a reverse proxy (which is also installed on the instance) to redirect requests from port 8080 based on the path ('/blue') to my HTML web server. So I'm requesting HTTP://ec2_instance_dns:8080/blue and expect to redirect to HTTP://ec2_instance_dns:80.
However, I'm having issues redirecting the request based on the path variable. My /etc/nginx/conf.d/deafult.conf attached below:
server {
listen 8080;
server_name default;
client_max_body_size 32M;
underscores_in_headers on;
root /var/www/html/index.html;
location /blue {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_read_timeout 120;
proxy_next_upstream error timeout invalid_header http_500;
proxy_connect_timeout 90;
proxy_pass http://localhost:80;
}
}
My /etc/nginx/nginx.conf attached bellow:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 8080;
listen [::]:8080;
server_name localhost;
root /var/www/html/index.html;
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
When trying to request HTTP://ec2_instance_dns:8080/blue I'm getting the above error:
What further configuration should I do? Thank you.
Related
The problem
I have a website developed with NextJS, it is running on a server with Nginx. The website files are inside the public_html folder and running on port 3004, and i have a proxy_pass that redirect the requests to the NextJS website on port 3004.
But when I search for my domain or my site on google, it shows up in the results: Index of / (and the files inside)
I would like to remove this (and all the listing of files inside) to just put Home - Domain, for example.
Research and issue photos
My next.conf file
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
server_name computadorsolidario.tec.br www.computadorsolidario.tec.br;
location / {
autoindex off;
proxy_pass http://localhost:3004;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
}
}
}
How can i solve this?
You can turn off the feature of nginx where it creates directory listings:
autoindex off;
If you want to replace "index if /" with an actual home page, you would need to create an index.html file in document root directory.
You should also add as a last location in your conf
location ~ /\. {
deny all;
}
to block file access to dot files .env file or other sensitive data
I'm running Nginx on port 3000 and it's running fine and running Grafana on port 8080 and it's running fine. when I use Nginx as a reverse proxy for Grafana I got bad Gateway below is nginx configuration and the error log
Bad Gateway Error:
enter image description here
Nginx Configuration File:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
#include /etc/nginx/sites-enabled/*;
map $http_upgrade $connection_upgrade {
defualt upgrade;
'' close;
}
server {
listen 3000 ssl;
#server_name gemnprd1elk4.gdps.gov.sa;
#root /usr/share/nginx/html;
#index index.html index.htm;
ssl_certificate /etc/grafana/GEMNPRD1ELK4.crt;
ssl_certificate_key /etc/grafana/GEMNPRD1ELK4.key;
location / {
proxy_pass https://localhost:8080/;
access_log /var/log/nginx/access_grafana.log;
error_log /var/log/nginx/error_grafana.log;
}
location /api/live {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_pass https://localhost:8080/;
}
}
}
Error.log File: connect() failed (111 connection refused) while connecting to upstream client
Update: I converted the "proxy_pass https://localhost:8080/" to "proxy_pass http://localhost:8080/" I got the below error.
enter image description here
I am trying to make nginx have two functions like fiddler does:
1、Redirect requests from data.abc.com to 127.0.0.1:9000
2、Pass all other requests to their original servers
my nginx.conf is:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 8008;
server_name data.abc.com;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass https://127.0.0.1:9000/;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
However, right now every request via port 8008 is redirected, it seems like server_name doesn't work, how to make other requests go to original server?
Your configuration is to redirect all request to https://127.0.0.1:9000
Add 2 different server block like follows
1) Redirect data.abc.com to https://127.0.0.1:9000
server {
listen 8008;
server_name data.abc.com;
return 301 https://127.0.0.1:9000$request_uri
}
2) Serve request for another website:
server {
listen 8008 default_server;;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
}
I'm trying to use Nginx as a reverse proxy in and centos 6.9_64 environment where clients connects to my server (http://www.51ti.vip).
Nginx will forward all requests to other backend server. The communication is working on port 80.
However, once proxy_set_header XXXXX is set, it will appear 403 when accessed.
There is no relevant error information in /var/log/nginx/error.log.
Where's the problem?
Page 403 Forbidden
You don't have permission to access the URL on this server.
Note:
OS System: CentOS 6.9_64
Nginx version 1.10.2
Config:
/etc/nginx/nginx.conf as follows:
user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
}
/etc/nginx/conf.d/default.conf as follows:
server {
listen 80 default_server;
server_name 47.75.249.199 "";
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://sq.otherserver.com;
#Proxy Settings
proxy_redirect off;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
The original problem was caused by "proxy_set_header Host $host",
there's no problem whith proxy_set_header X-Real-IP and proxy_set_header X-Forwarded-For.
But still don't understand why?
Nginx: when to use proxy_set_header Host $host vs $proxy_host
Module ngx_http_proxy_module
I follow this reference https://github.com/kvspb/nginx-auth-ldap/blob/master/README.md and try to integrate nginx and LDAP.
my nginx.conf setting:
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
ldap_server ldap_local {
url "ldap://localhost/cn=Manager,dc=xinhua?uid?sub?(objectClass=posixAccount)";
binddn "cn=Manager,dc=xinhua,dc=org";
binddn_passwd "xxxxxx";
require group "cn=config,ou=People,dc=xinhua,dc=org";
group_attribute "memberUid";
group_attribute_is_dn off;
require valid_user;
satisfy all;
}
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
conf.d/default.conf
server {
listen 8000;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
auth_ldap "Forbidden";
auth_ldap_servers ldap_local;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
My question is how to authenticate the username and password which are in LDAP.
This is my first time to use LDAP.
Now, I don't know what is the username and password.
When I try the username and password in .htpasswd. It doesn't work.
Why not via https://github.com/nginxinc/nginx-ldap-auth ? It's daemon, use something like
location = /auth-proxy {
internal;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_pass http://127.0.0.1:8888;
proxy_set_header X-Ldap-URL "ldap://127.0.0.1:389";
proxy_set_header X-Ldap-Template "(uid=%(username)s)";
proxy_set_header X-Ldap-BaseDN "dc=example,dc=com";
}
location /private-storage {
auth_request /auth-proxy;
proxy_pass http://application-backend;
}