Can't get nginx to match part of the path - nginx

I have nginx running as in a docker-compose setup and I want to achieve to following:
Every url that contains /something/ is passed to application 1
Every url that contains /something/alsothis/ is passed to application 2
My current config has:
location ~* ^/something/(?<path>.+) {
proxy_pass http://app1/$path;
}
location ~* ^/something/alsothis/(?<path>.+) {
proxy_pass http://app2/$path;
}
When I try https://www.example.com/something/rest_of_path it is working fine.
However when I try https://www.example.com/something/alsothis/rest_of_path I get an Unkown error in Postman (500 error is logged in nginx).
Also I double checked that app2 is working. When I change to the first location to app2, it also works fine.
Can't seem to figure out what is going wrong, all help is much appreciated.
Thanks in advance!

Richard was right, just had to change the order.

Related

Can't send auditlog with modsecurity with custom error pages

I'm using Modsecurity v3.0.3 with the blocking module and I need to get my auditlog.
Also, because I need it, I have to use some custom error pages.
Unfortunately, I have my logs, but I'm losing my auditlog.
I tried some forums' help, but it didn't work for me.
One of the forums : https://github.com/SpiderLabs/ModSecurity-nginx/issues/76
Here is the location configuration of my NGinx
Any help or starting point would be appreciated, thanks !
I had the same problem with ModSecurity 3.3.2 + nginx and custom errors, so leaving this here in case other people run into the same issue as it took me a while to find a solution.
The issue in my case was that I had the custom error in nginx return the message directly in the error location block, so something like:
error_page 400 #error400;
location #error_400 {
types {}
default_type application/json;
return 400 '{"message: WHATEVER ERROR"}'
}
So the solution in my case was to put that exact JSON message in a file and reference that file instead, so the above becomes:
error_page 400 /400.json;
location = /400.json {
types {}
default_type application/json;
root /usr/share/nginx/html/custom_errors/;
}
And in that root path I put the 400.json file with that exact error messsage:
cat /usr/share/nginx/html/custom_errors/400.json
{"message: WHATEVER ERROR"}
This brought back the SecAudit Logs from ModSecurity. Hope this helps someone.
Could you elaborate on "losing my auditlog"? This sounds as if you would see it for a moment, but then it disappears.
Also, you link to a very old ModSec issue that has been fixed and released in the meantime. Where is the connection?

NGINX dynamic path returning 404

i have nginx running locally and am trying to create a simple dynamic path location.
The location block is:
location ~ ^/users/(.+)$/roles {
return 200;
}
After running, I try to hit the endpoint
http://localhost:80/users/1/roles
But I end up with a 404.
If I change the location block to:
location /users/1/roles {
return 200;
}
I get a 200 and everything works just find. I have been pulling my hair out over this because it seems so simple that I thought a ton of documentation would exist about this. But I can not find a solution, any help would be greatly appreciated.

NGINX rewrite issue

I have NGINX + PHP5-fpm and slim for routing, my website wont work with out this rewrite : try_files $uri /index.php; , now everything is fine and all site is ok except some API, for example http://example.com/webservice/android.php/get_video_info
It doesn't work and say it :No input file specified.
Why ? i should mention that http://example.com/webservice/android.php is exist on server but "http://example.com/webservice/android.php/get_video_info" is not exist and its just a post action on this android.php
PS : if you need more information i will provide for you
It was about my app.config, after I checked the NGINX log i found that the issue it's make path duplicated like /var/www//var/www/ after i change my config and remove second one, issue is solved

Drop all GET Parameters from main index file in Nginx

I would like to remove all GET parameters from the index file in the root folder, while leaving all GET parameters everywhere else.
Example:
http://support.oursite.com/?ref=inline
I would like that to get ported to
http://support.oursite.com/
While
http://support.oursite.com/tickets/?id=1934
Would still contain the ID parameter.
I have been able to wipe the parameters, what I'm looking for is help on limiting that wipe to just the root index.
I've found the solution to this, for anyone who comes across this issue.
I have two separate location parameters:
location ~* ^/(.+)$ {
proxy_pass http://192.168.1.1/$1$is_args$args;
}
location / {
proxy_pass http://192.168.1.1/;
}
The use of the (.+) tells Nginx only run this location if there is something after the slash. Because GET parameters aren't processed in that spot, it's safe to do this.

Running Nginx and Drupal

I am new to Nginx but I managed to install Drupal on windows 8 machine. I just noticed that this URL(http://localhost:8080/drupal/) spits out error message 403 Forbidden. If I mutate that URL a bit by including the index(http://localhost:8080/drupal/index.php) file then it works as expected. My question is this:
How could I configure Nginx so that I wont get error message when I go to http://localhost:8080/drupal/?
Depending on your configuration, an index directive will encourage nginx to look for specific files when encountering a directory:
index index.php;
For a more specific rule, to single out that one path and map it to the controller, you could use an exact match location directive:
location = /drupal/ { rewrite ^ /drupal/index.php last; }
See this and this for more.

Resources