I am using Odoo 10. I have implemented subdomain using Nginx with below script and it is working fine. However When I type IP address with port number like http://444.444.444.44:8085/web/database/manager, still im able to access this page. I want users forcibly use subdomain only as I provided xxx.mydomain.com. How can I achieve this plz help.
My script for each of my subdoain URL is as follows:
server {
listen 80;
listen [::]:80;
server_name xxx.mydomain.org;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://127.0.0.1:8085;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 2000;
proxy_send_timeout 2000;
proxy_read_timeout 2000;
send_timeout 2000;
}
location ~* /web/database/manager {
deny all;
}
location ~* /web/database/selector {
deny all;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
Instead of of listening on every interface for Odoo process, use only localhost 127.0.0.1 interface to listen. To achieve that, modify the Odoo configuration file *.conf and add the following:
xmlrpc_interface = 127.0.0.1
Save the conf file and restart Odoo process. By default Odoo process listens to all interface, but this particular line in configuration file will ensure that Odoo process listens to 127.0.0.1 only, so anyone trying to browse from http://444.444.444.44:8085 will not find any response.
Related
My website is only accessible on a certain ip address so i only can have access to it if i'm in that machine or a connection towards it
I tried adding Nginx allow all to the config but it's still not working
server {
listen 80;
server_name domain;
#Specify a charset
charset utf-8;
location /api {
satisfy any;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.226.264:8080;
proxy_read_timeout 90;
allow all;
}
location / {
root /Users/administrator/Documents
try_files $uri /index.html;
}
}
I get this :
This site can’t be reached.
domain’s server IP address could not be found
What do i need to add to make the website accessible by all ip addresses
Try whether you domain is getting resolved using "whois" command from the terminal where you have installed the nginx server :
whois domainname
You have mentioned a "server_name domain" , is that domain resolvable from your terminal ?
I know , I know. This question is asked too many times and I've researched it alot as well. But every solution on internet lead me to dead end.
I want to redirect all the incoming http-request to a specific url/domain.
For example if someone type - www.test.com or simply test.com in browser's url-bar, it should redirect the user to http://test.com/home .
This is what I've been trying to achieve from last 3 days, not sure what I'm doing wrong. This is my server-block.
server {
listen 80;
server_name test.com;
port_in_redirect off;
# server_name_in_redirect off;
client_max_body_size 20M;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://localhost:8000/ ;
proxy_read_timeout 90;
return 301 http://test.com/home;
}
}
This above configuration is giving me error - too many redirection on browser when I'm trying to access the website.Also removing return statement giving me page not found error and not changing/redirecting the url to http.test.com/home.
PS - I'm running another different website as well on this same server on port 443(https) & that is working absolutely well. I'm running a Spring-boot application.
A help is highly appreciated.
You write too many codes related to redirection, that's why showing this error.
Change your server block like below.
server {
listen 80;
server_name test.com www.test.com;
client_max_body_size 20M;
#return 301 http://test.com/home$request_uri;
}
location ~ ^/(?!home) {
return 301 http://test.com/home$request_uri;
}
location /home {
root /var/www/test.com/html/;
index index.html index.htm;
}
this is my config:
server {
listen 80;
server_name ~^(?<sb>.+)\.a\.b\.c\.com$;
access_log /data/logs/nginx/tas.access.log main;
location / {
proxy_intercept_errors on;
proxy_pass http://b.c/a/$sb/;
proxy_set_header Host $host;
proxy_redirect off;
}
}
and browser report to many redirects.
If, as you say, you want to proxy to localhost:8082, you need to say so in the proxy_pass line:
server {
listen 80;
server_name ~^(?<sb>.+)\.a\.b\.c\.com$;
access_log /data/logs/nginx/tas.access.log main;
location / {
proxy_intercept_errors on;
proxy_pass http://localhost:8082/a/$sb/;
proxy_set_header Host $host;
proxy_redirect off;
}
}
Without all of the information, it's hard to guess what's going on. Based on the comments, my guess is that you are using virtual hosting so that the upstream site is also served by the same nginx. So this line is the problem:
proxy_set_header Host $host;
The nginx variable $host is pointing to the current Host header (which matches the server_name). So if you set the same host header for the upstream again, then nginx will find the same location block above because nginx relies on the Host header to find the proper server. Thus the redirect loop.
Set
proxy_set_header Host your_upstream_server_name
will fix it then.
I tried to make custom 404 page for tornado and want to deploy it with nginx but failed.
here is my domain.conf(included by nginx.conf)
server {
listen 80;
server_name vm.tuzii.me;
client_max_body_size 50M;
location ^~ /app/static/ {
root ~/dev_blog;
if ($query_string) {
expires max;
}
}
location = /favicon.ico {
rewrite (.*) /static/favicon.ico;
}
location = /robots.txt {
rewrite (.*) /static/robots.txt;
}
error_page 404 /404.html;
location /404.html {
root /home/scenk;
internal;
}
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://frontends;
}
}
But after reload nginx, nothing happen. It seems like tornado catch the 404error before nginx.
I have no idea to solve this problem.
PS. I just want to make 404error by nginx. But not rewrite 'write_error' in tornado source.
Environment: Ubtuntu 12.04 Tornado2.4.1 runsite with supervisor by Nginx 4 process.
I ran into the same problem and what you actually need is this set:
proxy_intercept_errors on;
From nginx proxy module documentation:
proxy_intercept_errors
Syntax: proxy_intercept_errors on | off
Default: off
Context: http
This directive decides if nginx will intercept responses with HTTP status codes of 400 and higher.
By default all responses will be sent as-is from the proxied server.
If you set this to on then nginx will intercept status codes that are explicitly handled by an error_page directive. Responses with status codes that do not match an error_page directive will be sent as-is from the proxied server.
Finailly solve this problem. Because
proxy_pass_header Server;
So the real TornadoServer is sent. To hide real server, simply change
proxy_pass_header User-Agent;
That's all.
I have a Sinatra application hosted with Unicorn, and nginx in front of it. When the Sinatra application errors out (returns 500), I'd like to serve a static page, rather than the default "Internal Server Error". I have the following nginx configuration:
server {
listen 80 default;
server_name *.example.com;
root /home/deploy/www-frontend/current/public;
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 5;
proxy_read_timeout 240;
proxy_pass http://127.0.0.1:4701/;
}
error_page 500 502 503 504 /50x.html;
}
The error_page directive is there, and I have sudo'd as www-data (Ubuntu) and verified I can cat the file, thus it's not a permission problem. With the above config file, and service nginx reload, the page I receive on error is still the same "Internal Server Error".
What's my error?
error_page handles errors that are generated by nginx. By default, nginx will return whatever the proxy server returns regardless of http status code.
What you're looking for is proxy_intercept_errors
This directive decides if nginx will intercept responses with HTTP
status codes of 400 and higher.
By default all responses will be sent as-is from the proxied server.
If you set this to on then nginx will intercept status codes that are
explicitly handled by an error_page directive. Responses with status
codes that do not match an error_page directive will be sent as-is
from the proxied server.
You can set proxy_intercept_errors especially for that location
location /some/location {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 5;
proxy_read_timeout 240;
proxy_pass http://127.0.0.1:4701/;
proxy_intercept_errors on; # see http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_intercept_errors
error_page 400 500 404 ... other statuses ... =200 /your/path/for/custom/errors;
}
and you can set instead 200 other status what you need
People who are using FastCGI as their upstream need this parameter turned on
fastcgi_intercept_errors on;
For my PHP application, I am using it in my upstream configuration block
location ~ .php$ { ## Execute PHP scripts
fastcgi_pass php-upstream;
fastcgi_intercept_errors on;
error_page 500 /500.html;
}
As mentioned by Stephen in this response, using proxy_intercept_errors on; can work.
Though in my case, as seen in this answer, using uwsgi_intercept_errors on; did the trick...