This question already has answers here:
How to allow access via CORS to multiple domains within nginx
(2 answers)
How to set the value of the Access-Control-Allow-Origin header based on a list of allowed origins?
(1 answer)
Closed 2 years ago.
I have this error in my web page:
"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.cdn-example.com. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)."
I have Nginx and this is my configuration:
/etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-enabled/default
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
server {
# listen 443 default_server;
# listen [::]:443;
listen 443 default_server;
listen [::]:443;
ssl on;
ssl_certificate /etc/ssl/certs/pem-access.pem;
ssl_certificate_key /etc/ssl/private/key-access.key;
access_log /var/log/nginx/nginx.access.log;
error_log /var/log/nginx/nginx.error.log;
location / {
add_header 'Access-Control-Allow-Origin' "https://www.cdn-example.com" always;
}
}
Mi original site is other https://www.example.com
I solved the problem adding:
location / {
if ($http_origin ~* (https://www.example.com|https://example.com|https://www.cdn-example.com)) {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Methods' 'GET';
}
}
Related
I developed an application using Django(rest-api) and reactJs with webpacker. It is working in local. Now I need to deploy it in an nginx server.
I have ssh access to nginx server(lets say server name: vardhan.com and username: vishnu). Can someone help with how to do it.
I am following this tutorial. https://tonyteaches.tech/django-nginx-uwsgi-tutorial/
But I got few questions.
There is already a survey application running in the same server and it can be accessed with url vardhan.com/survey. is website address(url) same as server name ?
How to host two applications in the same sever ?
This is .conf of survey app
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 443 ssl;
server_name vardhan.com;
# SSL parameters
ssl_certificate /etc/ssl/certs/asurc.pem;
ssl_certificate_key /etc/ssl/certs/private.key;
location /survey {
#proxy_pass http://localhost:3000/;
proxy_pass http://localhost:3010/;
}
location /survey {
#proxy_pass http://localhost:3000/survey;
proxy_pass http://localhost:3010/survey;
}
location /result {
#proxy_pass http://localhost:3000/result;
proxy_pass http://localhost:3010/result;
}
location /feedback {
proxy_pass http://localhost:3010/feedback;
}
location /public/stylesheets/ {
autoindex on;
#alias /home/*****/AppSurvey/public/stylesheets/;
alias /home/*****/AppSurvey/public/stylesheets/;
}
location /public/javascripts/ {
autoindex on;
#alias /home/*****/AppSurvey/public/javascripts/;
alias /home/*****/AppSurvey/public/javascripts/;
#proxy_pass http://localhost:3000/public/javascripts/index.js;
proxy_pass http://localhost:3010/public/javascripts/index.js;
}
}
server {
listen 80;
server_name vardhan.com;
return 302 https://$server_name$request_uri;
}
}
Trying to set up a subdomain on my digitalocean server using NGINX. Unfortunately, none of the things I tried have worked out so far. No error is shown, yet the site won't be fetched on the subdomain, only the main domain. Below is my config files:
/etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
/etc/nginx/site-available/ava-tms.com:
server {
listen 80;
listen [::]:80;
server_name ava-tms.com www.ava-tms.com;
root /var/www/ava-tms.com/live/;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}
/etc/nginx/site-available/beta.ava-tms.com:
server {
listen 80;
listen [::]:80;
server_name beta.ava-tms.com www.beta.ava-tms.com;
root /var/www/ava-tms.com/beta/;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}
Thanks in advance for the help.
As 0stone0 suggested, my problem was merely the lack of a dns record. Thx for the help.
I dont know what i am doing wrong.
First I tried to add Vhosts in NGINX making new file in sites-available then linken to sites-enabled. This doerst work.
Then I tried to make the vhosts directly in the nginx.conf file. There is the same Problem. It works perfectly for one host but then if I add a another one and try to /etc/init.d/nginx start it always says:
See "systemctl status nginx.service" and "journalctl -xe" for details.
failed!
How can I fix that?
Here ist my nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
server_names_hash_bucket_size 64;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name_;
location / {
root /var/www/html/;
index index.html index.htm index.nginx-debian.html;
autoindex on;
}
location ~ \.php$ {
root /var/www/html/;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
server {
listen 80;
server_name website.de;
location / {
root /var/www/dev1/;
index index.html index.htm;
autoindex on;
}
location ~ \.php$ {
root /var/www/dev1/;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
}
I cannot access to directories inside server's document root.
It throw 403 Forbidden error!
here is /etc/nginx/nginx.conf file:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
#################
# Custom config
################
#disable_symlinks off;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-available/default file:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
server root directory map:
/var/www/html/index.php
<?php include 'folder/file.php';
/var/www/html/folder/file.php
<?php echo 'file included';
if I request http://localhost/index.php it respond me 'file included' but if I request directly for http://localhost/folder/file.php it says me 403 Forbidden!
I am using nginx as a proxy server to serve two web apps on a single server that are running on separate ports (for local development purposes). Below is the full nginx.conf file:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
server {
server_name news.mysite;
location / {
proxy_pass http://localhost:3001;
}
}
server {
server_name blog.mysite;
location / {
proxy_pass http://localhost:3002;
}
}
# include /etc/nginx/conf.d/*.conf;
# include /etc/nginx/sites-enabled/*;
}
When accessing the subdomains from the browser I see the expected content based on the web apps that are running. However, when I access the main domain through the browser (http://mysite), it displays the content from the first proxypass (news.mysite # localhost:3001). I would have expected one of the following two scenarios:
Serve content from the default directory # /var/www/html
The typical "This site can’t be reached" error in the browser.
Why is nginx proxying the first proxypass it finds by default and how can I change it?
The first server that nginx encounters for a socket will be considered the default unless you create another one that you explicitly mark as the default.
So for your case, you would want to add an additional server block as a catch all:
server {
listen 80 default_server;
root /var/www/html;
}