nginx reverse proxy worked on LAN but not public - nginx

I am setting up a Nginx reverse proxy using these docker images
nginx
jwilder/docker-gen
jrcs/letsencrypt-nginx-proxy-companion
The host where these containers are located is given public IP address so that the web app can be accessed from the internet. We registered the subdomain and set the public IP address to that subdomain.
When I test the configuration, the web app worked and https also worked but from LAN only (we have local DNS server that has the subdomain paired to a local server IP address.
But when I tried accessing it from internet it gives 301 redirected too many times. And yes I saw in the Nginx log the server logged around 20s 301 redirections and then stopped.
I am still clueless about what is wrong with the configuration. I used this template https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl for the auto-generated configuration files with a little modification in the location part (proxy_connect_timeout, proxy_send_timeout, proxy_read_timeout, proxy_send_lowat) to make our web app not 502 gateway timeout from long processing.
Can anyone point where my configuration failed?
# fhij.abcd.co.id
upstream fhij.abcd.co.id {
## Can be connected with "nginx-proxy" network
# fhid_web_1
server 172.20.0.8:8069;
}
server {
server_name fhij.abcd.co.id;
listen 80 ;
access_log /var/log/nginx/access.log vhost;
return 301 https://$host$request_uri;
}
server {
server_name fhij.abcd.co.id;
listen 443 ssl http2 ;
access_log /var/log/nginx/access.log vhost;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_certificate /etc/nginx/certs/fhij.abcd.co.id.crt;
ssl_certificate_key /etc/nginx/certs/fhij.abcd.co.id.key;
ssl_dhparam /etc/nginx/certs/fhij.abcd.co.id.dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/nginx/certs/fhij.abcd.co.id.chain.pem;
add_header Strict-Transport-Security "max-age=31536000" always;
include /etc/nginx/vhost.d/default;
location / {
proxy_pass http://fhij.abcd.co.id;
proxy_connect_timeout 9990;
proxy_send_timeout 9990;
proxy_read_timeout 9990;
proxy_send_lowat 12000;
}
}
These are the access.log I got from accessing from internet
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:42 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:43 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:43 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:43 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:43 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:43 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:44 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:44 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:44 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:45 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:45 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:46 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:46 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:46 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:46 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:46 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:47 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:47 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:47 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
fhij.abcd.co.id 162.158.178.186 - - [22/Nov/2019:03:57:47 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux; Android 9; YAL-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.96 Mobile Safari/537.36"
And these are from LAN
fhij.abcd.co.id 192.168.130.127 - - [22/Nov/2019:05:21:29 +0000] "GET / HTTP/2.0" 303 215 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
fhij.abcd.co.id 192.168.130.127 - - [22/Nov/2019:05:21:29 +0000] "GET /web HTTP/2.0" 303 227 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
fhij.abcd.co.id 192.168.130.127 - - [22/Nov/2019:05:21:29 +0000] "GET /web/login HTTP/2.0" 200 4383 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
fhij.abcd.co.id 192.168.130.127 - - [22/Nov/2019:05:21:29 +0000] "GET /web/content/269-ceb8fb1/web.assets_common.0.css HTTP/2.0" 499 0 "https://fhij.abcd.co.id/web/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
fhij.abcd.co.id 192.168.130.127 - - [22/Nov/2019:05:21:29 +0000] "GET /web/content/276-771d39e/web.assets_frontend.0.css HTTP/2.0" 499 0 "https://fhij.abcd.co.id/web/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
fhij.abcd.co.id 192.168.130.127 - - [22/Nov/2019:05:21:29 +0000] "GET /web/webclient/qweb?mods= HTTP/2.0" 304 0 "https://fhij.abcd.co.id/web/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
fhij.abcd.co.id 192.168.130.127 - - [22/Nov/2019:05:21:29 +0000] "POST /web/webclient/bootstrap_translations HTTP/2.0" 200 87 "https://fhij.abcd.co.id/web/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0"
Why it is so different? Nginx response to internet request was 301 and response to LAN was 303


Turned out there is a mistake in our Cloudflare DNS and WAF configuration. Modifying these configuration fixed this issue.

Related

How to block in NGINX all request starting with question mark

My website is getting attacked with such request as
66.249.75.242 - - [12/Jan/2023:00:29:11 +0800] "GET /?bailiffry/1529595 HTTP/1.1" 200 57100 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.115 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.75.236 - - [12/Jan/2023:00:29:14 +0800] "GET /?Diphysite-7105-hwfLs/328609048 HTTP/1.1" 200 57097 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.75.236 - - [12/Jan/2023:00:29:16 +0800] "GET /?hypothermal/sealant313919.html HTTP/1.1" 200 57100 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.115 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.75.236 - - [12/Jan/2023:00:29:17 +0800] "GET /?dianilid/elated357845.html HTTP/1.1" 200 57100 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.115 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
I have blocked other patterns, I just wish to block this for now as I have been solving this for hours and wish a quick fix for now.
How do I block request starting with question mark?

Yes you can. See the question below
Drop unwanted connections
if (condition) ) {
return 444;
}
You Can also put a WAF (Web Application Firewall) in your front, if your request is coming for a security issue you're facing.
you can see NAXSI. It's Open-source and compatible with any nginx version.

AMP clear cache returning - Public key not found due to ingestion error: 499 error from origin That’s all we know

I am trying to clear the cache of amp page but I am getting this error:
Public key not found due to ingestion error: 499 error from origin
That’s all we know.
What I have checked:
.well-known/amphtml/apikey.pub is publicly available
the file is not roboted(allowed for google bots)
the file has content type plain/text
bypassed cloudflare cache
Suspiction:
There are also 301 requests from google bots. I guess it is because google bot is requesting the file in HTTP initially and redirected to https.
64.233.173.70 - - [13/Jun/2022:16:08:22 +0800] "GET /.well-known/amphtml/apikey.pub HTTP/1.1" 301 193 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Mobile Safari/537.36 (compatible; Google-AMPHTML)"
64.233.173.204 - - [13/Jun/2022:16:08:22 +0800] "GET /.well-known/amphtml/apikey.pub HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Mobile Safari/537.36 (compatible; Google-AMPHTML)"
66.249.70.56 - - [13/Jun/2022:16:10:55 +0800] "GET /.well-known/amphtml/apikey.pub HTTP/1.1" 301 193 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.64.21 - - [13/Jun/2022:16:11:14 +0800] "GET /.well-known/amphtml/apikey.pub HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.64.55 - - [13/Jun/2022:17:07:18 +0800] "GET /.well-known/amphtml/apikey.pub HTTP/1.1" 301 193 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.64.114 - - [13/Jun/2022:17:07:19 +0800] "GET /.well-known/amphtml/apikey.pub HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
Another suspicion:
The .well-known/amphtml/apikey.pub cannot be curled and it returns 403. But from above logs from Google bot, it seems it does not have any problem fetching the file.
I don't understand what I miss here. Please help!

Airflow basic authentification causes "Too many redirects" on login page

I set in my airflow.cfg:
authenticate = True
auth_backend = airflow.contrib.auth.backends.password_auth
And I think, that i`d able to see login page then I open http://localhost:8089/admin, but I can only see "Too many redirects" page, logs looks like a:
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/ HTTP/1.1" 302 281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
airflow_webserver_1 | 172.21.0.1 - - [15/Jul/2019:06:35:53 +0000] "GET /admin/airflow/login?next=%2Fadmin%2F HTTP/1.1" 302 221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
Have no ideas why it doesn`t work...

Nginx redirect except some extensions

I wrote a script that configures a captive portal and everything is working fine. The problem I'm having is because nginx is redirecting all the requests to http://hotspot.localnet/index.php is also redirecting all requests for images. So none of the images in index.php work.
Is there a way to exclude png,pdf files from being redirected to index.php and be displayed? Tried many regex examples found on the internet but having no luck.
The source code of the nginx config file is here: https://github.com/tretos53/Captive-Portal/blob/master/default_nginx
This is access.log with the above configuration:
192.168.137.1 - - [03/Dec/2018:19:53:16 +0000] "GET /index.php HTTP/1.1" 200 582 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
192.168.137.1 - - [03/Dec/2018:19:53:16 +0000] "GET /images/1.jpg HTTP/1.1" 302 161 "http://hotspot.localnet/index.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
192.168.137.1 - - [03/Dec/2018:19:53:16 +0000] "GET /images/2.png HTTP/1.1" 302 161 "http://hotspot.localnet/index.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
192.168.137.1 - - [03/Dec/2018:19:53:16 +0000] "GET /images/3.png HTTP/1.1" 302 161 "http://hotspot.localnet/index.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
192.168.137.1 - - [03/Dec/2018:19:53:16 +0000] "GET /images/4.png HTTP/1.1" 302 161 "http://hotspot.localnet/index.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
192.168.137.1 - - [03/Dec/2018:19:53:16 +0000] "GET /images/5.png HTTP/1.1" 302 161 "http://hotspot.localnet/index.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
192.168.137.1 - - [03/Dec/2018:19:53:16 +0000] "GET /images/6.png HTTP/1.1" 302 161 "http://hotspot.localnet/index.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"

Add this to your config:
location ~ \.(?:pdf|png)$ {
try_files $uri =404;
}

WooCommerce-WorldPay checkout taking forever to complete

I've been having trouble getting the Online Worldpay plugin (from https://wordpress.paymentplugins.com/product-category/worldpay/) to work with WooCommerce and after multiple trial and error, although it seems to be working now, it's taking forever to complete a transaction.
The first issue was this in the server log:
upstream timed out (110: Connection timed out) while reading response header from upstream
After searching on SO and a few trial and error, adding the following nginx directives seem to have fixed it:
proxy_connect_timeout 159s;
proxy_send_timeout 600;
proxy_read_timeout 600;
However it's still not fixed the problem. It's taking up to 5 minutes between clicking checkout and showing the confirmation page.
Here's my server log:
xxx.xxx.xxx.xxx - - [29/Aug/2018:11:51:40 +0100] "POST /staging/wp-
admin/admin-ajax.php HTTP/1.0" 200 1140 "https://website.com/staging/wp- admin/edit.php?post_type=shop_order" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"
xxx.xxx.xxx.xxx - - [29/Aug/2018:11:49:02 +0100] "POST /staging/?wc- ajax=checkout HTTP/1.0" 200 1522 "https://website.com/staging/checkout/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"
xxx.xxx.xxx.xxx - - [29/Aug/2018:11:53:17 +0100] "GET /staging/checkout/order-received/1001?key=wc_order_5b867a1e36616 HTTP/1.0" 301 4616 "https://website.com/staging/checkout/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"
xxx.xxx.xxx.xxx - - [29/Aug/2018:11:53:17 +0100] "GET /staging/checkout/order-received/1001/?key=wc_order_5b867a1e36616 HTTP/1.0" 200 77776 "https://website.com/staging/checkout/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"
xxx.xxx.xxx.xxx - - [29/Aug/2018:11:53:18 +0100] "GET /staging/wp-content/uploads/2018/08/fromUpload/37124872560_f78336501a_k-3-1024x485.jpg HTTP/1.0" 200 491 "-" "-"
xxx.xxx.xxx.xxx - - [29/Aug/2018:11:53:18 +0100] "GET /staging/wp-content/themes/website/functions/includes/im_cart_order.php?path=https://website.com/staging/wp-content/uploads/2018/08/fromUpload/37124872560_f78336501a_k-3-1024x485.jpg&crop_left=26.329113924050635&crop_top=0&crop_width=47.34177215189874&crop_height=100&rotate=0&filter=0&mirror=0&flip=0 HTTP/1.0" 200 59870 "https://website.com/staging/checkout/order-received/1001/?key=wc_order_5b867a1e36616" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"
Appreciate any insight :)
Thanks!

Resources