Hi guys i have a question.
When i check the logs from graylog i noticed something weird. My nginx web server responds domain names that are not in my server. Like google.com or some ips.
How can i solve the problem?
# HTTP Server
server {
listen 80;
server_name x.com.tr www.x.com.tr;
rewrite ^ https://$server_name$request_uri permanent;
}
# HTTPS Server
server {
listen 443;
server_name x.com.tr www.x.com.tr;
root /var/www/html/xcom;
index index.php;
ssl on;
ssl_certificate /etc/nginx/ssl/xcomtr.crt;
ssl_certificate_key /etc/nginx/ssl/xcomtr.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # do not use SSLv3 ref: POODLE
if (!-e $request_filename) { rewrite ^.* /index.php break; }
client_max_body_size 100M;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~/\.ht {
deny all;
}
location ~ ^/(wp-admin|wp-login\.php) {
allow x/24;
allow y/24;
allow z/24;
deny all; }
}
I had to hide my website name and ip's because it's govermantal project :)
Thank you all for your answers
in sites-enabled file test.com.conf:
map $http_host $blogid {
default 0;
test.com 1;
}
server {
listen 5.187.1.93:80;
server_name test.com *.test.com;
root /home/fornex/wordpress;
access_log /var/log/nginx/test.com-access.log;
error_log /var/log/nginx/test.com-error.log;
include conf.d/restrictions.conf;
# include /home/fornex/wordpress/nginx.conf;
include conf.d/wordpress-mu.conf;
}
file site.com.conf:
server {
listen 5.187.1.93:80;
server_name site.com *.site.com;
return 301 https://$host$request_uri;
}
server {
listen 5.187.1.93:443 ssl;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/site.com/privkey.pem;
server_name site.com *.site.com;
root /home/fornex/site.com;
index index.php;
client_max_body_size 7m;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* /\. {
deny all;
}
location ~*\.(php)$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
when I open test.com(It should be a wordpress installation) - site.com opens. What is wrong? How can I make them separate sites? I searched a lot in WEB but didn't find anything that helps in my situation. Adding *.test.com didn't help.
server {
listen 80;
server_name www.21cl.ca 21cl.ca;
return 301 https://21cl.ca$request_uri;
}
server {
server_name 21cl.ca;
listen 443 ssl http2;
ssl_certificate /srv/ssl/2100computerlane_net.crt;
ssl_certificate_key /srv/ssl/21ca.key;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
access_log /srv/www/www.2100computerlane.net/logs/access.log;
error_log /srv/www/www.2100computerlane.net/logs/error.log;
root /srv/www/www.2100computerlane.net/public_html;
location / {
index index.html index.htm index.php;
autoindex on;
autoindex_exact_size off;
}
location ~* \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
}
http://www.21cl.ca is being forwarded to https://www.21cl.ca not https://21cl.ca like instructed.
Note this works fine when I do it with my dot net and dot com domains.
I think it has been cached in the browser try it in private or incognito window, It is redirecting properly for me
I am having some problems with my Nginx config on RHEL, I am trying to configure custom error pages, this is a bit of my config:
server {
listen 443;
listen [::]:443;
ssl on;
ssl_certificate /etc/nginx/ssl/^/ssl.crt;
ssl_certificate_key /etc/nginx/ssl/^/ssl.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
server_name ~^(www\.)?(?P<domain>.+)$;
root /www/$domain;
include /etc/nginx/conf.d/my_domain;
location ~ ^/(403|404|405|50x).html {
root /www/^/error;
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_param SCRIPT_FILENAME /www/$domain$fastcgi_script_name;
include fastcgi_params;
}
}
Any way I have read everything and I'm not sure what to do to fix it :( and before anyone asks... yes I have restarted nginx!
I'm very new to nginx, so forgive me if my explanations are off. I'll do my best to explain what I am trying to achieve.
Using WordPress and nginx, I would like user accounts to be mapped to a subdomain of the main domain. For example, if the user creates an account called "sample", the subdomain for that user would be sample.example.com.
When the user goes to sample.example.com, the subdomain should be mapped to example.com/sample/. Similarly, if a user visits sample.example.com/account/, it should map to example.com/sample/account/, and so on and so forth. It should be noted that the example.com/sample/ URLs are rewrites of this type of structure: example.com/index.php?user=sample.
There are also a few reserved subdomains that should not be redirected, such as cdn and admin. They should be ignored by these rules if they are requested.
How can I achieve this automatically when a user creates an account? The goal here is automation - set it up once correctly and not worry about it. Since I have literally just started working with nginx a few days ago, I'm not sure where to start at all. Any advice to move me in the right direction would be incredibly helpful. Here is my current config file for the domain:
server {
listen 80;
server_name www.example.com;
rewrite ^(.*) $scheme://example.com$1 permanent;
}
server {
listen 443 ssl;
server_name www.example.com;
rewrite ^(.*) $scheme://example.com$1 permanent;
}
server {
listen 80;
server_name example.com;
access_log /var/www/example.com/logs/access.log;
error_log /var/www/example.com/logs/error.log;
root /var/www/example.com/public;
index index.php;
location / {
try_files $uri $uri/ #wordpress /index.php?q=$request_uri;
}
location #wordpress {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME /var/www/example.com/public/index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Pass the PHP scripts to FastCGI server listening on UNIX sockets.
#
location ~ \.php$ {
try_files $uri #wordpress;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/example.com/public$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443 ssl;
ssl on;
keepalive_timeout 70;
server_name example.com;
ssl_certificate ssl/example.com.chained.crt;
ssl_certificate_key ssl/example.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
root /var/www/example.com/public;
index index.php;
location / {
try_files $uri $uri/ #wordpress /index.php?q=$request_uri;
}
location #wordpress {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME /var/www/example.com/public/index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Pass the PHP scripts to FastCGI server listening on UNIX sockets.
#
location ~ \.php$ {
try_files $uri #wordpress;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/example.com/public$fastcgi_script_name;
include fastcgi_params;
}
}
I understand that what I am trying to achieve probably needs to go into the /etc/nginx/nginx.conf file if I want it to be automated, and I am actively trying to learn how to achieve this. I'm just stuck where I am at now and am looking for any advice/help that would point me in the right direction. I'm eager to learn!
ANSWER
After days of searching, tweaking, and configuring, I've gotten down the code needed to map subdomains to URLs exactly like in my example. Here is my vhost for example.com: https://gist.github.com/thomasgriffin/4733283
server {
listen 80;
listen 443 ssl;
server_name ~^(?<user>[a-zA-Z0-9-]+)\.example\.com$;
location / {
resolver 8.8.8.8;
rewrite ^([^.]*[^/])$ $1/ permanent;
proxy_pass_header Set-Cookie;
proxy_pass $scheme://example.com/user/$user$request_uri;
}
}
server {
listen 80;
listen 443 ssl;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
server {
listen 80;
server_name example.com;
access_log /var/www/example.com/logs/access.log;
error_log /var/www/example.com/logs/error.log;
root /var/www/example.com/public;
index index.php;
location / {
try_files $uri $uri/ #wordpress /index.php?q=$request_uri;
}
location #wordpress {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Pass the PHP scripts to FastCGI server listening on UNIX sockets.
#
location ~ \.php$ {
try_files $uri #wordpress;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443 ssl;
ssl on;
keepalive_timeout 70;
server_name example.com;
ssl_certificate ssl/example.com.chained.crt;
ssl_certificate_key ssl/example.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
root /var/www/example.com/public;
index index.php;
location / {
try_files $uri $uri/ #wordpress /index.php?q=$request_uri;
}
location #wordpress {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Pass the PHP scripts to FastCGI server listening on UNIX sockets.
#
location ~ \.php$ {
try_files $uri #wordpress;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
The main chunk of the mapping is done in the first server block. I'm targeting any subdomain (I will have already weeded out restricted subdomains with other non-relevant code) and rewriting it to ensure that it has a trailing slash to avoid any internal redirects by WordPress for URLs without a trailing slash. From there, the resolver directive is required to resolve URLs defined in proxy_pass, so I am resolving with Google's DNS. I'm also using the proxy_pass_header directive to send over cookies in order to keep WordPress login authentication in tact. proxy_pass defines the URL to map to.
It should also be noted that if you want to use login authentication as well with subdomains, you need to define your custom cookie domain in wp-config.php like this:
define('COOKIE_DOMAIN', '.example.com');
And that should be it. You can now enjoy URLs like subdomain.example.com that map to example.com/user/subdomain/ or whatever you want. From there, you can utilize WordPress' Rewrite API to map the mapped URL to specific query args that can be sent to $wp_query for loading custom templates, etc.
the following should do it:
server {
listen 80; listen 443;
server_name *.example.com;
if ($host ~ "^(.*)\.example\.com$" ) { set $subdomain $1;}
rewrite ^ $scheme://example.com/$subdomain/$request_uri permanent;
}
(as an aside: the regex ^ matches all url's the most efficiently, and the standard nginx variable $request_uri holds the uri including arguments so you don't need the (.*) group in the rewrite)
additionally add a second serverblock for the domains you don't want redirected:
server {
listen 80; listen 443;
server_name cdn.example.com admin.example.com;
# do whatever with the requests of the reserved subdomains;
}
I think .htaccess is not working with nginx.
I use Nginx As Reverse Proxy Server port 80 and Apache as web server
HERE