In my nginx server i set my nginx.conf like this for using with gunicorn (and a django app):
server {
server_name *.mytest.io;
root /var/www;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name ~^(?<account>.+)\.mytest\.io$;
root /var/www;
#add_header Test $account;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location /static/ {
alias /var/www/web/core/frontend/static/;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
#add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
add_header P3P $account;
}
now if i call mytest.io all is done, but if i call for example demo.mytest.io or demo1.mytest.io (i already configure on my dns demo and demo1 with the server ip) nginx return the error "403 Forbidden"
[error] 27554#0: *27 directory index of "/var/www/" is forbidden
Why for main domain there are no problem and for subdomain request i get an error on the same location? (/var/www)
Thanks in advance
You have two server blocks. A request to demo.mytest.io or demo1.mytest.io will match the server_name directive in this one:
server {
server_name *.mytest.io;
root /var/www;
}
You have no index or try_files directives in this block, so a request without a uri path is interpreted by Nginx as a request for the directory listing of your root directory.
You don't have an autoindex directive, and by default the value of this is set to off which prevents the listing of directory contents, so your request is denied.
A request to mytest.io doesn't match the server_name directive in either block, but the addition of default_server to the listen directive in the second block means Nginx will use this block to process any requests which do not match any other server blocks, so that request lands here.
The second block has a working set of directives, so it works.
Related
in my nginx server i would to redirect all http incoming request to https.
I use gunicorn and i set as / location a proxy 127.0.0.1:8080
Part of my nginx.conf configuration file is:
server {
listen 80;
listen 443 default ssl http2;
ssl_certificate /var/www/web/core/mycert.crt;
ssl_certificate_key /var/www/web/core/mykey.key;
server_name ~^(?<subdomain>\w+)\.mydomain\.io$;
root /var/www;
return 301 https://$server_name$request_uri;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location /static/ {
alias /var/www/web/core/frontend/static/;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
#add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
proxy_set_header X-DTS-SCHEMA $subdomain;
}
but when i try to open the http version of my page i get "Error to many redirections"
I also tried to add in my proxy directives:
proxy_redirect http:// https://;
but nothing happens.
How can i redirect my proxy request to https everytime?
Thanks in advance
There is a big mistake in your code, you can't do this like you did:
return 301 https://$server_name$request_uri;
If you wish to use like that, you should split the http and https server. When you read your file, you just redirect each time you arrive on the vhost, that's causing the too many redirection.
You could also put a condition on the return to not execute if you already are in https...
I am trying to proxy_pass to a website, But I want the request header host to be the same as the website I passed.
I have tried to use "proxy_set_header Host $proxy_host" (and tried change the value to $host, even the exact hostname I want. But when I use google chrome to check the request host, it is still the server IP that I used to set up the proxy_pass.
Below is my config, please help
location / {
proxy_pass https://example.com;
proxy_set_header Host $proxy_host;
proxy_set_header X-Original-URI $request_uri;
}
Thank you
Check the examples from the docs:
nginx first decides which server should process the request. Let’s start with a simple configuration where all three virtual servers listen on port *:80:
server {
listen 80;
server_name example.org www.example.org;
...
}
server {
listen 80;
server_name example.net www.example.net;
...
}
server {
listen 80;
server_name example.com www.example.com;
...
}
In this configuration, nginx tests only the request’s header field Host to determine which server the request should be routed to. If its value does not match any server name, or the request does not contain this header field at all, then nginx will route the request to the default server for this port. In the configuration above, the default server is the first one — which is nginx’s standard default behaviour. It can also be set explicitly which server should be default, with the default_server parameter in the listen directive:
server {
listen 80 default_server;
server_name example.net www.example.net;
...
}
Now keep in mind that $host is specifically the first server_name that is defined in the current server block. if you have multiple server_name's, only the first one will appear, but if want your backend to receive a fixed host name, use:
proxy_set_header Host "your.fixed.hostname";
I am trying to setup nginx to work with a subpath but I am receiving 404 error.I am using default location and html file.
Nginx config is the following:
server {
listen 80;
listen[::]:80 ipv6only=on;
server_name localhost;
## serving gogs
location / {
proxy_pass http://localhost:3000;
}
## serving laravel-based web app
location /yt/ {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
The firewall (ufw) is disabled and all ports are open via mikrotik.Everything is fine when open the / path but when I go to /yt/ I get a 404 error.
Not sure if configuration is correct, when i compared with my local simple setup i found it little different . Please try this one if it works.
server {
listen 80;
listen[::]:80 ipv6only=on;
server_name localhost;
## serving gogs
location /yt/ {
proxy_pass http://localhost:3000/;
proxy_redirect off;
proxy_set_header Host $host;
}
}
I have a Wordpress Vagrant box that I access through the URL localhost:9001 (forwarded port.).
I am currently trying to make it accessible through the URL "molecare.dev".
I have created the line in the hosts file that catches that URL and points it to my localhost (this is working because I can see the nGinx splash page) but I am having trouble catching this URL in the server block and proxy_pass'ing this to the URL(localhost:9001).
Here is my /etc/nginx/sites-available/default file`server_name molecare.dev;
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
I have written the following code which I think should do it but I don't know where to place it and if it is correct?
server {
listen 80;
server_name molecare.dev;
location / {
proxy_pass localhost:9001;
}
}
Can anyone see if this is correct and if so where I put this?
Thanks!
In the folder /etc/nginx/sites-available/ create a config file for your site, say 'molecare.dev.conf'.
Modify the block you wrote to the following and put that in the new file and save it:
server {
listen 80;
server_name molecare.dev;
location / {
proxy_pass http://127.0.0.1:9001;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Then create a symlink:
ln -s /etc/nginx/sites-available/molecare.dev.conf /etc/nginx/sites-enabled/molecare.dev.conf
Reload the nginx configuration:
service nginx reload
I have this in my file in my /etc/nginx/sites-available/
upstream app_server {
server 127.0.0.1:9000 fail_timeout=0;
}
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /home/portforlio;
index index.html index.htm;
client_max_body_size 4G;
server_name khophi.co www.khophi.co;
keepalive_timeout 5;
location /media {
alias /home/portfolio/media;
}
location /static {
alias /home/portfolio/static;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 30d;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
With the configuration above, I'm told I've leveraged files caching when I check via https://developers.google.com/speed/pagespeed/insights/?url=http%3A%2F%2Fkhophi.co%2F&tab=desktop
Yet, when I visit the site, it doesn't load the css and I get an unstyled page.
What is missing? I have tried this and that, yet although I have also specified my root directory, it still doesn't show them when requested in the browser.
Mysteriously, pageinsights sees them and even as cached, how?
the live site is at khophi.co
The answer I figured out to be a typo.
Should be portfolio not portforlio
I added an error log to nginx and from there, I noticed it says the directory didn't exist, that prompted me to check the folder names
error_log /home/nginx/nginx_error.log warn;