hostname1 and hostname2 represent the same host running nginx. How request is passed when user visits hostname2:80 on another machine?
nginx.conf
server {
listen 80;
server_name localhost;
# other content
}
server {
listen 80;
server_name hostname1;
# other content
}
Related
For example, I have a server with 2 network interface, one for public ip and one for private ip. And write 2 nginx configuration file:
cat /etc/nginx/sites-enabled/siteA.sample.edu.cn
server {
listen 80;
server_name siteA.sample.edu.cn;
...
location / {
root /var/lib/www/siteA.sample.edu.cn;
index index.html index.htm index.php;
}
}
cat /etc/nginx/sites-enabled/siteB.sample.edu.cn
server {
listen 80;
server_name siteB.sample.edu.cn;
...
location / {
root /var/lib/www/siteB.sample.edu.cn;
index index.html index.htm index.php;
}
}
As long as they both listen on 80 without ip restriction, they can work together well. Setting local dns for siteA and siteB with the same ip 172.16.0.1, I can visit different site with those url.
But when setting explict listen ip to one site:
cat /etc/nginx/sites-enabled/siteA.sample.edu.cn
server {
listen 172.16.0.1:80;
server_name siteA.sample.edu.cn;
...
}
}
cat /etc/nginx/sites-enabled/siteB.sample.edu.cn
server {
listen 80;
server_name siteB.sample.edu.cn;
...
}
}
Then I cannot visit siteB.sample.edu.cn anymore. Using url http://siteB.sample.edu.cn will finally reach the siteA.sample.edu.cn.
So how to stop such strange redirection? It seems that server with explicit listen ip has higher priority?
This behaviour is documented here.
You could try using two listen directives in site B's server block.
For example:
server {
listen 172.16.0.1:80;
listen 80;
...
}
Or:
server {
listen 172.16.0.1:80;
listen <otherIP>:80;
...
}
Nginx is 1.14.1 version
have several virtual hosts and default in the /etc/nging/sites-enabled:
I've tried to configure using this doc: http://nginx.org/en/docs/http/request_processing.html
default
server {
listen 80;
server_name "";
return 444;
}
server {
listen 443 ssl http2 default_server;
server_name _;
ssl_certificate ....
ssl_certificate_key .....
add_header Strict-Transport-Security 'max-age=31536000';
return 444;
}
domain1
server{
listen 80;
server_name domain1;
return 301 https://$server_name;
}
server {
server_name domain1;
listen 443 ssl;
..................
}
but when tried to get access using server IP nginx redirect to domain1. please help what's wrong here. I'd like to deny access by IP to sites and leave only requests with domain name
I have two configs enabled in my nginx sites-enabled folder.
The first one (my-domain.fr.conf) looks like this:
server {
listen 443 ssl http2;
server_name my-domain.fr;
index index.html;
location / {
root /www/my-domain.fr;
}
include ssl_certif.conf;
}
# HTTP redirect
server {
listen 80 default_server;
server_name my-domain.fr;
location / {
return 301 https://my-domain.fr$request_uri;
}
}
The second one (sub.my-domain.fr.conf) looks like this:
server {
location / {
proxy_pass http://127.0.0.1:8080;
}
include ssl_certif.conf;
server_name sub.my-domain.fr;
listen [::]:443 ssl;
}
server {
if ($host = sub.my-domain.fr) {
return 301 https://$host$request_uri;
}
server_name sub.my-domain.fr;
listen [::]:80;
return 404;
}
I would expect the last one to only catch requests to sub.my-domain.fr subdomains, but instead it catches anything (I have wildcards subdomains set up on my DNS), and even masks my-domain.fr.
How can I make sure it only catches sub.my-domain.fr requests?
I found the reason.
sub.my-domain.fr supports ipv6 (listen [::]:443 ssl;). my-domain.fr doesn't.
I suppose my connection is using ipv6 when it can, and in this case, sub.my-domain.fr is the only match.
Adding ipv6 support (listen 443 ssl => listen [::]:443 ssl;, and listen 80; => listen [::]:80;) in all server entries fix it.
my current setup of webpage is:
forum.xyz.pl
I need xyz.pl redirect to forum.xyz.pl
current nginx.conf:
nodebb.conf
I am using aws route53, not sure what value should I put there for root domain also.
thanks
pl to forum.xyz.pl you can simply do:
server {
server_name xyz.pl;
rewrite ^ forum.xyz.pl$request_uri? permanent;
}
This should solve your problem, let me know if you have any other problems. I don't really understand the problem with Route 53 since it is just handling the DNS entries.
I'd do it like this
server {
listen 80;
server_name xyz.pl;
return 301 https://forum.xyz.pl/;
}
server {
listen 80;
server_name forum.xyz.pl;
#Force Https
return 301 https://$host$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
#listen [::]:80;
#listen 80;
server_name forum.xyz.pl;
##rest of config goes here
}
We have a website that was previously available under 3 addresses
report.example.com
www.live.example.com
live.example.com
all working with https and http and using letsencrypt certs.
It's been decided that the site will only be available under 1 address - live.example.com
The nginx config is setup as follows
server {
listen 80;
server_name report.example.com www.live.example.com live.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name report.example.com www.live.example.com live.example.com;
...
}
I have changed this to the following:-
server {
listen 80;
listen 443 ssl;
server_name report.example.com www.live.example.com;
return 301 $scheme://live.example.com$request_uri;
}
server {
listen 80;
server_name live.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name live.example.com;
...
}
However when I try and navigate the site with the new config I get
Attackers might be trying to steal your information from www.live.example.com (for example, passwords, messages or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
The certificate is the same, so contains all the correct details.
Turns out that as they're on the same server I had to include the certificate details in the old virtualhost as well as the new one