Ubuntu + nginx - trying to install GeoIP module - wordpress

I'm using vagrant (VVV actually) to run local wordpress installs. I want to test different behaviors for different GEO's on my local machine instead of upload it every time to the server which is annoying.
So, I've tried to install the GeoIP nginx module to the local machine with the following guide https://piwik.org/faq/how-to/faq_166/ (and a bit more google but it doesn't matter at the moment).
When I'm using ./configure the following is exists:
checking for GeoIP library ... found
checking for GeoIP IPv6 support ... found
I've also set the .dat files in my conf file, and set the $_SERVER (fastcgi_param) parameters - so they displayed when I'm printing the $_SERVER var.
But those GeoIP vars are empty. I'm not sure about the reason, but 2 things is bothering me. First, when I'm write nginx -V in the terminal the argument --with-http_geoip_module is missing. Second, could it actually works if the REMOTE_ADDR (IP) is not my real IP? (192.168.1.50 for example).
nginx is a bit strange for me, so sorry if something isn't exact..
--
Operating system - macOS, nginx version - 1.3.15, running with VVV (vagrant box)

If there is a reverse proxy in front of your nginx, use geoip_proxy to set IPs whose X-Forwarded-For-Header can be trusted.
You can also use that without actually having a reverse proxy when you're developing. Add your local IP to the geoip_proxy-list and set the X-Forwarded-For-Header to your public IP in your browser (use a plugin like Modify Headers).

Related

How to do reverse DNS lookup in Nginx

I have Nginx configuration where I want to allow a DNS name as I cant be certain on IP address.
{
satisfy any;
allow www.domain.com; // want to achieve this
}
With Nginx we cant achieve this.
Looked at this https://github.com/flant/nginx-http-rdns as a solution.
This module says it does reverse lookup but it didnt work and repo is very old and well maintained.
Another alternative is to use a shell script and do a dig or host on IP address but we dont want to use shell script with Nginx.
Alternate solution is to use a side car to do the DNS resolution and to add allow/deny rules.
If this still works you'll need to compile it for the same version of nginx that is installed. If you're using nginx from a repo then dynamically compile it and see if the following helps:
Download nginx src matching installed version and extract it.
$ cd nginx-1.x.x
$ ./configure --with-compat --add-dynamic-module=/path/to/nginx_module
$ make modules
make modules should result in a nginx module that you need to copy to /usr/lib/nginx/modules/ and load it with load_module modules/modulename.so in your nginx.conf.

Can I perform GeoIP blocking in NGINX without having to pay for NGINX Plus?

I'm a Fedora 29 enduser looking for a way perform GeoIP blocking via NGINX without having to pay a lot of $$ for Nginx Plus. I saw NGINX can be setup to include modules and wanted to ask if there are any open-source modules that can be used to perform basic GeoIP blocking.
Thanks,
You can build nginx and add the geoip module from nginx https://nginx.org/en/docs/http/ngx_http_geoip_module.html by adding "--with-http_geoip_module" to the nginx build configuration.
Then in your nginx.conf you specify geoip_country or geoip_city followed by a path to a geoip db
https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-by-geoip/ can also help with setting up geoip for either open-source or nginx plus
Edit: GeoIP is deprecated but will still work for existing installs.
You can build GeoIP2 from source here https://github.com/leev/ngx_http_geoip2_module with nginx in a similar manner as before
Here is the newer geoip2 database Geolite2 Country

Xdebug with PHPStorm and a Docker container

Setup: Windows 10; Docker running with Boot2Docker on Hyper-V; PHPStorm 9
Webserver on the VM is Nginx. I've configured the xdebug.ini for php5-fpm as:
zend_extension=xdebug.so
xdebug.remote_enable=on
xdebug.remote_port=9000
xdebug.remote_connect_back=On
xdebug.remote_handler=dbgp
xdebug.profiler_enable=0
If I set a breakpoint and reload the page I get an incoming connection from Xdebug in PHPStorm:
I wonder that there is only one file shown and not the entire project which is much bigger. If I accept the connection I can debug the very first line but it is not stopping on my breakpoint and creates a server entry which looks like:
What is very strange that host is empty.
I already added the server with the correct mapping but it got ignored.
So how to get Xdebug to stop on breakpoints?
What is very strange that host is empty.
PhpStorm requires this field to be filled as it uses this to recognize what server entry (and therefore path mappings) to use -- IDE supports debugging the same code base running on different domains / remote servers.
In this particular case the servername field / parameter of your nginx configuration is empty. You can fix this by providing some value in nginx config file.

OpenResty : configure lua with already given /etc/nginx/nginx.conf file

I am having a website which is working on nginx already .
nginx conf file is in /etc/nginx.conf folder.
Now i want to integrate lua into that project so i installed Openresty .
I created a folder with name "work" as per instruction in doc .And website is working fine at port 8080 as per instructions.
Now i want to use same code into my /etc/nginx/nginx.conf file.
like i can use statements like 'content_by_lua ' there .
I am not able to configure this .
I am getting below error.
Starting nginx: nginx: [emerg] unknown directive "content_by_lua" in /etc/nginx/nginx.conf:25
nginx: configuration file /etc/nginx/nginx.conf test failed
Let me know what i am doing wrong
I started from the same point. Had nginx, had lua, installed openresty and went from there. I was getting the exact same error. After spending considerable time, trying to make the openresty packages play nice with my nginx installation, I found it easiest to uninstall nginx and move forward just with openresty's nginx. Just make backups of your current nginx.conf and any vhost files.
When installing openresty I was sure to include the --with-luajit option. Set up a "hello, world" test, and everything worked wonderfully. My biggest complaint was not being able to start and stop nginx as a service anymore. The issue is a lack of init.d file in the openresty installation. Luckily I ran across this:
https://groups.google.com/forum/#!topic/openresty-en/7UOz-y77CY4
just change the name to openresty (instead of openresty.init.d) and place in /etc/init.d/ (assumed for Ubuntu). and start/stop/reload as sudo service openresty start
The error shows that your nginx don't compiled with the right module.
try type nginx -V to see if your nginx configured with nginx_lua_module
Maybe you should find out where the openresty nginx is and use this nginx instead of the default one.

Alfresco webdav behind apache under jkmount

I'm trying to configure the access to an alfresco webdav directory.
Alfreso is in local ip 192.168.1.25. If I mount (with mount.davfs http:// 192.168.1.25 :8080) , it works ok.
If I configure jkmount in the apache server (in another local ip, 192.168.1.111), when I mount it (with mount.davfs http:// public /alfresco), it doesn't work. The mount error is:
mount.davfs: connection timed out two times;
trying one last time
mount.davfs: server temporarily unreachable;
mounting anyway
However, if I mount the URL with firefox, chrome, or Windows net share, it works ok.
I've tried different jkmount options, rewrites, etc., and with firefox and others it works ok, but it fails using mount (and I must use mount or any other command line tool).
Cadaver also fails.
Regards,
Thanks Heiko,
I've set up the virtual host with (Alfresco Server is in another server):
ProxyPass /alfresco ajp://192.168.1.25:8009/alfresco
ProxyPassReverse /alfresco ajp://192.168.1.25:8009/alfresco
<Location /alfresco/webdav/ >
<Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE>
Order Deny,Allow
Allow from all
Satisfy Any
</Limit>
</Location>
And the problem persists: I mount it with firefox (and chrome, etc.) ok, but it fails with mount.davfs or cadaver. It doesn't work with curl too.
In alfresco-global.properties, this lines are commented:
# URL Generation Parameters (The ${localname} token is replaced by the local server name)
#-------------
#alfresco.context=alfresco
#alfresco.host=${localname}
#alfresco.port=8080
#alfresco.protocol=http
#
#share.context=share
#share.host=${localname}
#share.port=8080
#share.protocol=http
Are they necessary?
Is there any other apache directive for this?
I also tried to offer the directory via apache with:
ProxyPassMatch ^/alfresco/(.*)$ "http://192.168.1.25:8080/alfresco/$1"
ProxyPassReverse /alfresco/ "http://192.168.1.25:8080/alfresco/"
and
JkMount /alfresco/* alfresco configuring jk workers.properties with:
worker.list=alfresco
worker.alfresco.type=ajp13
worker.alfresco.host= 192.168.1. 25
worker.alfresco.port=8009
worker.alfresco.lbfactor=1
worker.alfresco.socket_keepalive=1
worker.alfresco.socket_timeout=300
And the results are the same: It works in navigators but not in linux console.
I've set apache logs in debug mode for this virtual hosts, and when I mount it with firefox, it writes the right info (ajp conections, etc) but when I try to mount from linux terminal, the logs are empty. This is like the conection doesn't work, but only from console...
Thanks for your help, I keep looking for solutions...
Did you set up virtual host like described here?
Also you may need to set ProxyPreserveHost Directive or something similar depending on your apache mod (mod_http_ajp or mod_jk)

Resources