I'm running nginx on a basic AWS EC2 instance.
My nginx http server block looks like this:
server {
listen 80 default_server;
listen [::]:80;
# TLS redirect
server_name ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com;
return 301 https://$host$request_uri;
}
My https server block works fine, so when I enter:
https://ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com
In my browser, everything works, but when I enter:
http://ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com (http, not https)
I get redirected to
https://compute.amazonaws.com
Is there any obvious reason for this? Thanks in advance.
Edit with curl
[ec2-user#ip-xxx-xx-xx-xxx ~]$ curl -v http://ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com
* Rebuilt URL to: http://ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com/
* Trying 172.31.14.246...
* TCP_NODELAY set
* Connected to ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com (xxx.xx.xx.xxx) port 80 (#0)
> GET / HTTP/1.1
> Host: ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com
> User-Agent: curl/7.51.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Server: nginx/1.10.2
< Date: Mon, 24 Apr 2017 22:09:39 GMT
< Content-Type: text/html
< Content-Length: 185
< Connection: keep-alive
< Location: https://ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com
<
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.10.2</center>
</body>
</html>
* Curl_http_done: called premature == 0
* Connection #0 to host ec2-xx-xx-xxx-xxx.rr-rrrr-r.compute.amazonaws.com left intact
Related
I have a web app hosted at A.B.C.D:5601 and when I try curl A.B.C.D:5601 it doesn't print out anything on the screen however when I open the same link using a browser it does open the webapp. But it gets forwarded to A.B.C.D:5601/foo/bar and it opens fine.
Here is the output of curl -v
* Trying A.B.C.D:5601...
* TCP_NODELAY set
* Connected to A.B.C.D port 5601 (#0)
> GET / HTTP/1.1
> Host: A.B.C.D:5601
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< location: /spaces/enter
< x-content-type-options: nosniff
< referrer-policy: no-referrer-when-downgrade
< cache-control: private, no-cache, no-store, must-revalidate
< content-length: 0
< Date: Tue, 08 Jun 2021 03:01:11 GMT
< Connection: keep-alive
< Keep-Alive: timeout=120
<
* Connection #0 to host A.B.C.D left intact
Why is curl not giving me the response back?
Curl is telling you you are being redirected to /spaces/enter.
You can tell Curl to automatically follow redirects:
curl -vL [url]
Is there any way to change the response code nginx sends? When the server receives a file that exceeds its client_max_body_size as defined in the config, can I have it return a 403 code instead of a 413 code?
Below works fine for me
events {
worker_connections 1024;
}
http {
server {
listen 80;
location #change_upload_error {
return 403 "File uploaded too large";
}
location /post {
client_max_body_size 10K;
error_page 413 = #change_upload_error;
echo "you reached here";
}
}
}
Results for posting a 50KB file
$ curl -vX POST -F file=#test.txt vm/post
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 192.168.33.100...
* TCP_NODELAY set
* Connected to vm (192.168.33.100) port 80 (#0)
> POST /post HTTP/1.1
> Host: vm
> User-Agent: curl/7.54.0
> Accept: */*
> Content-Length: 51337
> Expect: 100-continue
> Content-Type: multipart/form-data; boundary=------------------------67df5f3ef06561a5
>
< HTTP/1.1 403 Forbidden
< Server: openresty/1.11.2.2
< Date: Mon, 11 Sep 2017 17:58:55 GMT
< Content-Type: text/plain
< Content-Length: 23
< Connection: close
<
* Closing connection 0
File uploaded too large%
and nginx logs
web_1 | 2017/09/11 17:58:55 [error] 5#5: *1 client intended to send too large body: 51337 bytes, client: 192.168.33.1, server: , request: "POST /post HTTP/1.1", host: "vm"
web_1 | 192.168.33.1 - - [11/Sep/2017:17:58:55 +0000] "POST /post HTTP/1.1" 403 23 "-" "curl/7.54.0"
I've noticed a whole bunch of Referer links like t.co/oPQO7Xdz in my access_log files, but no other URL shorteners ever show up. Why?
The URL shorteners never show up because HTTP 301 Moved Permanently et al redirects in HTTP are not designed to influence the Referer HTTP Request Header (apparently, not even if the header is blank, potentially due to the fact that it'll cause inconsistency in behaviour otherwise).
However, Twitter does not issue 301 Moved Permanently redirects with its t.co service if it sees what it deems is a popular desktop or mobile User-Agent. As the redirect is thus done outside of the HTTP stack, the Referer field in the subsequent brand-new HTTP Request would then be composed to include the prior HTML page that was responsible for the redirection, causing a t.co entry to appear in access_log.
% curl -v -A"iPhone;" t.co/oPQO7Xdz
* About to connect() to t.co port 80 (#0)
* Trying 104.244.42.5...
* connected
* Connected to t.co (104.244.42.5) port 80 (#0)
> GET /oPQO7Xdz HTTP/1.1
> User-Agent: iPhone;
> Host: t.co
> Accept: */*
>
< HTTP/1.1 200 OK
< cache-control: private,max-age=300
< content-length: 258
< content-security-policy: referrer always;
< content-type: text/html; charset=utf-8
< date: Thu, 07 Jul 2016 05:24:16 GMT
< expires: Thu, 07 Jul 2016 05:29:16 GMT
< server: tsa_o
< set-cookie: muc=1f43e292-e319-4818-ba81-f12d16e5b629; Expires=Tue, 19 Jun 2018 05:24:16 UTC; Domain=t.co
< x-connection-hash: 0dc5a2a6a7e83ac2d7fb207eb0cedf84
< x-response-time: 115
< x-xss-protection: 1; mode=block
<
* Connection #0 to host t.co left intact
<head><meta name="referrer" content="always"><noscript><META http-equiv="refresh" content="0;URL=http://mdoc.su/n/curl"></noscript><title>http://mdoc.su/n/curl</title></head><script>window.opener = null; location.replace("http:\/\/mdoc.su\/n\/curl")</script>* Closing connection #0
Compare this to what were to occur otherwise (and which is the only way that most other URL shorteners redirect, which would preserve whichever Referer appears when the HTTP request first hits the HTTP stack of the browser):
% curl -v t.co/oPQO7Xdz
* About to connect() to t.co port 80 (#0)
* Trying 104.244.42.69...
* connected
* Connected to t.co (104.244.42.69) port 80 (#0)
> GET /oPQO7Xdz HTTP/1.1
> User-Agent: curl/7.26.0
> Host: t.co
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< cache-control: private,max-age=300
< content-length: 0
< date: Thu, 07 Jul 2016 05:24:40 GMT
< expires: Thu, 07 Jul 2016 05:29:40 GMT
< location: http://mdoc.su/n/curl
< server: tsa_o
< set-cookie: muc=2c727b50-311f-4043-9861-9f703996a8a8; Expires=Tue, 19 Jun 2018 05:24:40 UTC; Domain=t.co
< x-connection-hash: 5583cc49ddbcefe8fac9ba392ca868fd
< x-response-time: 103
<
* Connection #0 to host t.co left intact
* Closing connection #0
I am trying to configure nginx to serve a static html page on the root domain, and proxy everything else to uwsgi. As a quick test I tried to divert to two different static pages:
server {
server_name *.example.dev;
index index.html index.htm;
listen 80;
charset utf-8;
location = / {
root /www/src/;
}
location / {
root /www/test/;
}
}
This seems to be what http://nginx.org/en/docs/http/ngx_http_core_module.html#location says you can do. But I'm always getting sent to the test site, even on the / request by visiting http://www.example.dev in my browser.
Curl output:
$ curl http://www.example.dev -v
* Rebuilt URL to: http://www.example.dev/
* Hostname was NOT found in DNS cache
* Trying 192.168.50.51...
* Connected to www.example.dev (192.168.50.51) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.37.1
> Host: www.example.dev
> Accept: */*
>
< HTTP/1.1 200 OK
* Server nginx/1.8.0 is not blacklisted
< Server: nginx/1.8.0
< Date: Tue, 19 May 2015 01:11:10 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 415
< Last-Modified: Wed, 15 Apr 2015 02:53:27 GMT
< Connection: keep-alive
< ETag: "552dd2a7-19f"
< Accept-Ranges: bytes
<
<!DOCTYPE html>
<html>
...
And the output from the nginx access log:
192.168.50.1 - - [19/May/2015:01:17:05 +0000] "GET / HTTP/1.1" 200 415 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36" "-"
So I decided to comment out the test location. So I have only the location = / { ... block. Nginx now 404s and logs the following error:
2015/05/19 01:24:12 [error] 3116#0: *6 open() "/etc/nginx/html/index.html" failed (2: No such file or directory), client: 192.168.50.1, server: *.example.dev, request: "GET / HTTP/1.1", host: "www.example.dev"
Which is the default root in the original nginx conf file? I guess this confirms my location = / pattern is not matching.
I added $uri to the access log and see that it is showing /index.html which I guess means the first location pattern is matching, but then it goes into the second location block? So now I just need to figure out how to serve my index.html from the / block, or just add another block like: location =/index.html
according to #Alexey Ten commented, in ngx_http_index doc:
It should be noted that using an index file causes an internal redirect, and the request can be processed in a different location. For example, with the following configuration:
location = / {
index index.html;
}
location / {
...
}
a “/” request will actually be processed in the second location as “/index.html”.
In your case, request to "/" will not get /www/src/index.html, but /www/test/index.html.
Consider the following hyperlink:
<a href="http://www.cs.rutgers.edu/∼shklar/">
What HTTP/1.0 request will get submitted by the browser?
What HTTP/1.1 request will get submitted by the browser?
Will these requests change if the browser is configured to
contact an HTTP proxy? If yes, how?
While you could use tcpdump to dump the actual network traffic, curl is surely more handy to test the HTTP conversation from the command line.
An HTTP/1.0 request:
curl -v -0 http://www.cs.rutgers.edu/∼shklar/
* About to connect() to www.cs.rutgers.edu port 80 (#0)
* Trying 128.6.4.24...
* connected
* Connected to www.cs.rutgers.edu (128.6.4.24) port 80 (#0)
> GET /∼shklar/ HTTP/1.0
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: www.cs.rutgers.edu
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Date: Wed, 31 Oct 2012 17:57:31 GMT
< Server: Apache/1.3.26 (Unix)
< Content-Type: text/html; charset=iso-8859-1
< Connection: close
An HTTP/1.1 request:
curl -v http://www.cs.rutgers.edu/∼shklar/
* About to connect() to www.cs.rutgers.edu port 80 (#0)
* Trying 128.6.4.24...
* connected
* Connected to www.cs.rutgers.edu (128.6.4.24) port 80 (#0)
> GET /∼shklar/ HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: www.cs.rutgers.edu
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Date: Wed, 31 Oct 2012 17:59:47 GMT
< Server: Apache/1.3.26 (Unix)
< Content-Type: text/html; charset=iso-8859-1
< Transfer-Encoding: chunked
Use the -x (or --proxy) <[protocol://][user#password]proxyhost[:port]> switch to use a proxy and see the results.
More about curl here: http://curl.haxx.se/docs/manpage.html