I heard that MEAN stack would be beneficial if it has nginx at front for some reasons and am following instructions from some people already done it. I installed MEAN stack via Bitnami and AWS and am trying to setting nginx configuration. I am modifying file /usr/share/nginx/default which contains this code.
server {
listen 80;
server_name example.com www.example.com;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
My question is that should I have to put my address instead of 127.0.0.1?
and should I have to keep 3000 and change my AWS port setting? Thanks in advance!
127.0.0.1 is a loopback ip address of the server, so the answer is no, you have to keep that ip address.
Port 3000 is an application port,that mean your application is listening on that port. Regularly, you can check port number that is in app.js or server.js files. You can change that port belong to port that you have set your application's port is listening. Sorry for my poor English.
Related
Well, here we go.
I have an instance in Azure with ubuntu and I'm trying to access an web application out of this machine (Not LocalHost).
First I've installed all dotnet things to make a test application and runned
dotnet new mvc
I check inside Azure machine localhost:5000 and this app test work well.
Then I installed nginx to access my application remotelly. When I access the public IP I can see a page of nginx.
nginx Page
I've try to config thousand times to when I access the public IP the nginx redirect to my web app running in Azure Localhost.
One configuration I've try was
/etc/nginx/sites-enabled
server {
listen 80;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Any Idea to make this works?
Sry for bad english
You have missed server_name parameter.
And if that's the only one config in config dir, then also add default_server option to listen directive, like this:
server {
listen 80 default_server;
server_name my.domain.com;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Change my.domain.com to appropriate FQDN of your Azure instance, so that you can make requests not only by entering IP address in browser, but also with a host name.
And make sure that you have included that config in nginx.conf file, like:
include /etc/nginx/sites-enabled/*;
Hope it will help you to figure out.
Can't connect to application through External IP.
I started gerrit code review application on GCP's vm instance(CentOS 7).
It works on http://localhost:8080 and I can't connect to it through external IP. Also I tried to create NGINX reverse proxy, but probably my configuration is wrong. By the way after installing NGINX, the starter page were shown on external ip.
# nginx configuration /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name localhost;
auth_basic "Welcomme to Gerrit Code Review Site!";
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
}
gerrit.config
[httpd]
listenUrl = proxy-http://127.0.0.1:8080/
You use localhost as a server_name. I think that may cause conflict, because you connect to your server externally. You don't need server_name, cause you are going connect to your server by ip. And I recommend you enable logs in your nginx config. It will help you with bug fixing.
I recommend you try this config:
server {
listen 80;
access_log /var/log/nginx/gerrit_access.log;
error_log /var/log/nginx/gerrit_error.log;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
}
add a line in /etc/hosts
127.0.0.1 internal.domain
Update proxy config
proxy_pass http://internal.domain:8080;
It works with me
I have a sub domain routed through cloudflare. They don't cover websockets unless it enterprise or maybe business depending on traffic.
So now when users visit the external site, it connects to my sub domain via a websocket with the url of my site being passed in their url.
e.g thridpartysite.com?ws=my.subdomain.com
But my IP is revealed and I am worried about DDoS.
I am using nginx and ubuntu 14.04. Is there anything I can do to mask the IP?
Here is my current nginx config
# Config
server {
listen 80;
listen [::]:80;
server_name my.subdomain.com www.my.subdomain.com;
location / {
proxy_pass http://MySubdomainIP:443;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
So it takes the app on 443 and proxies to 80 so I can route that through cloudflare but no websocket support means I need to reveal my IP which leaves me open to DDoS attacks.
Is there anything I can do at this point?
All plan levels support websoxkets.
https://support.cloudflare.com/hc/en-us/articles/200169466-Can-I-use-CloudFlare-with-WebSockets-
I have a node app that uses websockets which is working on local host but not in production. In production, the messages being posted aren't appearing in the client. Since it's using socket.io, I'm assuming this is a problem with the ports. In production, I'm using nginx with this as the following config. Nginx is listening on port 80 but I have the port for the application at localhost:3000. Every nginx config I've ever seen has it listening on port 80, and I've heard problems will result if I set localhost below 1000, yet I believe the socket.io is not working because these ports are not the same. Can you suggest how to fix this problem?
/etc/nginx/conf.d/example.com.conf
server {
listen 80;
server_name mydomain.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
EDIT: It turns out that the my setup below actually works. Previously, I was getting redirections to port 36000 but it was due to some configuration settings on my backend application that was causing it.
I am not entirely sure, but I believe I might be wanting to set up a reverse proxy using nginx.
I have an application running on a server at port 36000. By default, port 36000 is not publicly accessible and my intention is for nginx to listen to a public url, direct any request to the url to an application running on port 36000. During this entire process, the user should not know that his/her request is being sent to an application running on my server's port 36000.
To put it in more concrete terms, assume that my url is http://domain.somehost.com/
Upon visiting http://domain.somehost.com/ , nginx should pick up the request and redirect it to an application already running on the server on port 36000, the application does some processing, and passes the response back. Port 36000 is not publicly accessible and should not appear as part of any url.
I've tried a setup that looks like:
server {
listen 80;
server_name domain.somehost.com
location / {
proxy_pass http://127.0.0.1:36000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
and including that inside my main nginx.conf
However, it requires me to make port 36000 publicly accessible, and I'm trying to avoid that. The port 36000 also shows up as part of the forwarded url in the web browser.
Is there any way that I can do the same thing, but without making port 36000 accessible?
Thank you.
EDIT: The config below is from a working nginx config, with the hostname and port changed.
You need to may be able to set the server listening on port 36000 as an upstream server (see http://nginx.org/en/docs/http/ngx_http_upstream_module.html).
server {
listen 80;
server_name domain.somehost.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:36000/;
proxy_redirect http://localhost:36000/ https://$server_name/;
}
}