Suppose I have a web server running on the IP address 1.2.3.4 and the domain name abc.com resolves to 1.2.3.4. How shall I write the nginx.conf so that the web server only allows access via the IP address 1.2.3.4 and denies all access via the domain name abc.com?
nginx.conf:
http {
...
server {
listen 80;
server_name 1.2.3.4;
}
...
}
Currently I set server_name to 1.2.3.4, and it seems that the web server is accessible via both 1.2.3.4 and abc.com.
I would define two server stanzas. One for abc.com to which access is denied. Then define a catch-all server that can be accessed via ip address:
server {
listen 80;
server_name abc.com;
return 403;
}
server {
listen 80 default_server;
server_name _;
}
Related
I have installed zammad on ubuntu 20.4,
I can open zammad with localhost address but can not connect to zammad from remote with server IP address
I have edited the file /etc/nginx/sites-available/zammad.conf
#
# this is the nginx config for zammad
#
upstream zammad-railsserver {
server 127.0.0.1:3000;
}
upstream zammad-websocket {
server 127.0.0.1:6042;
}
server {
listen 80;
listen [::]:80;
# replace 'localhost' with your fqdn if you want to use zammad from remote
#server_name localhost;
server_name 10.20.60.200;
# security - prevent information disclosure about server version
#server_tokens off;
root /opt/zammad/public;
access_log /var/log/nginx/zammad.access.log;
error_log /var/log/nginx/zammad.error.log;
client_max_body_size 50M;
for server_name I have put my IP adress, and with this IP address can not connect to zammad, but with 127.0.0.1:3000 it is connecting
can anyone help on thi, please?
Give in the URL 10.20.60.200:3000. It is enough, when you just only give the IP adress without port into the URL.
I am trying to get a min.io server up and running with virtual-host style and am failing to configure nginx to do so correctly.
Expected result
bucket.s3.domain.com works to access bucket
Actual result
bucket.s3.domain.com is redirected to s3.domain.com/bucket – this does not generate virtual host style URLs.
My config (I omitted default port 80 to 443 redirect and other not relevant docker containers):
http {
upstream minio-s3 {
server 127.0.0.1:9000;
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/s3.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/s3.domain.com/privkey.pem;
server_name s3.domain.com;
location / {
proxy_pass http://minio-s3;
}
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/s3.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/s3.domain.com/privkey.pem;
server_name "~^(?<subdomain>[^.]+).s3.domain.com";
location / {
proxy_pass http://127.0.0.1/$subdomain$request_uri;
proxy_set_header Host s3.domain.com;
}
}
Notes
Nginx running on Ubuntu Server LTS 20.04 (no Docker)
Min.io running on Docker port 9000
MINIO_DOMAIN is correctly set to s3.domain.com
bucket subdomain is correctly set
wildcard certificate for *.s3.domain.com is configured
Questions
How can I configure Min.io (besides passing env MINIO_DOMAIN) to use virtual host style URLs together with nginx?
How can I set up nginx to support this case?
So the answer to my original question is pretty simple:
Only one server block is needed, the subdomain regex is added to the server name and min.io resolves this correctly
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/s3.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/s3.domain.com/privkey.pem;
server_name "~^(?<subdomain>[^.]+).s3.domain.com" s3.domain.com;
location / {
proxy_pass http://minio-s3;
I hope this helps someone struggling with the same.
Virtual host in in short with Min.io:
Register domain, subdomain (per bucket)
Point domains all to your server (CNAME etc.)
Generate certificates with certbot (domain, wildcard for subdomains)
Launch min.io passing MINIO_DOMAIN as environment variable
Point all domains to Min.io application (domain and subdomains)
I just setup a AWS server and installed Nginx. I've also forwarded the public IP address to my Godaddy account. Typing the domain name on the address bar directs to the correct website but instead of seeing my domain name the public IP address is displayed.
I've followed the tutorial described here:
https://mediatemple.net/community/products/developer/204405534/install-nginx-on-ubuntu
I've done some modification in:
/etc/nginx/sites-available/example.com referencing /etc/nginx/sites-available/default
/etc/nginx/sites-available/example.com
server {
listen 80 default_server;
listen [::]:80;
server_name example.com www.example.com;
access_log /var/www/example.com/logs/access.log;
error_log /var/www/example.com/logs/error.log;
root /var/www/example.com;
index index.html;
}
The expected out should be the domain name is shown rather than the ip address.
After going through nginx documentation, I saw that in their tutorial they make two server blocks as following:
server {
listen 192.168.1.1:80
server_name example.org www.example.org;
}
server {
listen 192.168.1.1:80
server_name example.net www.example.net;
}
Both domains point to the ip 192.168.1.1, for this in the 2 domains you set the dns record type A, example:
www.example.org A 192.168.1.1
www.example.net A 192.168.1.1
The server nginx only thing it does is serve on port 80 for any domain and shows the same page.
I have NGINX on my VPS working on port 80 (few domains on it), and I want add GlassFish on port 8080.
Next I want add domain for GlassFish, but on domain it should work on port 80.
How I can do that?
Him add server rule, for example:
server {
listen 80;
server_name demo.glass.fish;
location / {
proxy_pass http://localhost:8080;
}
}