xml sitemap forbidden for access via nginx - nginx

My nginx site configuraton:
upstream nodeName {
server serverIp:7050;
server serverIp:7049 backup;
}
server {
listen 80;
server_name domain.com;
gzip_types application/x-javascript text/css;
access_log /pathToLogs/log.access.log;
location / {
proxy_pass http://nodeName/;
}
location ~ ^/(min/|images/|bootstrap/|ckeditor/|img/|javascripts/|apple-touch-icon-ipad.png|apple-touch-icon-ipad3.png|apple-touch-icon-iphone.png|apple-touch-icon-iphone4.png|generated/|js/|css/|stylesheets/|robots.txt|humans.txt|favicon.ico|xml/) {
root /pathToSite/appdirectory-build;
access_log off;
expires max;
}
}
I want to get sitemap.xml by url http://example.com/xml/sitemap.xml but it gives me
403 Forbidden
nginx/1.4.6 (Ubuntu)
Update
In nginx error log file:
2014/10/09 [error] 16094#0: *49762240 open() "/pathToSite/appdirectory-build/xml/sitemapCallEn.xml" failed (13: Permission denied), client: Ip, server: domain.com, request: "GET /xml/sitemapCallEn.txt HTTP/1.1", host: "domain"
How to change permission and allow to open xml file?

Look into nginx error log. You will find answer there. It's file permission issue likely

Related

nginx execute incorrect path with alias

I don't understand my nginx not serve file from '/var/www/html/foo/' when I execute 'w3m http://localhost/foo/test.html'?
I get 404 error, despite of existing test.html in '/var/www/html/foo/'. When I checked log I see that it looking for page in '/var/www/html/nginx/foo/test.html'.
user nobody nogroup;
worker_processes 2;
events {
worker_connections 512;
}
http {
server {
listen *:80;
listen *:1026;
server_name "test";
root /var/www/html/nginx/ ;
location foo/ {
alias /var/www/html/foo/ ;
}
}
}
arek#127:~$ ls /var/www/html/nginx
test.html
arek#127:~$ ls /var/www/html/foo
index.html test_bigger.html test.html text.html
arek#127:~$
When I checked log I see that it looking for page in '/var/www/html/nginx/foo/test.html'
2022/09/03 02:36:05 [error] 139475#139475: *2 open() "/var/www/html/nginx/foo/test.html" failed (2: No such file or directory), client: 127.0.0.1, server: test, request: "GET /foo/test.html HTTP/1.0", host: "localhost"
when I change my root path on '/var/www/html/' its works.
Try it with the server configuration block like this instead, which is working on my server. Removed the trailing slash from the root, and added a slash before foo/. Also added a default_type for the location. If you still get an error, comment with the log showing the query path.
server {
listen 80;
listen 1026;
server_name "test";
root /var/www/html/nginx;
location /foo/ {
alias /var/www/html/foo/;
default_type "text/html";
}
}

Nginx auth_request handle saml 302 redirects

I am using Nginx as a reverse proxy. Also, I am using auth_request feature to protect my resources. For that, auth_request always goes through authrization server where I am using SAML authentication. While authenticating, there is a redirect 302 to IDP (ssocircle in this case) which I am trying to follow at Nginx but I am always ending up with below error:
no resolver defined to resolve idp.ssocircle.com while sending to
client, client: 127.0.0.1, server: , request: "GET / HTTP/1.1",
subrequest: "/saml/login", host: "localhost:9000"
*1269 auth request unexpected status: 502 while sending to client, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", host:
"localhost:9000"
Here is my Nginx configuration:
server{
listen 9000 ;
auth_request /saml/login;
proxy_intercept_errors on;
error_page 301 302 307 = #handle_redirects ;
location /saml/login {
resolver 46.4.112.4 valid=300s;
internal;
proxy_set_header Host $host;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_pass http://localhost:9090/ ; # url to authorization server
}
location #handle_redirects {
set $saved_redirect_location '$upstream_http_location';
proxy_pass $saved_redirect_location;
}
location / {
root data/www;
}
location /images/ {
root data/ ;
}
}
I tried adding the resolver 46.4.112.4 IP of ssocircle but it didn't work.
Basically, I want to follow the redirect from my authorization server and have user to authenticate themselves at the IDP and return back to the original URL.
I am very new to Nginx. Any help will be much appreciated.
Edit : I am able to resolve the issue stated above. Restarting the Nginx worked for me. But again I am getting this error:
auth request unexpected status: 302 while sending to client,

NGINX mirror files uploaded with HTTP PUT

Need to mirror all newly uploaded files from oroginal server to new one.
Direct file upload (HTTP PUT) to new server works fine. When i upload file to original server, file appers only there. Logs on a new server access log:
10.31.181.61 - - [28/Dec/2018:13:08:30 +0300] "PUT / HTTP/1.0" 409 167 "-" "curl/7.47.0" "-"
error log:
2018/12/28 13:08:30 [error] 28983#0: *23 cannot PUT to a collection, client: 10.31.181.61, server: _, request: "PUT / HTTP/1.0", host: "10.31.181.60"
what does this error mean: cannot PUT to a collection
Is it possible to make this setup?
Thanks
Nginx config on original server
location / {
autoindex on;
mirror /mirror;
mirror_request_body on;
}
location /mirror {
proxy_pass http://newserver/;
proxy_pass_request_body on;
}
Config on new server:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /web;
dav_methods PUT;
location / {
autoindex on;
}
You should also add the filename to the url that you are using with PUT

/swagger-ui/index.html not found

I follow here to setup separated front-end and back-end in centos 7 (with docker), using nginx to host my front-end, my website works, and all /api/.... requests work, however, when I want to check RESTful API serviced by swagger, got a 404 error, fiddler says:
not found /swagger-ui/index.html
I open 8080 on host and navigate the swagger-ui folder and index.html is just there. and all www folder is given 755 permission.
The nginx site.conf is as below:
server {
listen 80;
index index.html;
server_name localhost;
error_log /var/log/nginx/error.log;
location / {
root /usr/share/nginx/html;
}
location /api {
proxy_pass http://www.example.com:8080/api;
}
location /management {
proxy_pass http://www.example.com:8080/management;
}
location /v2 {
proxy_pass http://www.example.com:8080/v2;
}
location /swagger-ui {
proxy_pass http://www.example.com:8080/swagger-ui;
}
location /swagger-resources {
proxy_pass http://www.example.com:8080/swagger-resources;
}
}
What's wrong?
===============================updated
after issue:
sudo docker logs -f -t --tail 100 docker_nginx_1
found somethings wrong in log file:
2018-07-14T17:35:40.904857522Z 187.67.50.246 - - [14/Jul/2018:17:35:40 +0000] "GET /cgi/common.cgi HTTP/1.1" 404 169 "-" "Wget(linux)" "-"
2018-07-14T17:35:40.904920067Z 2018/07/14 17:35:40 [error] 5#5: *23 open() "/usr/share/nginx/html/cgi/common.cgi" failed (2: No such file or directory), client:187.67.50.246, server: localhost, request: "GET /cgi/common.cgi HTTP/1.1", host: "39.107.246.223"
2018-07-14T17:35:43.896984659Z 187.67.50.246 - - [14/Jul/2018:17:35:43 +0000] "GET /stssys.htm HTTP/1.1" 404 169 "-" "Wget(linux)" "-"
It works after I comment out:
location /swagger-ui {
proxy_pass http://www.example.com:8080/swagger-ui;
}
I thought swagger-ui was served by nginx instead of back-end.

django /admin not found

I try to setup Nginx+Gunicorn and when I go by my URL the Nginx redirects request to my app and handles it by itsels for static resource (static folder). Below my Nginx domain config:
server {
listen 80;
server_name asknow.local www.asknow.local;
root /home/ghostman/Projects/asknow/asknow;
location = /favicon.ico { access_log off; log_not_found off; }
location = /static/ {
root /home/ghostman/Projects/asknow/asknow;
}
location = / {
include proxy_params;
proxy_pass http://unix:/home/ghostman/Projects/asknow/asknow/asknow.sock;
}
}
Gunicorn daemon:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=ghostman
Group=www-data
WorkingDirectory=/home/ghostman/Projects/asknow/asknow
ExecStart=/home/ghostman/Projects/asknow/env/bin/gunicorn --access-logfile /home/ghostman/Projects/asknow/env/log/gunicorn.log --error-logfile /home/ghostman/Projects/asknow/env/log/gunicorn-error.log --workers 3 --bind unix:/home/ghostman/Projects/asknow/asknow/asknow.sock asknow.wsgi:application
[Install]
WantedBy=multi-user.target
The problem that I need to Nginx handles request by itself for static only (www.asknow.local/static) but it tries to handle other URLs too. So when I go to www.asknow.local/admin now Nginx tries to find a resource by path (my_project/admin). But if I go to www.asknow.local Nginx proxies a request to the Gunicorn. Gunicorn error log is empty, so it fails on Nginx side.
Nginx log
2017/11/01 04:27:22 [error] 13451#13451: *1 open() "/usr/share/nginx/html/static/img/search.svg" failed (2: No such file or directory), client: 127.0.0.1, server: asknow.local, request: "GET /static/img/search.svg HTTP/1.1", host: "www.asknow.local"
How to fix it?
Your issue is using =, that is use for absolute locations. You don't want that (only for favicon.ico) you want that
server {
listen 80;
server_name asknow.local www.asknow.local;
root /home/ghostman/Projects/asknow/asknow;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/ghostman/Projects/asknow/asknow;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/ghostman/Projects/asknow/asknow/asknow.sock;
}
}

Resources