I use Nginx as a web server and I want to deny access to a particular directory from certain domains. Or in other words, make that path/directory only accessible from one domain or IP address.
Example:
http://domain.com/manager/ => Redirects to 404 page
http://www.domain.com/manager/ => Redirects to 404 page
http://10.10.10.10/manager/ => allows access
Finally, to make this a complete solution, I'd like to force an https connection when accessing to this particular path.
Following my previous example:
http://10.10.10.10/manager/ => Rewrites to https
Using
location / {
deny all;
allow [ip];
}
And restart your services.
More : http://nginx.org/en/docs/http/ngx_http_access_module.html
To address the force https (Assuming you already have a nginx that listens to port 443)
server {
listen 80;
server_name 10.10.10.10;
rewrite ^(.*) https://10.10.10.10$1 permanent;
}
To address the redirect to 404, you can consider using the following in your main config that listens for server "domain.com"
location ~ ^/manager {
return 404;
}
This is what I was looking for:
server {
listen 80;
server_name domain.com;
# Redirect path to secure connection
location ^~ /manager {
rewrite ^/(.*) https://domain.com$1 permanent;
}
}
server {
listen 443;
location ^~ /manager {
allow 10.10.10.10;
deny all;
error_page 403 =404 /404.html;
}
}
Related
How can I make nginx redirect all the requests to my subdomain to a folder?
Example:
http://sub2.sub1.domain.com/
that should indicate that sub2 is a folder in sub1.domain.com/sub2
How can I do this?
The main objective is to hide the folder to the user. So, it should continue as
http://sub2.sub1.domain.com/
My wish is to use a wildcard in sub2.
UPDATE:
I've tried:
server {
listen 80;
listen [::]:80;
server_name ~^(.*)\.sis\..*$;
location / {
proxy_pass http://sis.mydomain.com/$1$request_uri;
}
}
but it also didn't work, any error?
In the nginx directives for sub2.sub1.domain.com you'd put:
server {
listen 80;
server_name sub2.sub1.domain.com;
location / {
proxy_pass https://sub1.domain.com/sub2;
}
}
So any request going to sub2.sub1.domain.com gets proxied to → sub1.domain.com/sub2 (while masked as sub2.sub1.domain.com); no need for a redirect or rewrite this way either.
Wildcard Method
server {
listen 80;
server_name ~^(.*)\.sub1\.domain\.com;
location / {
proxy_pass https://sub1.domain.com/$1;
}
}
*the wildcard method above is untested.
I have a problem to understand how nginx proxy_pass will handle the redirection after the URL getting rewrite.
What I have is localhost:8080/foo/log will automatically redirect to localhost:8080/foo/login. Once you enter the right credentials it will redirect back to localhost:8080/foo/log
localhost:8080/foo/log -----> localhost:8080/foo/login
I have a nginx proxy server to change my URL from localhost:8080/foo/log to localhost/web/foo/log with following configuration
server {
listen 80;
listen [::]:80;
server_name localhost;
root /var/www/html;
index index.html;
location /web/foo {
proxy_pass http://localhost:8080/;
rewrite ^/web/foo(.*) /foo$1 break;
}
location /web/bar {
proxy_pass http://localhost:8081/;
rewrite ^/web/bar(.*) /bar$1 break;
}
}
With this proxy config, I am ok to seelocalhost/web/foo/log proxy from localhost:8080/foo/log without enabling login redirection. If I enabled login, I always get localhost/web/foofoo/login.
I am wondering how can I get localhost/web/foo/login proxy from localhost:8080/foo/login ?
I want to handle this:
blog.example.com => example.com/blog
blog.example.com/xxx => example.com/blog/xxx
in both samples there is nothing in blog subdirectory, and the code which should handle the blog is in subdomain. and just i want to show the url as showed above.
so. i want to forward(redirect without changing url) a subdirectory to subdomain.
is there any nginx configuration to do that?
You could have the following in your NGINX configuration.
server {
listen 80;
server_name blog.example.com;
location / {
return 301 $scheme://example.com/blog$request_uri;
}
}
server {
listen 80;
server_name example.com;
location /blog/ {
<your code goes here>
}
}
This takes any incoming requests to blog.example.com and redirects to example.com/blog along with the requested URI eg. blog.example.com/latest would redirect to example.com/blog/latest
location = /blog {
return 302 /blog/;
}
location /blog/ {
proxy_pass http://blog.example.com/;
}
Note that the / in proxy_pass is very important (without it the /blog part won't be stripped out in the request to upstream).
Some further details on the rationale of two independent location statements are available at https://serverfault.com/questions/562756/how-to-remove-the-path-with-an-nginx-proxy-pass/562850#562850.
I have looked at this question which describes how to redirect a url in nginx, as shown below
# main server block for www.test.com
server {
listen 80;
server_name www.test.com;
...
}
# redirect test.com to www.test.com
server {
server_name test.com;
return 301 $scheme://www.test.com$request_uri;
}
What I need to do is redirect a set of individual pages, so was wondering how to do this
e.g. test.com\index , test.com\home , test.com\main to test.com\index.php
Then I have some other pages to simply redirect simply to the .php extension
e.g. test.com\about to \test.com\about.php
e.g. test.com\contact to \test.com\contact.php
What is the best way to do this?
Found the answer... assuming the following server block for test.com
server {
listen 80;
server_name www.test.com;
...
}
Add the appropriate regex location path, and rewrite or return to the redirect url.
for test.com\index , test.com\home , test.com\main to test.com\index.php
location ~ ^/(index|home|main) {
rewrite ^/.* http://$server_name/index.php permanent;
}
for test.com\about to \test.com\about.php
location /about {
rewrite ^/.* http://$server_name/about.php permanent;
}
I have been tasked with a couple project.
We have two directories on our server, one is
http://example.com/app
and the other is
http://example.com/fw
What I have been asked to do, is redirect from http to https if any visitor lands on a page in these two directories (app and fw)
Here is what I have done so far in the config file. When I added the lines to my config file below 'server' and restarted the site would not come back up. Unfortunately I don't have access to the log files. Appreciate anyone willing to take a look at this
location ~ ^/miner/memclub/.+\.html$ {
rewrite ^(.+)\.html$ /bootstrap.php?file=$1.html last;
rewrite ^(.+)\.phtml$ /bootstrap.php?file=$1.phtml last;
error_page 404 = /404.php;
}
server {
server_name site.org;
server_name *.site.org;
location /app {
if ( $scheme = http ) {
rewrite ^ https://site.org/app last;
}
}
}
First of all I don't think you can have 2 server_name, merge those two lines into one line
server_name example.com *.example.com;
And to do the https redirect i would recommend using 2 separate servers, you need one listening to port 443 anyway
server {
server_name example.com www.example.com; # which ever you are using
listen 443 ssl;
location / {
# all your https configuration
}
}
server {
server_name example.com www.example.com:
listen 80;
location /app {
return 301 https://$http_host$request_uri;
}
location /fw {
return 301 https://$http_host$request_uri;
}
location / {
# the rest of the non https configuration
}
}
I know you can merge both app and fw into one location, but I believe doing it without regex is faster, if you want to do it anyways here it is
location /(app|fw) {
return 301 https://$http_host$request_uri;
}