I've got 2 files with proxy_pass :
server {
listen 80;
server_name www.domain1.fr;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:2368;
proxy_redirect off;
}
}
and
server {
listen 80;
server_name www.domain2.fr;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:2369;
proxy_redirect off;
}
}
They both work fine.
Now, if I go to this server through another domain name (defined on my DNS server targeting the same IP address), eg. www.domain3.fr, instead of a 404, I've got the same result as www.domain2.fr !
I guess it's because of the last location /, but how can I do a 404 error if the domain name is not the same than server_name ?
I've answered this question so many times I'm thinking of finding a way to make it generic so I could share it when there's a question is asked.
Here's the other answers if you would like to look at it
Nginx Subdomain accessible on subdomain its not configured for
nginx subdomain ssl redirect redirects top level domain
nginx reverse proxy redirecting to wrong domain
you can read on any one why this is happening, on this reference link How nginx processes a request
Simple answer is a small server block to prevent it
server {
listen 80 default_server;
# return a code maybe or do any thing
return 404;
}
of course reload nginx after that to reflect the settings.
Well, I had to add a new config :
server {
listen 80 default_server;
server_name _;
access_log off;
return 404;
}
To be a "catch all".
Source : NGINX multiple server blocks with reverse proxy
Related
I want to use Pocketbase behind Ngnix as a reverse proxy on my Ubuntu-VPS. I followed the documentation on https://pocketbase.io/docs/going-to-production/.
I wanted to put pocketbase to /api/. When i try to connect to the pocketbase admin panel the browser shows some 404 and a ContentSecurityPolicy Error. It looks like this:
It also seems to be that some HTML is loaded from Pocketbase.
This is my current ngnix config (i replaced my domain with test.com)
server {
listen 80;
listen 443 ssl;
server_name test.com;
ssl_certificate /etc/letsencrypt/live/test.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/test.com/privkey.pem;
location / {
try_files $uri $uri/ /index.html;
root /var/www/html;
index index.html;
}
location /api/ {
# check http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive
proxy_set_header Connection '';
proxy_http_version 1.1;
proxy_read_timeout 360s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8090;
}
}
Pocketbase is started with the default localhost settings on the VPS.
I can even access pocketbase over http://127.0.0.1:8090/api/ when i'm connected via SSH in VS Code and see the requests in the log. (i am surprised that this is even possible. At first i tought i had pocketbase running on my local machine but when i killed the backend on my vps i couldn't access it anymore)
I hope that somebody can help me out as i can't find much about this in the internet.
Problem solved. It works when append a / to the address at the proxy_pass directive
proxy_pass http://127.0.0.1:8090/;
I know , I know. This question is asked too many times and I've researched it alot as well. But every solution on internet lead me to dead end.
I want to redirect all the incoming http-request to a specific url/domain.
For example if someone type - www.test.com or simply test.com in browser's url-bar, it should redirect the user to http://test.com/home .
This is what I've been trying to achieve from last 3 days, not sure what I'm doing wrong. This is my server-block.
server {
listen 80;
server_name test.com;
port_in_redirect off;
# server_name_in_redirect off;
client_max_body_size 20M;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://localhost:8000/ ;
proxy_read_timeout 90;
return 301 http://test.com/home;
}
}
This above configuration is giving me error - too many redirection on browser when I'm trying to access the website.Also removing return statement giving me page not found error and not changing/redirecting the url to http.test.com/home.
PS - I'm running another different website as well on this same server on port 443(https) & that is working absolutely well. I'm running a Spring-boot application.
A help is highly appreciated.
You write too many codes related to redirection, that's why showing this error.
Change your server block like below.
server {
listen 80;
server_name test.com www.test.com;
client_max_body_size 20M;
#return 301 http://test.com/home$request_uri;
}
location ~ ^/(?!home) {
return 301 http://test.com/home$request_uri;
}
location /home {
root /var/www/test.com/html/;
index index.html index.htm;
}
I have a nginx reverse proxy setup for apache wordpress which works fine. However based on location need to redirect to an external url which fails. Please check the below config. Is this a valid setup ?
https://platform.com/ - this works - also any subsequent wp pages also works
https://platform.com/pen - this needs to redirect to https://abcdef.com - this doesn't work - 404 page load error Any help ?
server {
listen 443 ssl default_server;
listen [::]:443 default_server;
server_name platform.com;
server_tokens off;
root /var/www/html/def/public/;
index index.php;
ssl on;
ssl_certificate /tmp/fgh.crt;
ssl_certificate_key /tmp/fgh.pem;
access_log /var/log/nginx/access2.log;
error_log /var/log/nginx/error2.log;
location / {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri #apache;
}
location #apache {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~[^?]*/$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location /pen {
proxy_pass https://abcdef.com;
}
}
After changing the server name (wordpress site) from http prefix to www prefix, proxy pass re directions worked. Had to redirect all http https server blocks to www server block in nginx config
What you are doing is a proxy_pass to https://abcdef.com , not a redirect. if you meant a redirect the code is :
location /pen {
return 301 https://abcdef.com;
}
If it's not a definitive redirect, use 302 instead of 301, so is not cached (for tests is much better).
The reason the 404 is given is because you are accessing the https://abcdef.com with a request with the host/url https://platform.com/pen
If the destiny server is not prepared to recive this whole url, it returns 404, as /pen is not found.
Note, this question is moved to stackoverflow from superuser
I got the following nginx conf:
server {
listen 80;
listen 443 ssl;
...
# specific rule to serve versioned js resources
location ~ ^/js/([0-9\.]+)/(.*)$ {
alias /opt/x/public/deploy/js/$1/$2;
}
location / {
add_header P3P 'CP="CAO PSA OUR"';
proxy_pass http://127.0.0.1:8088;
set $ssl off;
if ($scheme = https) {
set $ssl on;
}
proxy_set_header X-Forwarded-Ssl $ssl;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
}
It works as expected. However if a certain versioned js resource does not exists in the deployed dir, say /opt/x/public/deployed/js/1.1/, it will return 404. What I want is in that case nginx shall pass the request to the backend service running at 8088 port instead of returning 404. Is this even doable?
Thanks!
Green
http://wiki.nginx.org/HttpCoreModule#try_files
try_files is your friend, here you can do the order you want to try files and finaly have the proxypass upstream.
this is my config:
server {
listen 80;
server_name ~^(?<sb>.+)\.a\.b\.c\.com$;
access_log /data/logs/nginx/tas.access.log main;
location / {
proxy_intercept_errors on;
proxy_pass http://b.c/a/$sb/;
proxy_set_header Host $host;
proxy_redirect off;
}
}
and browser report to many redirects.
If, as you say, you want to proxy to localhost:8082, you need to say so in the proxy_pass line:
server {
listen 80;
server_name ~^(?<sb>.+)\.a\.b\.c\.com$;
access_log /data/logs/nginx/tas.access.log main;
location / {
proxy_intercept_errors on;
proxy_pass http://localhost:8082/a/$sb/;
proxy_set_header Host $host;
proxy_redirect off;
}
}
Without all of the information, it's hard to guess what's going on. Based on the comments, my guess is that you are using virtual hosting so that the upstream site is also served by the same nginx. So this line is the problem:
proxy_set_header Host $host;
The nginx variable $host is pointing to the current Host header (which matches the server_name). So if you set the same host header for the upstream again, then nginx will find the same location block above because nginx relies on the Host header to find the proper server. Thus the redirect loop.
Set
proxy_set_header Host your_upstream_server_name
will fix it then.