Sitemap Subfolder (no replies)

February 12, 2016, 2:27 am

≫ Next: Nginx reverse proxy with iis login page problems (no replies)

≪ Previous: How to enable login wordpress to LAN users? (no replies)

$

0

0

Hi, I need configure sitemap with subfolder. See my configuration example:

server {
listen 80;

root /usr/share/nginx/html/example.com;
index index.php index.html;

server_name example.com www.example.com;


location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}


But the problematic site is example.com/subfolder

I make a test, configuring a new virtual host and adding the ip server and fake dns in my hosts file:

This setting works! But only at the site at the root. I tried adding the subfolder before / sitemap, but does not work!


server {
listen 80;

root /usr/share/nginx/html/example.com/subfolder;
index index.php index.html;

server_name example.com fake.example.com;

location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
rewrite ^/news-sitemap\.xml$ /index.php?sitemap=wpseo_news last;
rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
rewrite ^/geo-sitemap\.xml$ /index.php?sitemap=wpseo_local last;
rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
}

location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}


}

---

Nginx reverse proxy with iis login page problems (no replies)

February 12, 2016, 7:02 am

≫ Next: Enable wildcard domains while disabling subdomains (2 replies)

≪ Previous: Sitemap Subfolder (no replies)

$

0

0

I've asked this question on serverfault, where there is a +50 bounty on it currently.

http://serverfault.com/questions/754351/what-is-a-correct-ways-to-allow-login-to-an-iis-site-through-a-reverse-proxy/755659#755659

Basically, when I set up my reverse proxy, it works fine on pages without logins through iis, but if I have a site with iis login (the popup login similar to sharepoint's login), it just continuously asks for the login. There's no failed login attempt in the logs. I have all error logs listed in the serverfault question. Any help is appreciated. If I get a solution on serverfault, I will post the full question, and answer here.

Enable wildcard domains while disabling subdomains (2 replies)

February 13, 2016, 1:26 pm

≫ Next: Nginx + Owncloud + FastCgi = FastCGI sent in stderr: "Primary script unknown" (no replies)

≪ Previous: Nginx reverse proxy with iis login page problems (no replies)

$

0

0

I have a one-click WP install strictly for parking domains for sale using a highly regarded plugin/theme that will display an offer form for any domain pointing at the server provided there is a DNS entry.

If the server block specifies "server_name _;" it works. However, you can create a subdomain just by visiting it such as pigglywiggly.example.com/

Is there a way to allow the primary domains by wildcard but not allow subdomains? I became suspicious when I saw eliminate-bacterial-vaginosis.example.com in my stats.

Thanks in advance for any solutions or suggestions.

Nginx + Owncloud + FastCgi = FastCGI sent in stderr: "Primary script unknown" (no replies)

February 13, 2016, 6:06 am

≫ Next: Lua timer and ngx.location.capture (no replies)

≪ Previous: Enable wildcard domains while disabling subdomains (2 replies)

$

0

0

Edit: I tried to use bbcode here to make my post more readable, but it seems not to work...

Hey,

The Owncloud Guys suggested to post about my problem here, because i experience some error when working with nginx and fastcgi.
On my owncloud installation, nginx's error log is spammed by the following error:

[code]
"FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: MY IP, server: MY DOMAIN, request: "GET /core/img/actions/history.svg HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "MY HOSTNAME/DOMAIN", referrer: "MY DOMAIN"
[/code]

The path after "GET" varies between the above and: "GET /core/img/actions/settings.svg", "GET /settings/img/users.svg" and multiple other .svg files. Sometimes, there is even a .php file in it, but most of the time it is an .svg.

Everything works fine, and the error does only occur when accessing OC with my browser, not when i try to sync it with FolderSync on my Android phone. I even could not observe the error when syncing with the Windows client...so it seems to be a problem with web access. I can browse the web interface, but certrain buttons are missing. And of course, the error quickly fills up my log.

My config looks as following: (Note, Owncloud is installed in a subdirectory, /srv/www/owncloud)

[code]
upstream php-handler {
server unix:/var/run/php5-fpm.sock;
}

server {
listen MY IP:4433 ssl;
server_name MY DOMAIN;

ssl_certificate /etc/ssl/owncloud/owncloud_full.crt;
ssl_certificate_key /etc/ssl/owncloud/owncloud.key;
ssl_dhparam /etc/ssl/owncloud/dhparam.pem;

ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/owncloud/comodo_full_chain.pem;
resolver DNS SERVERS valid=300s;
resolver_timeout 10s;

ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_prefer_server_ciphers on;
ssl_trusted_certificate /etc/ssl/owncloud/comodo_full_chain.pem;
resolver 95.129.51.51 80.244.244.244 valid=300s;
resolver_timeout 10s;

ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers *LIST OF SECURE CIPHERS*;

ssl_session_timeout 10m;
ssl_session_cache off;
ssl_session_tickets on;
ssl_session_ticket_key /etc/nginx/ticketkey;

# Add headers to serve security related headers
add_header Strict-Transport-Security 'max-age=15768000; includeSubDomains; preload' always;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;

# Path to the root of your installation
root /srv/www;

# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;

# Disable gzip to avoid the removal of the ETag header
gzip off;

index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;

rewrite ^/.well-known/carddav /remote.php/carddav/ permanent;
rewrite ^/.well-known/caldav /remote.php/caldav/ permanent;

# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;

# Disable gzip to avoid the removal of the ETag header
gzip off;

index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;

rewrite ^/.well-known/carddav /remote.php/carddav/ permanent;
rewrite ^/.well-known/caldav /remote.php/caldav/ permanent;

location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}

location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}

location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}

location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}

location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}

location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}

location / {

#include /etc/nginx/naxsi.rules;
rewrite ^/remote/(.*) /remote.php last;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ =404;
}

## This is for naxsi ##
# location /RequestDenied {
# return 418;
# }

location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
}

# Adding the cache control header for js and css files
# Make sure it is BELOW the location ~ \.php(?:$|/) { block

location ~* \.(?:css|js)$ {
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# Optional: Don't log access to assets
access_log off;
}


location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
access_log off;
}
}
[/code]


So as you can see, this is the nginx config taken from the 8.2 documentation with SSL modifications. It is rated A+ on Qualys and everything works fine...but my error log is filled quickly by the "primary script unknown" error.

I've searched until page 4 on google (which means that i am truly desparate ;)), but i could not find a solution to my problem. Most of the times, some people suggested to move the "root" directive out of the location folder etc, but this is the case in my config...

Nginx seems to pass the wrong location to php5-fpm, becauxe php always looks into /srv/www/FILE and not into /srv/www/owncloud/FILE...

I would be glad if anybody had an idea to solve my problem...thank you in advance!

Lua timer and ngx.location.capture (no replies)

February 13, 2016, 8:27 am

≫ Next: Real IP problem on my load balancer in TCP mode on my servers (no replies)

≪ Previous: Nginx + Owncloud + FastCgi = FastCGI sent in stderr: "Primary script unknown" (no replies)

$

0

0

Hello, how can I use ngx.timer.at and ngx.location.capture in same location ?

I trying some code but I get error !

rewrite_by_lua '
local delay = 1 -- in seconds
local dogs = ngx.shared.dogs

local status = dogs:get("Status")
if status == nil then
dogs:set("Status", 1)
end

local new_timer = ngx.timer.at
local log = ngx.log
local ERR = ngx.ERR
local check

check = function(premature)

if not premature then
local ok, err = new_timer(delay, check)
if ok then
if dogs:get("LuaChannels") == "stop" then
res = ngx.location.capture("/channel-stop?ch=1258")
dogs:set("LuaChannel", res.body)
dogs:set("LuaChannels", "")
end
return
end
end
end

local ok, err = new_timer(delay, check)
if ok then
if dogs:get("LuaChannels") == "stop" then
res = ngx.location.capture("/channel-stop?ch=1258")
dogs:set("LuaChannel", res.body)
dogs:set("LuaChannels", "")
end
return
end
';

On first call location the ngx.location.capture("/channel-stop?ch=1258") is working but not on next and I get error to error on log file

[error] 3756#4204: lua entry thread aborted: runtime error: rewrite_by_lua(nginx.conf:74):22: API disabled in the context of ngx.timer
stack traceback:
coroutine 0:
[C]: in function 'capture'
rewrite_by_lua(nginx.conf:74):22: in function <rewrite_by_lua(nginx.conf:74):15>, context: ngx.timer, client: 127.0.0.1, server: 0.0.0.0:8080

So I need to use timer when i seted dogs:get("LuaChannels") to start ngx.location.capture() and after that to reset functions until next call via dogs:get("LuaChannels") !?

I hope you are understand what I want .

Real IP problem on my load balancer in TCP mode on my servers (no replies)

February 15, 2016, 5:47 am

≫ Next: How to get access to a response header fields in a proxy_pass case (no replies)

≪ Previous: Lua timer and ngx.location.capture (no replies)

$

0

0

Dear All,

I am a System Admin from India and using nginx as load balancer since some time.

I have few web servers which I am load balancing using nginx and they are working fine. I use --with-http_realip_module and

location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://ws1;
}

and is working absolutely fine.

I have a situation here now I want to load balanced my email server using TCP support of nginx and I am having issue getting the real IP from my load balancer in TCP mode to my load balanced servers.

On the backend servers, I am getting the IP address of load balancer but not the actual client IP which I wanted it to be passed to them.

I am referring the website: https://tipstricks.itmatrix.eu/tcp-load-balancing-for-email-servers-with-nginx and able to load-balanced the traffic except the Real IP.

Please help.

Thanks in advance.

How to get access to a response header fields in a proxy_pass case (no replies)

February 16, 2016, 2:55 pm

≫ Next: .htaccess codes Conversion (no replies)

≪ Previous: Real IP problem on my load balancer in TCP mode on my servers (no replies)

$

0

0

Hi,
I am trying to get access to a custom response header, save it into a variable, and get rid of it so that it will not be proxied back to the client. That variable is then used in the access logs.
Unfortunately, the following doesn't seem to work:

server {
listen 142.133.151.129:8090 default;

##Intial values for calculated access log variables
set $cache_status "-";
set $destination_addr "-";

location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://my_upstream_server;

proxy_http_version 1.1;

proxy_max_temp_file_size 0; #size of the temp file when response doesn't fit in buffer

#Setting access log variables
if ($sent_http_x_cache = "HIT") {
set $cache_status "HIT";
}
if ($sent_http_x_cache != "HIT") {
set $cache_status "MISS";
}
set $destination_addr $sent_http_x_destination;
# now get rid of these response header fields
set $sent_http_x_destination "";
set $sent_http_x_cache "";
}

I am getting empty values for $sent_http_x_destination and $sent_http_x_cache.

Here is the curl request and response:

[root@CL10-RH66-lmchaka ~]# curl -Ov --range "100-1000000" http://142.133.151.129:8090/ao3/vod/soccer/worldcup2014/final1
< HTTP/1.1 206 Partial Content
< Server: openresty/1.9.3.1
< Date: Tue, 16 Feb 2016 22:25:32 GMT
< Content-Type: application/octet-stream
< Content-Length: 999901
< Connection: keep-alive
< Accept-Ranges: bytes
< Age: 660
< ETag: "3833945841"
< Content-Range: bytes 100-1000000/94371840
< X-Cache: HIT
< X-Destination: 142.133.151.94
<

I would appreciate if someone can help and provide a determistic way to see the response header fields and store them into variables.

Thanks

.htaccess codes Conversion (no replies)

February 18, 2016, 1:27 pm

≫ Next: Progress module with 1.8.x / 1.9.11 (no replies)

≪ Previous: How to get access to a response header fields in a proxy_pass case (no replies)

$

0

0

Hi,

I'm using NGINX 1.8.1


how can i use replacement code of :

<FilesMatch "\.(mov|mp4|mp3|jpg|pdf)$">
ForceType application/octet-stream
Header set Content-Disposition attachment
</FilesMatch>

---

Progress module with 1.8.x / 1.9.11 (no replies)

February 18, 2016, 8:35 pm

≫ Next: How to redirect to another web with same domain (no replies)

≪ Previous: .htaccess codes Conversion (no replies)

$

0

0

Hello,

I'm wondering if anyone is successfully running the progress module with 1.8.x or the latest 1.9.11 ?
https://github.com/masterzen/nginx-upload-progress-module

I would like to confirm if it is working for anyone (or not) on the 1.8/1.9 version before ticketing for developer support.

I have the module working with 1.6.x but I went with updated versions of Nginx and have this issue.

With 1.9.11 the module is returning the same values for received and size.
This is a similar problem as https://github.com/masterzen/nginx-upload-progress-module/issues/36

There was a reported fix but the Nginx version referenced is 1.4 and the module works with 1.6.x
The issue prior related to client_body_buffer_size.

How to redirect to another web with same domain (no replies)

February 19, 2016, 1:46 am

≫ Next: Stop apt-get from trying to downgrade nginx on Debian Wheezy (no replies)

≪ Previous: Progress module with 1.8.x / 1.9.11 (no replies)

$

0

0

Hi!

It's possible to have a domain and when a user for a specific country connect to that web, nginx redirect to another web but without change the domain.

for example:

i have tha domain www.example.com and if an users open that web in America they see a youtube.com but the domain still be www.example.com and if users connect from Europa the see the real web.

Regards.

Stop apt-get from trying to downgrade nginx on Debian Wheezy (no replies)

February 21, 2016, 6:38 pm

≫ Next: Trying to set up Nginx with Symfony 3 on Windows 10 (no replies)

≪ Previous: How to redirect to another web with same domain (no replies)

$

0

0

Hi,

For some reasons, apt-get is trying to install an older version of the nginx version currently installed. I never had a case like this and i'd like to know how to not have this kind of case appearing.
I've the latest stable version for my system available afaik aka v1.8.1, and the packages apt-get wants to upgrade are nginx-common (1.2.1-2.2+wheezy4) and nginx-full (1.2.1-2.2+wheezy4_amd64). I think it's related to a recent update on security.debian.org depository : https://www.debian.org/security/2016/dsa-3473.

If needed, my sources.list is :

deb http://debian.mirrors.ovh.net/debian/ wheezy main
deb-src http://debian.mirrors.ovh.net/debian/ wheezy main

deb http://security.debian.org/ wheezy/updates main
deb-src http://security.debian.org/ wheezy/updates main

deb http://nginx.org/packages/debian/ wheezy nginx
deb-src http://nginx.org/packages/debian/ wheezy nginx

#deb http://packages.dotdeb.org wheezy all
#deb-src http://packages.dotdeb.org wheezy all

deb http://packages.dotdeb.org wheezy-php56 all
deb-src http://packages.dotdeb.org wheezy-php56 all

Thanks in advance.

Trying to set up Nginx with Symfony 3 on Windows 10 (no replies)

February 21, 2016, 8:08 pm

≫ Next: Basic auth only on POST (no replies)

≪ Previous: Stop apt-get from trying to downgrade nginx on Debian Wheezy (no replies)

$

0

0

Hello everybody,

I am quite new with NGINX and Symfony in general, however, I've recently decided to try to start a project using these two tools after hearing a lot of positive feedbacks on both of them.

So I was able to get Nginx working on its own (using the html folder) and Symfony3 working on its own (by using the server:run command), however I can't get Symfony to work through Nginx. However, if I place the 50x.html file in the web folder of my symfony project, it is properly returned by nginx...

Here is a sample of the error from error.log:

2016/02/21 00:36:33 [error] 6260#1732: *1 upstream timed out (10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond) while connecting to upstream, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "localhost"


And this is the server section from my nginx.conf file:

server {
listen 80;
server_name localhost;
root www/projects/mysite.com/web;

rewrite ^/app\.php/?(.*)$ /$1 permanent;

location / {
index app.php;
try_files $uri @rewriteapp;
}

location @rewriteapp {
rewrite ^(.*)$ /app.php/$1 last;
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}

location ~ ^/(app|app_dev|config)\.php(/|$) {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}

If someone could help me out it would be much appreciated,

Thank you!

Basic auth only on POST (no replies)

February 23, 2016, 4:23 pm

≫ Next: Nginx and real client ip (no replies)

≪ Previous: Trying to set up Nginx with Symfony 3 on Windows 10 (no replies)

$

0

0

Im trying to secure my rest backend by adding basic authentication to every call that can modify my data.
In other words I want GET requests available to everyone, but secure POST, PUT and DELETE requests with basic auth.

So I tried the following config, but that is not valid because a "auth_basic" is not allowd inside a "if".

location /data/ {
.....proxy_pass http://localhost:9000/;
.....if ($request_method != GET) {
..........auth_basic "Restricted";
..........auth_basic_user_file /etc/nginx/.htpasswd;
.....}
}

I also tried another configuration using "limit_except", but multiple "limit_except" are not valid either.

location /data/ {
.....proxy_pass http://localhost:9000/;
.....limit_except GET HEAD{
.....}
.....limit_except POST PUT DELETE{
..........auth_basic "Restricted";
..........auth_basic_user_file /etc/nginx/.htpasswd;
.....}
}

any idea how I can solve this?

Nginx and real client ip (no replies)

February 25, 2016, 8:02 am

≫ Next: Serving location after redirect from other domain (no replies)

≪ Previous: Basic auth only on POST (no replies)

$

0

0

Hellow...

I know, it may be du(...)plicated question... But... I'm in rage.. Sorry for enyone inconvinience
And I can't find neither solution neither clear possibility absence of it.
As i'm right, nginx CAN'T transport throuh proxy_pass REAL client IP in "REMOTE_ADDR"?!

Serving location after redirect from other domain (no replies)

February 25, 2016, 8:35 am

≫ Next: nginx "file not found" with index.php (1 reply)

≪ Previous: Nginx and real client ip (no replies)

$

0

0

Hi,

I have a problem, and am unable to get what I want, even after many searches here and in Google.
Don't know if it is even possible.

I recently got a domainname ((www.)hanslammerts.nl). On this domainname I have a redirectservice that redirects every call to this domain to hanslammerts.servebeer.com.
On this server I have nginx running that serves several locations. Going directly to e.g. hanslammerts.servebeer.com/phpmyadmin works perfectly.
If I go to hanslammerts.nl/phpmyadmin, it does not work. I am being redirected to / instead of /phpmyadmin.

The first (and only) thing I do on the server definition for port 80, is to redirect everything to ssl.
Could this be my problem ?

My config for the site looks like this:

upstream php-handler {
#server 127.0.0.1:9000;
server unix:/var/run/php5-fpm.sock;
}

server {
listen 80;
server_name hanslammerts.servebeer.com;
# enforce https
return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl;
server_name hanslammerts.servebeer.com;

ssl_certificate /etc/letsencrypt/live/hanslammerts.servebeer.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hanslammerts.servebeer.com/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

# Path to the root of your installation
root /var/www/html/;

# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

location ~ /.well-known {
allow all;
}

##################
# GateOne #
##################

location /gateone/ {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://localhost:1443;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}

##################
# phpmyadmin #
##################

location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param HTTPS on;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}

location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}

##################
# PHP stuff #
##################

location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}

##################
# eGroupware #
##################

location /egroupware {
index index.php;
location ~ ^/egroupware/(.+\.php)$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param HTTPS on;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}

location /weewx/ {
index index.html;
}
}

In short:
All I want to achieve is for the URLs http://hanslammerts.nl/egroupware, http://hanslammerts.nl/weewx, etc. to be picked up by nginx running on hanslammerts.servebeer.com, redirect to ssl, and then go to the location of the URI, e.g. egroupware, weewx etc.

Is this at all possible ?
Hope someone can point me in the right direction.

Thank you,
Hans

---

nginx "file not found" with index.php (1 reply)

February 25, 2016, 9:25 am

≫ Next: How to validate against S3 for file existance (no replies)

≪ Previous: Serving location after redirect from other domain (no replies)

$

0

0

hello,
I installed nginx in my ubuntu machine, php and fcgiwrap.
I made many modifies to config files to resolv many issues
(403, 404, 502) and now when I open "localhost/index.php"
the error message is "file not found".
with "localhost/index.html" it works.

with tail -f /var/log/nginx/error.log
this is the error: 2016/02/25 18:00:53 [error] 1082#0: *4 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "localhost"

and if I make sudo netstat -alnp | grep cgi
it says: unix 2 [ ACC ] STREAM LISTENING 13560 918/fcgiwrap /var/run/fcgiwrap.socket

may you help me please?
thanks. bye.

How to validate against S3 for file existance (no replies)

February 25, 2016, 9:39 am

≫ Next: Wordpress htaccess for URL (2 replies)

≪ Previous: nginx "file not found" with index.php (1 reply)

$

0

0

I want to use NGINX as a director where the following logic would take place:

+ Request for an asset comes from the web

++ Taking the path of the file - check if this file is already under my s3 bucket -http://$s3_bucket/$url_full

+++ If file exists then redirect the request to "http://$s3_bucket/$url_full"
+++ If file does not exist then serve it directly from the local drive and trigger a shell command.

Thank you for any help on this.

Wordpress htaccess for URL (2 replies)

March 2, 2016, 4:35 am

≫ Next: Redirect an url to other root on a multiple domain server (2 replies)

≪ Previous: How to validate against S3 for file existance (no replies)

$

0

0

I'd love some help, already struggling for 2 weeks on this one:

I'm moving my Wordpress form Apache to Nginx.

On Apache we used .htaccess

<IfModule mod_rewrite.c>
RewriteRule ^business/([^/]*)/([^/]*)$ /business/?id=$1 [L,P]
</IfModule>

to create this nice looking URL of each user's profile page website.com/business/6/company-name
in which 6 is the user ID and company-name the user's company (the url works with any text behind the 6)

In Ngnix I want the same:

When someone types website.com/business/6/company-name
he should get the data from website.com/business/?id=6
but see the URL still as website.com/business/6/company-name

All I've achieved is for website.com/business/6/company-name to redirect website.com/business/?id=6

location /business-profile {
rewrite ^/business-profile/([^/]*)/([^/]*)$ /business/?id=$1? redirect;
}

How do I make it so that the user only sees my nice URL website.com/business/6/company-name ?

Any help much appreciated!

Redirect an url to other root on a multiple domain server (2 replies)

March 3, 2016, 1:12 am

≫ Next: Server_Name / Direct to right virtual host (1 reply)

≪ Previous: Wordpress htaccess for URL (2 replies)

$

0

0

Hello,

I have a server with multiple domains (tendanza.com, canapes-design.com, canapes-pas-cher.com, etc), all the domains being used on the same website (different views).
I need to have www.canapes-design.com/blog/ to be a wordpress (I created a folder /var/www/blog/cd/) but I don't want the other domains to point on it.

I did this:

location /blog/ {
if ($host ~ canapes-design\.com) {
alias /var/www/blog/cd;
}
}

location /blog {
if ($host ~ canapes-design\.com) {
rewrite /blog(.*)$ /blog/$1 permanent;
}
}


and created an index.html in /var/www/blog/cd/blog, it works well.
But I also created a test.php but then I am redirected to a 404 on the main website.

I tried to do "root /var/www/blog/cd;" instead of "alias /var/www/blog/cd;", but it's the exactly same problem.

Would you know how I could fiw this, please?

Thank you,

François

Server_Name / Direct to right virtual host (1 reply)

March 2, 2016, 9:50 pm

≫ Next: Problem with ssl_session_ticket_key and ssl_session_cache (no replies)

≪ Previous: Redirect an url to other root on a multiple domain server (2 replies)

$

0

0

Hi,
my intended configuration of nginx is to have four virtual hosts on one ubuntu system. Any host should be available only via SSL, so I have port 80 redirected to port 443. Any host should only be addressed if it is specifically addressed, the default server should be an error page.

Unfortunately, my configuration of nginx is not directing the requests to the right server: If I enter any address that ends up on this domain, then it gets re-directed to seafile. E.g., if I enter "https://roundcube.***", then it gets directed to "https://seafile****". I think that the line "server_name seafile.*****" should prevent any other address to get re-directed to this virtual host. Can anyone help?


server {
2 listen 80;
3 server_name seafile.*****;
4 return 301 https://seafile.*****$request_uri;
5 }
6
7 server {
8 listen 443 ssl;
9 server_name seafile.*****;
10
11 proxy_set_header X-Forwarded-For $remote_addr;
12
13 add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
14 add_header Public-Key-Pins 'pin-sha256="AKTUELLER-KEY-HASH"; pin-sha256="BACKUP-KEY-HASH"; max-age=31536000; includeSubDomains';
15
16 server_tokens off;
17
18 ssl_certificate /etc/ssl/*****.crt;
19 ssl_certificate_key /etc/ssl/*****.key;
20
21 ssl_dhparam /etc/ssl/*****.pem;
22
23 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
24 ssl_prefer_server_ciphers on;
25 ssl_ciphers ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL;
26
27 ssl_session_timeout 10m;
28 ssl_session_cache off;
29
30 error_log /var/log/nginx/error.log debug;
31 access_log /var/log/nginx/access.log;
32



This is my default:


1 server {
2 listen 80 default_server;
3 server_name _;
4
5 location / {
6 return 301 https://$host$request_uri;
7 }
8
9 rewrite_log on;
10 error_log /var/log/nginx/error_empty.log debug;
11 access_log /var/log/nginx/access_empty.log;
12 return 444;
13 }


This is my config of nginx:

nginx version: nginx/1.9.12
built by gcc 5.3.0 20151204 (Ubuntu/Linaro 5.3.0-3ubuntu1~14.04)
built with OpenSSL 1.0.1f 6 Jan 2014
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-http_v2_module