Quantcast
Channel: Nginx Forum - How to...
Viewing all 2931 articles
Browse latest View live

Reverse proxy for a TP-LINK router returns 403 (no replies)

December 7, 2016, 11:12 am
$
0
0
Hi Folks,

I'm tring to "secure" my home network using reverse proxy to "transform" http requests from ip-cams and routers to https...

I've already routed http requests for ip-cam to https using: https://my-ip-address/ip-cam/

location /ip_cam/ {
proxy_pass http://x.y.w.v:z/;
proxy_redirect off;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}

Noa, I wish to do the same with my AP (an Archer C20i from TP-LINK) but, after initial login screen, instead of page showed by "ok.png", I receive only a page with 403 Frames (as per attached Screenshot ...)...

Any idea?

thanks in advance for any help,
m.
Search

Issues NGINX(Compile) on Mac OS Sierra (no replies)

December 8, 2016, 5:46 pm
$
0
0
Hello
I’ve been trying to install nginx 1.11 on my Mac OS Sierra, but I’ve got some errors , follow below:

checking for zlib library ... found
creating objs/Makefile


Configuration summary
+ using PCRE library: /usr/local/pcre-8.39
+ OpenSSL library is not used
+ using system zlib library


nginx path prefix: "/usr/local/nginx"
nginx binary file: "/usr/local/nginx/sbin/nginx"
nginx modules path: "/usr/local/nginx/modules"
nginx configuration prefix: "/usr/local/nginx/conf"
nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
nginx pid file: "/usr/local/nginx/logs/nginx.pid"
nginx error log file: "/usr/local/nginx/logs/error.log"
nginx http access log file: "/usr/local/nginx/logs/access.log"
nginx http client request body temporary files: "client_body_temp"
nginx http proxy temporary files: "proxy_temp"
nginx http fastcgi temporary files: "fastcgi_temp"
nginx http uwsgi temporary files: "uwsgi_temp"
nginx http scgi temporary files: "scgi_temp"


bigpole:nginx-1.11.4 rmilani12$ sudo make
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f objs/Makefile
cd /usr/local/pcre-8.39 \
&& if [ -f Makefile ]; then /Applications/Xcode.app/Contents/Developer/usr/bin/make distclean; fi \
&& CC="cc" CFLAGS="-O2 -pipe " \
./configure --disable-shared
/bin/sh: ./configure: No such file or directory
make[1]: *** [/usr/local/pcre-8.39/Makefile] Error 127
make: *** [build] Error 2
bigpole:nginx-1.11.4 rmilani12$

Has anyone faced the same issue? Before on El Captain was working properly

1 Page theme issue? (no replies)

December 8, 2016, 10:13 pm
$
0
0
Hello guys,
We have designed a website(http://quickwordpressfix.com/) and we have used Wordpress CMS to make website. will be easy to use for users or not?

Note: we have set the location (US) for security purpose, If anyone try to open other country , it will not be open

NGINX Open Source (no replies)

December 9, 2016, 8:55 pm
$
0
0
Hi,

Is it possible to have HTTP load balancing with open source version ?

I need session persistency and Health check....


Thank you.

Query parameters escaping (no replies)

December 10, 2016, 9:12 am
$
0
0
Hello!

I have nginx working as a reverse proxy and forwarding requests that from time to time contains unsafe characters like '{' or '}' in
query parameters. And browser doesn't escape them. If I will use those characters in path/url - they will be escaped. But, if
they used in query part - they sent as is. And nginx forwards them as is.

But issue that netty server, serving those requests, doesn't allow to have such symbols in request url. And I've got error message.

Could you tell, how to escape those symbols before passing request forward?

Thank you!

Is it possible to reference a named variable in the ssl_certificate directive? (no replies)

December 10, 2016, 12:25 pm
$
0
0
Hi,

I'm looking to create a single simple server block that can handle multiple domains. Creating a RegEx match in the server block is straightforward enough, however, I can't seem to reference the named variable in the `ssl_certificate` and `ssl_certificate_key` directives, which would be required to reference different certificates.

The server block is something like:

server {
listen 443 ssl;
server_name ~^meet.(?<domain>.+)\.(com|co\.uk)$;

ssl_certificate ssl/$domain/cert.pem;
ssl_certificate_key ssl/$domain/certkey.pem;
...

}

I can refer to the $domain variable later in location blocks, but not in the ssl directives.

Is there any way to achieve something like this?

Cheers

/index.php to / (no replies)

December 14, 2016, 12:29 pm
$
0
0
Hello everyone,
How can I do so that my nginx server redirects the "domain.com/home/spain/index.php" to the "/".

Thank you very much

nginx behind corporate proxy (no replies)

December 14, 2016, 6:17 pm
$
0
0
How do I configure nginx to proxy connections through a corporate proxy using HTTP when the proxied server uses HTTPS?

For example:
My corporate proxy: http://corporate-proxy.my-corporate.com:8080
Resource server: https://my-api.internal-address.my-corp.com

With curl I could do: curl -X GET -x "http://corporate-proxy.my-corporate.com:8080" "https://my-api.internal-address.my-corp.com"

With nginx I've tried:

upstream corporate_proxy {
server corporate-proxy.my-corporate.com:8080;
}

location /_internal/_resource
{
proxy_buffering off;
proxy_pass_header on;
proxy_set_header Host "my-api.internal-address.my-corp.com:443";
proxy_pass http://corporate_proxy;
}

But I get a 504 Gateway timeout as response.
My guess is that nginx is trying to use HTTP over the port 443 and therefore the server is not replying back or throwing some error.
How do I tell nginx to use HTTPS even though the corporate proxy is using HTTP?
Search

Wanted to try NGINX (no replies)

December 17, 2016, 9:21 pm
$
0
0
This is my first post on this forum, so if I do something wrong, please let me know.

I'm having difficulty getting things set up properly. Before Nginx, I was using Apache and had no issues. I've setup an entirely new build on a fresh micro-sd card just to makes sure I wasn't getting any interference from old files.

I'm just running a simple html site through a raspberry pi 3 on the pixel build. I can view the site on my local network, but not from outside of the network. I do have port forwarding enabled on my router.

The error log tells me this:

[emerg] 21979#0: unknown directive "index.html" in /etc/nginx/sites-enabled/default:33

and this is the area of the "sites-enabled" file the error log is referring:

# include snippets/snakeoil.conf;

root /usr/share/nginx/html;

# Add index.php to the list if you are using PHP
index index.html index.htm;
server_name www.random.com;

I changed the web address for this post just to keep it private for now. I use GoDaddy for the name, and I know that's directing to the correct IP address, because it comes up in my browser after I enter the address.

I can provide any additional files if requested. Does anyone have any ideas about this?

Too many redirects issue (no replies)

December 18, 2016, 2:04 pm
$
0
0
Hey guys!!

I am new here. Running Plesk on Nginx, works great! Just been running into issue today I cant seem to figure out. I have few static websites and then some WordPress sites running on my server. Today I noticed the WordPress sites keeps redirecting and eventually just show error page "too my redirects". From my experience with WordPress its normally the htaccess file causing these problems but doesnt seem to be in this case. Any suggestions on what other troubleshooting steps I can try?

change Nginx Configuration path in ubuntu Docker (no replies)

December 19, 2016, 9:41 pm
$
0
0
I new change my nginx Configuration path like
/etc/nginx/nginx.conf to /opt/nginx_agent/conf/nginx.conf

so i follow this link http://serverfault.com/questions/821284/how-can-i-change-nginx-configuration-file-path to Configure this, But, "While Reload the Daemon Process"

"systemctl daemon-reload"

its throw `Failed to connect to bus: No such file or directory` so, follow this [link](http://stackoverflow.com/questions/39169403/systemd-and-systemctl-within-ubuntu-docker-images) they suggest `Since systemd isn't running as init inside your container, there's no daemon to process your start and stop commands.`

So, I need to Change nginx Configuration path, suggest me How to do that.

NGINX - RTMP (1 reply)

December 21, 2016, 2:48 pm
$
0
0
Hi all,

I am starting with streaming of some content that is quite heavy on my CPU.
looking arround at what equipment i have i want to try to fully utilize before spending some hard earned cash on more equipment i cam across a video on youtube mentioning streaming can be done on a 2 PC setup.

It involves connecting a Lan Cross-over cable and sending the video feed to the NGINX server,

My second PC is actually a laptop from work i am totally comfortable with using for the purpose of "Steaming PC", (it has ofcourse good specs)
However i do not have any admin right's on that pc. Meaning i cannot install any aplication's.
Looking on the internet tough, there is a Portable OBS program which runs fine, The only missing link is NGINX,

Ofcourse i tried to connect the two pc's and let the video feed come true, however the gaming pc could not connect to the NGINX server,
Looking closer in the anti-virus software it seems alot of incoming traffic is being blocked.

My questions which i would greatly appreciate an answer to if it is possible to somehow use different port's so the feed would be able to connect to laptop?

My bad for the pre-mature question however i know myself spending lots of time not achieving the impossible,

nginx - deny all - dont work for specific directory (no replies)

December 22, 2016, 7:09 am
$
0
0
Hi all,

the server is running nginx.

The access to all files in /meins/mymail is possible, but why?

regards Daniel

This is my config:

====================================
server {

# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;

ssl_certificate /etc/letsencrypt/live/www..de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www..de/privkey.pem;

root /var/www/www..de;

index index.html index.php index.htm ;

server_name www..de;

location ~* /meins/mymail/
{
deny all;
}


location ~ \.php$
{
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}

location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$
{
expires 1M;
access_log off;
add_header Cache-Control "public";
}

location ~* \.(?:css|js)$
{
expires 1m;
access_log off;
}

location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$
{
expires 1M;
access_log off;
}

location /images
{
try_files $uri $uri/;
}

location /deins
{
try_files $uri $uri/ ;
}

location /
{
rewrite ^/([^/\.]+)/*([^/]*)/*([^/\.]*)/*.*$ /main.php?kkk=$1&aaa=$2&bbb=$3 last;
rewrite ^.$ /main.php?kkk=Startseite last;
}

}
====================================

nginx ifttt maker (2 replies)

December 22, 2016, 3:04 pm
$
0
0
Hi

I'm running node-red on a server at home. On an other server I'm running nginx. I'm trying to setup nginx as a reverse proxy and use ifttt maker to access an API provided by the node-red server. When I'm using postman or an other client, I can access the url without any problem:
178.197.233.28 - - [22/Dec/2016:23:10:40 +0100] "PUT /ifttt/ HTTP/1.1" 200 0 "-" "HTTPea/1.1.1 CFNetwork/808.2.16 Darwin/16.3.0" "-"

But when I try to access it over ifttt I'm getting always an error and I can see the following error in the log:
54.164.82.62 - - [22/Dec/2016:23:10:16 +0100] "PUT /ifttt/ HTTP/1.1" 400 951 "-" "-" "-"

The config for ifttt in nginx is very simple, in the /etc/nginx/conf.d folder I have a file with the following config:
server {
listen 80;
server_name ifttt.noesberger.li;

location /ifttt/ {
proxy_pass http://192.168.1.214:1880/ifttt;
}
}

Can you please help me to find the issue?

Redirect with HTTPS with basic auth (no replies)

December 27, 2016, 3:02 pm
$
0
0
I am having the problem described here: http://stackoverflow.com/questions/41229844/nginx-basic-auth-in-location-but-first-redirect-to-https

Is there any way to do this in nginx? It seems that basic auth always takes precedence, which makes some sense, but sometimes you want to prioritice some things over it, like a redirect to https. Is this possible? How could I do this?

Thank you and regards
Search

Caching - Always MISS (no replies)

December 28, 2016, 2:55 pm
$
0
0
Hi all,

I'm having trouble setting up caching. The goal is to have static files cached by NGINX.
The problem is that I always see this in Chrome Devtools: 'x-proxy-cache:MISS'
This is the full response headers:

accept-ranges:bytes
cache-control:max-age=2592000
cache-control:public
content-length:9415
content-type:application/javascript
date:Wed, 28 Dec 2016 22:40:23 GMT
etag:W/"24c7-159448ae422"
expires:Fri, 27 Jan 2017 22:40:23 GMT
last-modified:Wed, 28 Dec 2016 08:27:50 GMT
pragma:public
status:200
x-proxy-cache:MISS


This is part of my config in sites-enabled:

proxy_cache_path /tmp/nginx levels=1:2 keys_zone=my_zone:10m inactive=60m;

server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
ssl on;

server_name example.com

location ~* \.(?:ico|css|js|gif|jpe?g|png|woff|ttf|otf|svg|woff2|eot)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
proxy_cache my_zone;
#proxy_cache_bypass $http_cache_control;
add_header X-Proxy-Cache $upstream_cache_status;
proxy_buffering on;
proxy_ignore_headers "Set-Cookie";
proxy_hide_header "Set-Cookie";
proxy_pass http://localhost:3000;
}

}


I have made www-data owner of /tmp/nginx and changed chmod to 755.
As you can see, I Googled about this and tried adding things people recommended. Such as enabling buffering, ignoring Set-Cookie etc.

What is causing this?

I have another location / block to proxy_pass everything. If I get this working, I intended to move this inside that same block by using an 'if'...

Rule to remove a character from url (no replies)

January 4, 2017, 2:06 am
$
0
0
Hello!
I'm trying to change the url of my page removing a point character (.) when it appear.
I think that the best solution is a rewrite but i can't find a correct rule.

For example:

http://www.hola.com/hola.que --> http://www.hola.com/holaque
http://www.hola.com/hola/hola.que --> http://www.hola.com/hola/holaque
http://www.hola.com/hola/hola2/hola.que --> http://www.hola.com/hola/hola2/holaque

Can somebody help me?

Thanks in advance.

Giu

prox-pass removes SM_USER Header depending on the client (no replies)

January 5, 2017, 4:08 am
$
0
0
Dear nginx-Community,

Using the following configuration for a default docker nginx:1.11.3 container :

server {
listen 80;

server_name devrest.example.com;
root /devrestserver;
underscores_in_headers on;

location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_request_headers on;
proxy_pass http://devrest:8080;
}
}

I get a strange behaviour on some clients:
A provided SM_USER header disappears.

If I use curl on an ubuntu 16.04 to do a request, I find the following tcp dump listening on the docker network:

GET /resource/InstallationPlace HTTP/1.0
X-Forwarded-Host: devrest.example.com
X-Forwarded-Server: devrest.example.com
X-Forwarded-For: 178.12.225.55
Host: devrest:8080
Connection: close
User-Agent: curl/7.35.0
Accept: application/ld+json
Content-Type: application/ld+json
SM_USER: atnqtjrce0cjfve0fbjbsov2ff

and therefore get a correct answer from the API. The same when I use the RESTClient Add-On in Firefox (no matter which OS).

Am I using a java spring rest client, the SM_USER disappears - the same when using SoapUI in windows.

GET /resource/InstallationPlace/ HTTP/1.0
X-Forwarded-Host: devrest.example.com
X-Forwarded-Server: devrest.example.com
X-Forwarded-For: 178.12.225.55
Host: devrest:8080
Connection: close
Accept-Encoding: gzip,deflate
Encoding: UTF-8
Accept: application/ld+json
Content-Type: application/ld+json
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

It is there when I use tcp dump to listen before nginx changes the request:

GET /resource/InstallationPlace/ HTTP/1.1
Accept: text/plain, application/json, application/*+json, */*
Content-Type: application/json
SM_USER: atnqtjrce0cjfve0fbjbsov2ff
Accept-Language: de
User-Agent: Java/1.7.0_71
Host: devrest.example.com
Connection: keep-alive

As you can see I use
underscores_in_headers on;
and explicitly set
proxy_pass_request_headers on;
in the configuration.

Is there something else I can do to get the SM_USER header through? Maybe explicitly force this header to be set? If so, how can I do this?

Thank you in advance
Werner

nginx and wordpress 4.7 (no replies)

January 6, 2017, 12:10 pm
$
0
0
Hello everyone!

I'm having some issues on setting a website online! I've followed a tut on " http://everyday-tech.com/wordpresspi-wordpress-web-server-image-on-raspberry-pi/" it doesn't work for me! i'm assuming that something is wrong on some config files. What's the configuration files for etc/hosts, etc/hostname and etc/resolv.conf?

I've created a domain name on no-ip.com, followed the instructions and have intalled the DUC script for Linux! On the pi side i've added the http.//domainname.com as the say on everydaytech!

Can sameone give me help?

Is my compiled nginx too big at 11MB ? (no replies)

January 7, 2017, 1:45 pm
$
0
0
Compared to the binary version in the repo which is maximum 1MB and has quite the same features, I cant make it smaller than 8MB, and if I include all the recommended options it gets up to 11MB.
What is a reasonable size the binary should be ?

I want to use my own version of openssl and that is the reason I'm trying to compile it.



CFLAGS+=-O2 ./configure --with-openssl=/mynginx/openssl \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--with-file-aio \
--with-threads \
--with-ipv6 \
--with-http_addition_module \
--with-http_auth_request_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_v2_module \
--with-http_random_index_module \
--with-http_realip_module \
--with-http_secure_link_module \
--with-http_slice_module \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_sub_module \
Viewing all 2931 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>