You need to stop nginx completely before you can replace the binary.
↧
Re: update nginx on windows
↧
Captcha issues on oxwall
Hello everyone,
I have oxwall v1.8.4.1 installed on a ubuntu 14.04 server with LEMP stack.
This server functions great with all other open-source software: wordpress & opencart
It has all the required modules installed inc. GD & TrueType support (required for Captcha)
For some unknown reason Captcha will not display.
I have plowed the web in vain - no answer.
Just to make sure I am not wrong, I reinstalled it again...
No captcha.
Last night I tried a fresh install locally - on a LAMP stack...
Captcha displayed no problem...
So now I understand there is a problem with captcha on nginx.
Can anyone point me to a resolution?
Has anyone encountered such a problem?
Thank you
I have oxwall v1.8.4.1 installed on a ubuntu 14.04 server with LEMP stack.
This server functions great with all other open-source software: wordpress & opencart
It has all the required modules installed inc. GD & TrueType support (required for Captcha)
For some unknown reason Captcha will not display.
I have plowed the web in vain - no answer.
Just to make sure I am not wrong, I reinstalled it again...
No captcha.
Last night I tried a fresh install locally - on a LAMP stack...
Captcha displayed no problem...
So now I understand there is a problem with captcha on nginx.
Can anyone point me to a resolution?
Has anyone encountered such a problem?
Thank you
↧
↧
Where put loacation directives (newbie)
I'm a newbie in Nginx and Plesk.
I'm learning to configure nginx.conf for a Wordpress + Multisite + Subdomain (with domain mapped) + https.
Now (in https) I see the main domain and its articles.
Instead, of the mapped domain I only see the home page and the articles return a 404 error.
On the Internet I'm reading various pages and tutorials and, if I understand correctly, the "location" directives must be put in a "server" block.
Plesk does not allow me to modify the main configuration files because these are generated automatically.
Intead I can place them in the domain configuration panel, but here I do not think it is possible to enter the "server" block.
In any case, there will be both of the main configuration file and the "custom" configuration file. Do not conflict with each other?
Thanks in advance for the suggestions.
I'm learning to configure nginx.conf for a Wordpress + Multisite + Subdomain (with domain mapped) + https.
Now (in https) I see the main domain and its articles.
Instead, of the mapped domain I only see the home page and the articles return a 404 error.
On the Internet I'm reading various pages and tutorials and, if I understand correctly, the "location" directives must be put in a "server" block.
Plesk does not allow me to modify the main configuration files because these are generated automatically.
Intead I can place them in the domain configuration panel, but here I do not think it is possible to enter the "server" block.
In any case, there will be both of the main configuration file and the "custom" configuration file. Do not conflict with each other?
Thanks in advance for the suggestions.
↧
Serve 2 https server{} block for 2 adress
Hey,
I successfully was able to set online a website in https ; but when I try to put a second one I get the following error :
""
[alert] 27063#0: worker process 27157 exited on signal 11
""
...Multiple time until the client does timeout.
There is the two https part, the two of them work if I disable one or another.
What am I missing ? :(
""
server {
server_name arzinfo.pwnz.org;
listen 443 ssl default_server;
listen [::]:443 default_server;#ipv6only=on;
index index.php index.html;
root /srv/arzinfo.pwnz.org;
ssl_certificate /etc/letsencrypt/live/arzinfo.pwnz.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/arzinfo.pwnz.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/arzinfo.pwnz.org/fullchain.pem;
location / {
try_files $uri $uri/ =404;
}
}
""
Second one :
""
server {
server_name otyugh.pwnz.org;
listen 443 ssl;
listen [::]:443;#ipv6only=on;
index index.php index.html;
root /srv/otyugh.pwnz.org;
ssl_certificate /etc/letsencrypt/live/otyugh.pwnz.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/otyugh.pwnz.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/otyugh.pwnz.org/fullchain.pem;
location / {
try_files $uri $uri/ =404;
}
}
""
I successfully was able to set online a website in https ; but when I try to put a second one I get the following error :
""
[alert] 27063#0: worker process 27157 exited on signal 11
""
...Multiple time until the client does timeout.
There is the two https part, the two of them work if I disable one or another.
What am I missing ? :(
""
server {
server_name arzinfo.pwnz.org;
listen 443 ssl default_server;
listen [::]:443 default_server;#ipv6only=on;
index index.php index.html;
root /srv/arzinfo.pwnz.org;
ssl_certificate /etc/letsencrypt/live/arzinfo.pwnz.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/arzinfo.pwnz.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/arzinfo.pwnz.org/fullchain.pem;
location / {
try_files $uri $uri/ =404;
}
}
""
Second one :
""
server {
server_name otyugh.pwnz.org;
listen 443 ssl;
listen [::]:443;#ipv6only=on;
index index.php index.html;
root /srv/otyugh.pwnz.org;
ssl_certificate /etc/letsencrypt/live/otyugh.pwnz.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/otyugh.pwnz.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/otyugh.pwnz.org/fullchain.pem;
location / {
try_files $uri $uri/ =404;
}
}
""
↧
Re: Serve 2 https server{} block for 2 adress
...Ok. Just made it work. It missed something I did not even include here (it was tls tweaks I thought unimportant on the issue)
this snippet :
""
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-CHACHA20-POLY1305';
ssl_ecdh_curve secp384r1;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_timeout 1d;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
""
I don't understand why this solve the problem, but it does. Maybe the tickets off ? No idea.
this snippet :
""
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-CHACHA20-POLY1305';
ssl_ecdh_curve secp384r1;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_timeout 1d;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
""
I don't understand why this solve the problem, but it does. Maybe the tickets off ? No idea.
↧
↧
Error redirect http to https
[root@balanceadorA1 conf]# cat nginx.conf
worker_processes auto;
events {
worker_connections 1024;
}
http {
upstream cluster1 {
# simples round-robin
server 172.16.1.2:80;
server 172.16.1.7:80 backup;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
check_http_send "HEAD / HTTP/1.0\r\n\r\n";
check_http_expect_alive http_2xx http_3xx;
}
upstream cluster2 {
server 172.16.1.23:80;
server 172.16.1.24:80;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
check_http_send "HEAD / HTTP/1.0\r\n\r\n";
check_http_expect_alive http_2xx http_3xx;
}
upstream sage {
server 172.16.1.1:80;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
check_http_send "HEAD / HTTP/1.0\r\n\r\n";
}
include TCE/teste.com.br;
[root@balanceadorA1 TCE]# cat teste.com.br
server {
listen 80;
server_name teste.com.br;
rewrite ^/(.*)$ https://$server_name$request_uri? permanent;
# return 307 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name teste.com.br;
# SSL code
ssl on;
ssl_certificate /usr/include/nginx/conf/TCE/TCEMT.crt;
ssl_certificate_key /usr/include/nginx/conf/TCE/tcemt.key;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://cluster2;
}
client_max_body_size 4G;
keepalive_timeout 10;
}
[root@balanceadorA1 conf]# tail -f ../logs/access.log
10.69.39.9 - - [05/Jul/2017:08:53:23 -0400] "GET /auth/login HTTP/1.1" 200 4482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:23 -0400] "GET /favicon.ico HTTP/1.1" 200 0 "https://teste.com.br/auth/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
172.16.0.3 - - [05/Jul/2017:08:53:24 -0400] "GET / HTTP/1.1" 200 17425 "-" "curl/7.29.0"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /auth/login HTTP/1.1" 200 4482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /favicon.ico HTTP/1.1" 200 0 "https://teste.com.br/auth/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /auth/login HTTP/1.1" 200 4482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /favicon.ico HTTP/1.1" 200 0 "https://teste.com.br/auth/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /auth/login HTTP/1.1" 200 4482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /favicon.ico HTTP/1.1" 200 0 "https://teste.com.br/auth/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
172.16.0.3 - - [05/Jul/2017:08:53:26 -0400] "GET / HTTP/1.1" 200 17425 "-" "curl/7.29.0"
version: 59
Ex.js:1068 ex.js page check url
login:9 Mixed Content: The page at 'https://teste.com.br/auth/login' was loaded over HTTPS, but requested an insecure stylesheet 'http://teste.com.br/css/main.css'. This request has been blocked; the content must be served over HTTPS.
Ex.js:1074 0
login:1 Mixed Content: The page at 'https://teste.com.br/auth/login' was loaded over HTTPS, but requested an insecure script 'http://teste.com.br/components/jquery/dist/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
login:1 Mixed Content: The page at 'https://teste.com.br/auth/login' was loaded over HTTPS, but requested an insecure script 'http://teste.com.br/components/bootstrap-sass-twbs/assets/javascripts/bootstrap.js'. This request has been blocked; the content must be served over HTTPS.
certisignerconf.js:4 A div certisigner-enabled nao foi encontrada.
Ex.js:1085 https://teste.com.br/auth/login
Ex.js:1086 ************* startProtect 2datetime: Wed Jul 05 2017 08:53:37 GMT-0400 (Hora Padrão Brasil Central)
Ex.js:1094 request.firstRun ::2
worker_processes auto;
events {
worker_connections 1024;
}
http {
upstream cluster1 {
# simples round-robin
server 172.16.1.2:80;
server 172.16.1.7:80 backup;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
check_http_send "HEAD / HTTP/1.0\r\n\r\n";
check_http_expect_alive http_2xx http_3xx;
}
upstream cluster2 {
server 172.16.1.23:80;
server 172.16.1.24:80;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
check_http_send "HEAD / HTTP/1.0\r\n\r\n";
check_http_expect_alive http_2xx http_3xx;
}
upstream sage {
server 172.16.1.1:80;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
check_http_send "HEAD / HTTP/1.0\r\n\r\n";
}
include TCE/teste.com.br;
[root@balanceadorA1 TCE]# cat teste.com.br
server {
listen 80;
server_name teste.com.br;
rewrite ^/(.*)$ https://$server_name$request_uri? permanent;
# return 307 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name teste.com.br;
# SSL code
ssl on;
ssl_certificate /usr/include/nginx/conf/TCE/TCEMT.crt;
ssl_certificate_key /usr/include/nginx/conf/TCE/tcemt.key;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://cluster2;
}
client_max_body_size 4G;
keepalive_timeout 10;
}
[root@balanceadorA1 conf]# tail -f ../logs/access.log
10.69.39.9 - - [05/Jul/2017:08:53:23 -0400] "GET /auth/login HTTP/1.1" 200 4482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:23 -0400] "GET /favicon.ico HTTP/1.1" 200 0 "https://teste.com.br/auth/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
172.16.0.3 - - [05/Jul/2017:08:53:24 -0400] "GET / HTTP/1.1" 200 17425 "-" "curl/7.29.0"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /auth/login HTTP/1.1" 200 4482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /favicon.ico HTTP/1.1" 200 0 "https://teste.com.br/auth/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /auth/login HTTP/1.1" 200 4482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /favicon.ico HTTP/1.1" 200 0 "https://teste.com.br/auth/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /auth/login HTTP/1.1" 200 4482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
10.69.39.9 - - [05/Jul/2017:08:53:24 -0400] "GET /favicon.ico HTTP/1.1" 200 0 "https://teste.com.br/auth/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
172.16.0.3 - - [05/Jul/2017:08:53:26 -0400] "GET / HTTP/1.1" 200 17425 "-" "curl/7.29.0"
version: 59
Ex.js:1068 ex.js page check url
login:9 Mixed Content: The page at 'https://teste.com.br/auth/login' was loaded over HTTPS, but requested an insecure stylesheet 'http://teste.com.br/css/main.css'. This request has been blocked; the content must be served over HTTPS.
Ex.js:1074 0
login:1 Mixed Content: The page at 'https://teste.com.br/auth/login' was loaded over HTTPS, but requested an insecure script 'http://teste.com.br/components/jquery/dist/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
login:1 Mixed Content: The page at 'https://teste.com.br/auth/login' was loaded over HTTPS, but requested an insecure script 'http://teste.com.br/components/bootstrap-sass-twbs/assets/javascripts/bootstrap.js'. This request has been blocked; the content must be served over HTTPS.
certisignerconf.js:4 A div certisigner-enabled nao foi encontrada.
Ex.js:1085 https://teste.com.br/auth/login
Ex.js:1086 ************* startProtect 2datetime: Wed Jul 05 2017 08:53:37 GMT-0400 (Hora Padrão Brasil Central)
Ex.js:1094 request.firstRun ::2
↧
Simple question about redirects
Hello all
Started to dabble in nginx lately but I'm still having issues with many redirects and rewrites.
I can make and understand simple ones but need help with some, for instance...
I have a website and plenty links and images are ending with random string of numbers...for instance https://www.somewebiste.com/images/cat-image-7646465545...
I want to make a rule that will find all those links and redirect them to https://www.somewebiste.com/images/cat-image
How would I proceed to do it?
Thank you in advance
Started to dabble in nginx lately but I'm still having issues with many redirects and rewrites.
I can make and understand simple ones but need help with some, for instance...
I have a website and plenty links and images are ending with random string of numbers...for instance https://www.somewebiste.com/images/cat-image-7646465545...
I want to make a rule that will find all those links and redirect them to https://www.somewebiste.com/images/cat-image
How would I proceed to do it?
Thank you in advance
↧
nginx block mobile headers?
Is there any way to block headers from a cell phone? I mean this:
"Mozilla/5.0 (Linux; Android 5.1.1; [b]Lenovo A6020a40[/b] Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.83 Mobile Safari/537.36"
I want to block people who are trying to get into this mobile device model. How can it be?
"Mozilla/5.0 (Linux; Android 5.1.1; [b]Lenovo A6020a40[/b] Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.83 Mobile Safari/537.36"
I want to block people who are trying to get into this mobile device model. How can it be?
↧
Trying nginx+php+mysql on Mac OS. Failing :-(
Dear friends,
I installed mysql, nginx and php 7 on my Mac OS Sierra and despite working for several hours I am not quite managing to get the phpinfo to work (it gets downloaded).
As far as I understand php-fm is running
Bob@Imac27RJA:~$ lsof -Pni4 | grep LISTEN | grep php
php-fpm 4498 Bob 8u IPv4 0xdfb09ce80e670d85 0t0 TCP 127.0.0.1:9000 (LISTEN)
php-fpm 4499 Bob 0u IPv4 0xdfb09ce80e670d85 0t0 TCP 127.0.0.1:9000 (LISTEN)
php-fpm 4500 Bob 0u IPv4 0xdfb09ce80e670d85 0t0 TCP 127.0.0.1:9000 (LISTEN)
and php is v7:
Bob@Imac27RJA:~/Hosts/paperness.it$ php -v
PHP 7.0.20 (cli) (built: Jun 23 2017 07:46:30) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.20, Copyright (c) 1999-2017, by Zend Technologies
with Xdebug v2.5.5, Copyright (c) 2002-2017, by Derick Rethans
and nginx too is up and running:
Bob@Imac27RJA:~$ lsof -Pni4 | grep LISTEN | grep nginx
nginx 4740 Bob 6u IPv4 0xdfb09ce82a29ba5d 0t0 TCP *:80 (LISTEN)
nginx 4740 Bob 7u IPv4 0xdfb09ce8168cb67d 0t0 TCP *:443 (LISTEN)
... several similar lines omitted ...
my website is here:
Bob@Imac27RJA:~/Hosts/paperness.it$ ls -l
total 16
-rw-r--r-- 1 Bob staff 600B Jul 7 16:00 index.html
-rw-r--r-- 1 Bob staff 19B Jul 7 17:05 index.php
and the content of the index.php file is:
Bob@Imac27RJA:~/Hosts/paperness.it$ cat index.php
<?php phpinfo(); ?>
while the index.html file gets loaded as expected, the index.php file is only downloaded and not interpreted by PHP
Bob@Imac27RJA:~$ nginx -v
nginx version: nginx/1.12.0
here follows attached the nginx.conf file. Please help to identify my beginner's mistake ! Thank you very much in advance
I installed mysql, nginx and php 7 on my Mac OS Sierra and despite working for several hours I am not quite managing to get the phpinfo to work (it gets downloaded).
As far as I understand php-fm is running
Bob@Imac27RJA:~$ lsof -Pni4 | grep LISTEN | grep php
php-fpm 4498 Bob 8u IPv4 0xdfb09ce80e670d85 0t0 TCP 127.0.0.1:9000 (LISTEN)
php-fpm 4499 Bob 0u IPv4 0xdfb09ce80e670d85 0t0 TCP 127.0.0.1:9000 (LISTEN)
php-fpm 4500 Bob 0u IPv4 0xdfb09ce80e670d85 0t0 TCP 127.0.0.1:9000 (LISTEN)
and php is v7:
Bob@Imac27RJA:~/Hosts/paperness.it$ php -v
PHP 7.0.20 (cli) (built: Jun 23 2017 07:46:30) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.20, Copyright (c) 1999-2017, by Zend Technologies
with Xdebug v2.5.5, Copyright (c) 2002-2017, by Derick Rethans
and nginx too is up and running:
Bob@Imac27RJA:~$ lsof -Pni4 | grep LISTEN | grep nginx
nginx 4740 Bob 6u IPv4 0xdfb09ce82a29ba5d 0t0 TCP *:80 (LISTEN)
nginx 4740 Bob 7u IPv4 0xdfb09ce8168cb67d 0t0 TCP *:443 (LISTEN)
... several similar lines omitted ...
my website is here:
Bob@Imac27RJA:~/Hosts/paperness.it$ ls -l
total 16
-rw-r--r-- 1 Bob staff 600B Jul 7 16:00 index.html
-rw-r--r-- 1 Bob staff 19B Jul 7 17:05 index.php
and the content of the index.php file is:
Bob@Imac27RJA:~/Hosts/paperness.it$ cat index.php
<?php phpinfo(); ?>
while the index.html file gets loaded as expected, the index.php file is only downloaded and not interpreted by PHP
Bob@Imac27RJA:~$ nginx -v
nginx version: nginx/1.12.0
here follows attached the nginx.conf file. Please help to identify my beginner's mistake ! Thank you very much in advance
↧
↧
Re: Trying nginx+php+mysql on Mac OS. Failing :-(
Guys !!! After a good dinner and getting back to analysing I found the error !!!
A backslash had crept before the $ sign in location ~ \.php$
Sorry for disturbing but still if you have good suggestions for my nginx config please shhot !
THANKS
A backslash had crept before the $ sign in location ~ \.php$
Sorry for disturbing but still if you have good suggestions for my nginx config please shhot !
THANKS
↧
Why am I getting Proxy returns “HTTP/1.1 407 authenticationrequired”?
I am using nginx, gunicorn, django for backend. I have created apis in django, and these apis works fine for me from postman and even from my python code. But when I try to access the api from proxy server it gives me 'Unable to tunnel through proxy. Proxy returns "HTTP/1.1 407 authenticationrequired."'
Here are my complete issues :
DIGITAL OCEANS : https://www.digitalocean.com/community/questions/why-am-i-getting-proxy-returns-http-1-1-407-authenticationrequired
STACKOVERFLOW : https://stackoverflow.com/questions/44934774/why-am-i-getting-proxy-returns-http-1-1-407-authenticationrequired
Here are my complete issues :
DIGITAL OCEANS : https://www.digitalocean.com/community/questions/why-am-i-getting-proxy-returns-http-1-1-407-authenticationrequired
STACKOVERFLOW : https://stackoverflow.com/questions/44934774/why-am-i-getting-proxy-returns-http-1-1-407-authenticationrequired
↧
rewrute rules not work - gave 404 not found
I use vhost - cpanel.site.com and my rewrite rules is........ but not work:
location = /home {
rewrite ^(.*)$ /home.php break;
}
location = /dev/changelog {
rewrite ^(.*)$ /changelog.php;
rewrite ^(.*)$ /changelog.php;
}
location = /add_domain {
rewrite ^(.*)$ /add_domain.php break;
}
location /plan {
rewrite ^/plan-([^/]*)$ /plan.php?p=$1 break;
}
location /upgrade {
rewrite ^/upgrade-([^/]*)$ /upgrade.php?p=$1 break;
}
location = /payment {
rewrite ^(.*)$ /invoice.php break;
}
location /pay {
rewrite ^/pay?([^/]*)$ /paypal/process.php$1 break;
rewrite ^/pay/([^/]*)$ /paypal/$1 break;
}
location = /dev {
rewrite ^(.*)$ /dev.php break;
}
location = /dev/block_page {
rewrite ^(.*)$ /dev.php?def=1 break;
}
location = /exit {
rewrite ^(.*)$ /exit.php break;
}
location = /home {
rewrite ^(.*)$ /home.php break;
}
location = /dev/changelog {
rewrite ^(.*)$ /changelog.php;
rewrite ^(.*)$ /changelog.php;
}
location = /add_domain {
rewrite ^(.*)$ /add_domain.php break;
}
location /plan {
rewrite ^/plan-([^/]*)$ /plan.php?p=$1 break;
}
location /upgrade {
rewrite ^/upgrade-([^/]*)$ /upgrade.php?p=$1 break;
}
location = /payment {
rewrite ^(.*)$ /invoice.php break;
}
location /pay {
rewrite ^/pay?([^/]*)$ /paypal/process.php$1 break;
rewrite ^/pay/([^/]*)$ /paypal/$1 break;
}
location = /dev {
rewrite ^(.*)$ /dev.php break;
}
location = /dev/block_page {
rewrite ^(.*)$ /dev.php?def=1 break;
}
location = /exit {
rewrite ^(.*)$ /exit.php break;
}
↧
Reverse Proxy NGINX and Foscam Active-X error
Hi All, I have a working reverse proxy for my Foscam out door camera with a StartSSL cert and everything works fine but If I want to use the camera's full function to record to a network device I need to use IE and Active-X....Ewwwww!!! right???
The issue I'm encountering is that when I get to the login page of the camera I have 3 options. Active-x or server push or mobile.
if I choose Active-x I can login but then an error pop-up shows up saying couldn't connect to device.
Any Ideas?
The issue I'm encountering is that when I get to the login page of the camera I have 3 options. Active-x or server push or mobile.
if I choose Active-x I can login but then an error pop-up shows up saying couldn't connect to device.
Any Ideas?
↧
↧
return 403; custom page NOT work
I use:
if ($http_user_agent ~* "9003X") {
return 403;
}
How add return 403; custom page?
if ($http_user_agent ~* "9003X") {
return 403;
}
How add return 403; custom page?
↧
Re: Preserving Source IP using SSL Preread + OpenVPN
I am still looking to get this to work as well. Would love if someone posted a working example config. I am still trying with OpenVPN on 443
↧
NGINX config required for shifting traffic based on some URL parameter
Hi I am not developer but we want nginx to transfer streaming traffic based on some live tv channel name to specific server e.g:
http://oursite.com:1935/live/smil:mychannel1.smil/playlist.m3u8
Like in the above url whenever mychannel1 comes nginx should transfer this streaming traffic to server1 we have Wowza servers running.
Example 2:
http://oursite.com:1935/live/smil:mychannel2.smil/playlist.m3u8
Like in the above url whenever mychannel2 comes nginx should transfer this streaming traffic to server2 we have Wowza servers running.
We are using HLS for streaming and want NGING to load balance like this.
Kindly provide nginx.conf for above requirement.
Many Thanks
http://oursite.com:1935/live/smil:mychannel1.smil/playlist.m3u8
Like in the above url whenever mychannel1 comes nginx should transfer this streaming traffic to server1 we have Wowza servers running.
Example 2:
http://oursite.com:1935/live/smil:mychannel2.smil/playlist.m3u8
Like in the above url whenever mychannel2 comes nginx should transfer this streaming traffic to server2 we have Wowza servers running.
We are using HLS for streaming and want NGING to load balance like this.
Kindly provide nginx.conf for above requirement.
Many Thanks
↧
Is there any way of bypassing the http request when localhost used as PROXY_PASS in case of cache miss in nginx
Hi,
I am using my custom module for response when cache miss happens. When cache miss is happening proxy server is making another http request to localhost and then it is coming to the "location /kunal". So I am trying to bypass this extra http request.
Is there anyway to directly call my custom module "kunal_custom" when cache miss happens without doing extra http request to localhost.
Please help me out. I am fully stuck here.
I am using following nginx config
location / {
root html;
index index.html index.htm;
access_log /etc/nginx/logs/cache-server-1.log nginx_cache;
error_log /etc/nginx/logs/error-server-1.log debug;
#listen 8072;
#proxy_read_timeout 600;
proxy_cache cache_zone;
proxy_cache_valid 200 10m;
proxy_pass http://localhost/kunal/;
proxy_redirect off;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# redirect server error pages to the static page /50x.html
#
error_page 404 403 500 502 503 504 /kunal;
location /kunal {
kunal_custom;
}
Thanks,
Kunal
I am using my custom module for response when cache miss happens. When cache miss is happening proxy server is making another http request to localhost and then it is coming to the "location /kunal". So I am trying to bypass this extra http request.
Is there anyway to directly call my custom module "kunal_custom" when cache miss happens without doing extra http request to localhost.
Please help me out. I am fully stuck here.
I am using following nginx config
location / {
root html;
index index.html index.htm;
access_log /etc/nginx/logs/cache-server-1.log nginx_cache;
error_log /etc/nginx/logs/error-server-1.log debug;
#listen 8072;
#proxy_read_timeout 600;
proxy_cache cache_zone;
proxy_cache_valid 200 10m;
proxy_pass http://localhost/kunal/;
proxy_redirect off;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# redirect server error pages to the static page /50x.html
#
error_page 404 403 500 502 503 504 /kunal;
location /kunal {
kunal_custom;
}
Thanks,
Kunal
↧
↧
Will there be any performance improvement if same node is used as proxy_pass then other node used in nginx
In my application I want to improve nginx performance in case of cache miss. Below are the two cases I am considering.
Case 1 : If I use some other nginx node as PROXY_PASS, so when cache miss happens the http request gets forwarded to the other node.
Case 2 : If I use localhost (same node) as PROXY_PASS, so in this case when cache miss happens http request will be loop back to the same nginx node.
In both the case will there be any performance difference.
Can anyone please let me know will there be any nginx performance improvement in case 2?
Case 1 : If I use some other nginx node as PROXY_PASS, so when cache miss happens the http request gets forwarded to the other node.
Case 2 : If I use localhost (same node) as PROXY_PASS, so in this case when cache miss happens http request will be loop back to the same nginx node.
In both the case will there be any performance difference.
Can anyone please let me know will there be any nginx performance improvement in case 2?
↧
Disable NGINX caching 304 Responses from Origin Server
We have a pretty simple setup with NGINX sitting on the front and a backend server (on a separate physical server) that provides the content.
Nginx then caches content based on the EXPIRES and Cache-Control headers set by the origin server.
We noticed that NGINX was not issuing 304 headers to images that were not in the local NGINX cache when the If-Modified-Since header was sent by the client. Instead, it would issue a 200 with the full data file.
To fix this, we applied:
proxy_set_header If-Modified-Since $http_if_modified_since
So then the If-Modified-Since header was passed to the backend and of course, it returned correctly with the 304 header - great.
But what we noticed was that NGINX would cache this 304 response and deliver future responses as 304 to clients even without the If-Modified-Since header.
How can we disable caching of 304 responses and fix this issue?
Thank you for your help, suggestions, and tips in advance.
Nginx then caches content based on the EXPIRES and Cache-Control headers set by the origin server.
We noticed that NGINX was not issuing 304 headers to images that were not in the local NGINX cache when the If-Modified-Since header was sent by the client. Instead, it would issue a 200 with the full data file.
To fix this, we applied:
proxy_set_header If-Modified-Since $http_if_modified_since
So then the If-Modified-Since header was passed to the backend and of course, it returned correctly with the 304 header - great.
But what we noticed was that NGINX would cache this 304 response and deliver future responses as 304 to clients even without the If-Modified-Since header.
How can we disable caching of 304 responses and fix this issue?
Thank you for your help, suggestions, and tips in advance.
↧
Loadbalance a website that only support https
Hello,
I want to load-balance a web page that only supports https. For me it is ok to terminate the incoming https connection and create a new one.
I tried with this config:
http {
upstream myapp1 {
server page1.myregion.cloudapp.azure.com:443;
server page2.myregion.cloudapp.azure.com:443;
}
server {
listen 443 default ssl;
ssl_certificate /etc/nginx/certs/portal-cert.pem;
ssl_certificate_key /etc/nginx/certs/portal-key.pem;
location / {
proxy_pass https://myapp1;
proxy_ssl_verify off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_certificate /etc/nginx/certs/portal-cert.pem;
proxy_ssl_certificate_key /etc/nginx/certs/portal-key.pem;
proxy_ssl_server_name on;
proxy_ssl_protocols SSLv2 SSLv3 TLSv1.1 TLSv1.2 TLSv1.3;
}
}
}
The log say still http:
[25/Jul/2017:14:14:59 +0000] 1XX.XXX.XXX.238 - - - to: 1XX.XXX.XXX.XXX:443: GET / HTTP/1.1 upstream_response_time 0.342 msec 1500992099.260 request_time 0.342 500 3003 "-
Also the upstream web page give me a error page with Status 500 say http is not allowed because https is expected.
What did I miss?
Thanks,
Daniel
I want to load-balance a web page that only supports https. For me it is ok to terminate the incoming https connection and create a new one.
I tried with this config:
http {
upstream myapp1 {
server page1.myregion.cloudapp.azure.com:443;
server page2.myregion.cloudapp.azure.com:443;
}
server {
listen 443 default ssl;
ssl_certificate /etc/nginx/certs/portal-cert.pem;
ssl_certificate_key /etc/nginx/certs/portal-key.pem;
location / {
proxy_pass https://myapp1;
proxy_ssl_verify off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_certificate /etc/nginx/certs/portal-cert.pem;
proxy_ssl_certificate_key /etc/nginx/certs/portal-key.pem;
proxy_ssl_server_name on;
proxy_ssl_protocols SSLv2 SSLv3 TLSv1.1 TLSv1.2 TLSv1.3;
}
}
}
The log say still http:
[25/Jul/2017:14:14:59 +0000] 1XX.XXX.XXX.238 - - - to: 1XX.XXX.XXX.XXX:443: GET / HTTP/1.1 upstream_response_time 0.342 msec 1500992099.260 request_time 0.342 500 3003 "-
Also the upstream web page give me a error page with Status 500 say http is not allowed because https is expected.
What did I miss?
Thanks,
Daniel
↧