Quantcast
Channel: Nginx Forum - How to...
Viewing all 4759 articles
Browse latest View live

Re: Htaccess Rewrite Problem

November 5, 2018, 9:24 pm
$
0
0
hi .
i have a problem .
how to install X-Accel-Redirect on the nginx in the directadmin ?

please help me !
Search

Re: Redirect js.map , css.map

November 5, 2018, 10:07 pm
$
0
0
hi .
i have a problem .
how to install X-Accel-Redirect on the nginx in the directadmin ?

please help me !

Re: How to force mp4 downloads

November 5, 2018, 10:07 pm
$
0
0
hi .
i have a problem .
how to install X-Accel-Redirect on the nginx in the directadmin ?

please help me !

Enable X-Accel-Redirect

November 5, 2018, 10:08 pm
$
0
0
hi .
i have a problem .
how to install X-Accel-Redirect on the nginx in the directadmin ?

please help me !

ReverseProxy rewrite 172...16:port/#1234 host.domain.com (extern)

November 7, 2018, 12:01 am
$
0
0
I try to rewrite an internal url with the structure http://172.20.20.16:3777/#53584 over the ReverseProxy on host.domain.com.
Unfortunately, the proxy cuts off everything from the comment hash "#".
A rewrite to %23 ("#") does not work on the php system side.

Does anyone have any idea how "#" can be masked?

my config:

server {
listen 80;

server_name host.domain.de;
return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl;

server_name host.domain.de;

root /var/www/host-certbot-webroot;

# The public and private parts of the certificate are linked here
ssl_certificate /etc/letsencrypt/live/host.domain.de-0001/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/host.domain.de-0001/privkey.pem; # managed by Certbot


location / {
proxy_set_header Accept-Encoding "";

# WebFront http://172.20.20.16:3777/#53584
proxy_pass "http://172.20.20.16:3777/%2353584";
proxy_redirect default;

sub_filter "172.20.20.16:3777/%2353584" "host.domain.de";
sub_filter_once off;
}
}

autoindex on - 404 not found

November 7, 2018, 3:44 pm
$
0
0
Hi all,

I installed nginx on an offline computer, I configured it
and it worked fine. But when I installed nginx as a service
with NSSM, autoindex does not work, I get an 404 error
message, I can't access any html page but the php pages
are working fine.

When I run nginx normally in the command prompt, not
as a service, everything works fine again, but when I run
nginx as a service, I get an 404 error message.

Can anyone please help me with this issue?

Thanks in advance.

Re: autoindex on - 404 not found

November 8, 2018, 7:12 am
$
0
0
If it runs as a service that service needs access rights to whereever your data is.

proxify qlikview through nginx

November 8, 2018, 9:30 pm
$
0
0
We use nginx as load balancer for our project
But we have some trouble, auth not worked in qlikview when we use nginx
This config worked on apache:

<VirtualHost *:80>
<Location "/qlikview">
ProxyPass http://10.7.136.107/qlikview
</Location>
<Location /QvAJAXZfc/>
ProxyPass http://10.7.136.107/QvAJAXZfc/
</Location>
<Location /QvAjaxZfc/>
ProxyPass http://10.7.136.107/QvAjaxZfc/
</Location>
</VirtualHost>

But config like above not worked

server {
listen 80;

location /qlikview {
proxy_pass http://10.7.136.107/qlikview;
}

location /QvAJAXZfc/ {
proxy_pass http://10.7.136.107/QvAJAXZfc/;
}

location /QvAjaxZfc/ {
proxy_pass http://10.7.136.107/QvAjaxZfc/;
}
}

When I look to web console I see first auth response (nginx)

Response headers (155 B)
Connection keep-alive
Content-Length 0
Date Fri, 09 Nov 2018 04:59:42 GMT
Server nginx/1.15.6

Request headers (475 B)
Accept */*
Accept-Encoding gzip, deflate
Accept-Language en-US,en;q=0.5
Cache-Control no-cache
Connection keep-alive
Cookie xrfkey=dwQTEdUgc2wYB0Cv; Acces…b-59d5-1ee7-ec53-c8d625fafb58
Host 127.0.0.1
Pragma no-cache
Referer http://127.0.0.1/qlikview/index.htm
User-Agent Mozilla/5.0 (X11; Linux x86_64…) Gecko/20100101 Firefox/60.0
X-Requested-With XMLHttpRequest

But have another response when use apache

Response headers (195 B)
Cache-Control no-cache, no-store
Connection Keep-Alive
Content-Length 0
Content-Type text/html; charset=UTF-8
Date Fri, 09 Nov 2018 05:02:35 GMT
Expires Fri, 09 Nov 2018 04:02:35 GMT
Keep-Alive timeout=5, max=96
Pragma no-cache
Server Apache/2.4.6 (CentOS)
Set-Cookie AccessPointSession=f9af94d1-50…ba3cc3dd7a7; path=/; HTTPOnly
Request headers (385 B)
Accept */*
Accept-Encoding gzip, deflate
Accept-Language en-US,en;q=0.5
Cache-Control no-cache
Connection keep-alive
Host 127.0.0.1
Pragma no-cache
Referer http://127.0.0.1/qlikview/login.htm
User-Agent Mozilla/5.0 (X11; Linux x86_64…) Gecko/20100101 Firefox/60.0
X-Requested-With XMLHttpRequest
Search

Re: autoindex on - 404 not found

November 9, 2018, 2:08 am
$
0
0
Thanks for your reply. I forgot to mention that I was
trying to access mapped networking drives. After I
tried everything I know I still could not make it work,
so I decided to write a small C# program to
start / stop / reload the nginx server in the system
tray and I added that program to start up.

Re: autoindex on - 404 not found

November 9, 2018, 2:45 am
$
0
0
Just use srvany to create a service and use a .cmd file, in there you can 'net use' and start nginx.

Configuration issue with nginx

November 10, 2018, 11:51 am
$
0
0
I'm not very experienced with nginx. I'm having trouble with using ngxinx as a proxy in front of minio. I've been adding a minio service (4 were already running fine) but now nginx has stopped working for me, so I must have messed something up.I'm running ngxinx and minio on macOS High Sierra, installed via brew.

When connecting from the new laptop, nginx reports:
2018/11/10 18:15:23 [error] 51450#0: *25 open() "/usr/local/Cellar/nginx/1.13.10/html/renskedocumentsanddesktop" failed (2: No such file or directory), client: 192.168.2.91, server: dumbledore.rna.nl, request: "GET /renskedocumentsanddesktop?max-keys=1000 HTTP/1.1", host: "dumbledore.rna.nl:9000"

So, while from another laptop, nginx passes the request apparently on to minio without problems (no log entry by nginx, but it works), from the other laptop it wants to load something highly appropriate, namely "renskedocumentsanddesktop" from somewhere in the nginx install tree.

Somehow, nginx tries to serve the file itself instead of acting like a proxy and passing it on.

nginx servers include is a file that looks like this:

server {
listen 9000 ssl;
server_name myhost.mydomain.tld;
ssl_certificate minio_certificate_chained.crt;
ssl_certificate_key minio_certificate.key;
ssl_protocols TLSv1.2;
proxy_buffering off;
client_max_body_size 1000m;
location / {
proxy_set_header Host $http_host;
if ($http_authorization ~* "^AWS4-HMAC-SHA256 Credential=***") {
proxy_pass http://127.0.0.1:9001;
}
if ($http_authorization ~* "^AWS4-HMAC-SHA256 Credential=***") {
proxy_pass http://127.0.0.1:9002;
}
if ($http_authorization ~* "^AWS4-HMAC-SHA256 Credential=***") {
proxy_pass http://127.0.0.1:9003;
}
if ($http_authorization ~* "^AWS4-HMAC-SHA256 Credential=***") {
proxy_pass http://127.0.0.1:9004;
}
if ($http_authorization ~* "^AWS4-HMAC-SHA256 Credential=***") {
proxy_pass http://127.0.0.1:9005;
}
}
}

And that works for addressing the minio on port 9003 but not the one on 9005 which produces the error. I'm completely baffled because as far as I can see for both services the nginx situation is technically the same

Re: Configuration issue with nginx

November 10, 2018, 12:41 pm
$
0
0
OK, as always, the answer was: a config error. The client wasn't using the exact right Credential and this means it fell through all the authorization statements. What I need is a default fall through that results in something and doesn't pass it on to the nginx install tree.

Direct use of Linux file/directory functions in Nginx module?

November 10, 2018, 2:20 pm
$
0
0
I'm developing a Nginx module, and want to use Linux file/directory functions
(such as 'readlink' and 'access') in the module. Because Nginx module API
does not support these functions.

Of course, there must be compatibility issues, but it's not a problem in my case.
Is there any other problems?

Nginx - Reverse Proxy - Session closed

November 13, 2018, 5:48 am
$
0
0
Hi all,

I just setup nginx to work as reverse proxy in order to publish an internal website.
I used this vhost configuration:

server {
# The IP that you forwarded in your router (nginx proxy)
listen **********:80 default_server;

# Make site accessible from http://localhost/
server_name www.mydomain.com;

# The internal IP of the VM that hosts your Apache config
# set $upstream ***_internal_website_IP_***;

location / {

proxy_pass_header Server;
proxy_cache STATIC;
proxy_cache_valid 200 1d;
proxy_cache_use_stale error timeout invalid_header updating
http_500 http_502 http_503 http_504;
proxy_pass http://**_internal_website_FQDN***/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 36000s;
proxy_redirect http://**_internal_website_FQDN***/ http://$host/;
sub_filter "http://**_internal_website_FQDN***/" "http://www.mydomain.com/";
sub_filter_once off;
sub_filter_types *;
}
}

I can access internal website, but when I use credentials to log in, it loads and then after few seconds brings me back to the home page.
It seems there's something wrong with sessions.

Any hints?

Backend with client certificate authentication

November 14, 2018, 8:36 am
$
0
0
Hi

I have an application (EJBCA) which is installed in wilfdly 10 version.

This application requires a client certificate authentication.

I need to put nginx in front and I have some issue to forward the client certificate to the application.

Here is my configuration :

location /ejbca/adminweb {
proxy_pass https://<ip>:<port>/ejbca/adminweb ;

proxy_set_header SSL_CLIENT_CERT $ssl_client_cert ;
proxy_set_header SSL_CIPHER $ssl_cipher ;
proxy_set_header SSL_SESSION_ID $ssl_session_id ;
}


In wildfly side (in undertow subsystem) I added an attribute certificate-forwarding :

<http-listener name="http" socket-binding="http" certificate-forwarding="true" redirect-socket="httpspriv"/>


But I still have a Bad Gateway error.

Any idea ?

Thanks
Search

Re: Nginx - Reverse Proxy - Session closed

November 15, 2018, 2:09 am
$
0
0
Just solved deleting "proxy_set_header Host $host;" string
Now I have some issue with frames that nginx doesn't allow me to view :-/

Sharing data between Module and Filter

November 20, 2018, 8:19 am
$
0
0
Good evening,

Let me first provide you the background from my incoming questions:

* I'm currently trying to write a module which would hook on the PRECONTENT phase. In this module i'd like to make requests to an upstream which return me a response that i'd like to store.
* In the CONTENT phase, everything should follow the configuration (mostly calling an upstream).
* Afterwards, a filter will be placed to modify the regular response (obtained from the CONTENT phase) with the information obtained from the PRECONTENT phase.

Now for the questions:

1 Is this design compliant with nginx philosophy ?
2 If the answer to the first question is NO...

I was thinking otherwise moving the things in PRECONTENT phase to a dedicated filter. BUT in that case, this filter must occur before the one which is manipulating the response. Is it possible ? Can you otherwise give me some tracks to follow ?

3 If the answer to the first question is YES...

I'm struggling in understanding how i can store the information from the PRECONTENT phase. I had in mind to store the response in a variable and use it in the filter. I don't understand the callback mechanism for the variables. Most module only registers GET callback, and if i look at for example upstream module, the variable is actually set in this callback. When is this callback called ?
Can you guide me through this by providing me some pointers to examples ?

Thanks for your help !

kR,

PsyKro

Weird redirect question

November 21, 2018, 12:23 am
$
0
0
Hi all!

I'm trying to figure out if I'm doing something wrong, or if this is normal behavior. I have site aaa.fi which redirects to https://www.bbb.fi , meaning from HTTP to HTTPS. Certificate is for site bbb.fi. This works fine.

However, if I type https://aaa.fi -> browser (chrome) tells me that connection is not secure and it doesn't redirect to site https://www.bbb.fi, which it should.

Hopefully I managed to explain this in an understandable manner. So could someone more experienced tell me if this is expected behavior or is my configuration wrong?

Here's sites conf file (obfuscated for security purposes):

server {
listen 80;
server_name bbb.fi;
access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}

server {
listen 80;
server_name www.bbb.fi;
access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}

server {
listen 443;
server_name bbb.fi www.bbb.fi;

ssl_session_cache shared:SSL:10m;
ssl_session_timeout 60m;

ssl_certificate /PATH;
ssl_certificate_key /PATH;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

ssl_dhparam /PATH;

add_header Strict-Transport-Security "max-age=31536000" always;

ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /PATH.crt;
resolver 213.140.164.26 212.149.120.42;

access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}

Re: Weird redirect question

November 21, 2018, 2:46 am
$
0
0
In your 443 block your doing a "return 301 https://www.aaa.fi$request_uri; " again.

Re: Weird redirect question

November 21, 2018, 3:26 am
$
0
0
itpp2012 Wrote:
-------------------------------------------------------
> In your 443 block your doing a "return 301
> https://www.aaa.fi$request_uri; " again.


Yes, the idea is that if you navigate to bbb.fi OR www.bbb.fi , it will redirect to https://aaa.fi . This https://aaa.fi has certificate. bbb.fi does not have certificate. Is there something wrong in that 443 config?
Viewing all 4759 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>