Nginx reverse proxy can’t forward request

I have a simple config:

http {

server {
listen 8081;
server_name mynginx.local;

location /prom {
auth_basic "Access to Prometheus server";
auth_basic_user_file /etc/nginx/.htpassw;
proxy_pass http://192.168.1.192:9090/;
access_log off;
}

}

and with this config don’t work after i entering username and password, and in the log i see this:

*10 open() “/etc/nginx/html/graph” failed (2: No such file or directory), client: 192.168.1.3, server: mynginx.local, request: “GET /graph HTTP/1.1”, host: “mynginx.local:8081”

but! if i change in the config file this line location /prom to this one location / – all works fine properly!

can anyone asks me why?

server – Understanding the importance of Gunicorn and Nginx for Django web development

When author says that Django can’t handle real workloads, they most likely refer specifically to Django’s built-in webserver.

When you run Django in development environment, you can use it to test things out, but a proper webserver is a fairly complex piece of software and requires very specific competences to build. Moreover, there is no real reason for the people behind Django to also spend time making a fully fleshed-out webserver: it is much easier to build an interface for an existing one.

Nginx is a professionally made workhorse of a server. It is feature-rich and is built to handle production workloads. Most apps use a server like that on the front to handle niche responsibilities like caching, redirection, forming headers, compression etc.

So, now, Gunicorn. Gunicorn is a WSGI server. Broadly speaking, it facilitates communication between a variety of webservers and a variety of frameworks through a standardized interface. Plus it handles additional tasks, like load-balancing and maintaining instances of your app alive, so you don’t have to.

mod security – Tuning nginx /var/lib/nginx/body and ModSecurity

I have nginx set up with ModSecurity (via ModSecurity-nginx). My /var/lib/nginx/body directory fills up quickly. Currently, my /var/lib/nginx/body directory is 2.4gb.

I think this is due to something ModSecurity is doing. Does that sound accurate? If so, is there a configuration option in ModSecurity or nginx to tune this behavior?

nginx reverse proxy and regexp location

here is what I want:

uri like: http://mydomain.xxx:33380/client001 should be redirected to http://10.8.51.21:3780/ui in VPN.
uri like: http://mydomain.xxx:33380/client001/adm should be redirected to http://10.8.51.21:3780 in VPN.

My config here:

map $clientname $back_srv {
 "client000" "10.8.50.1";
 "client001" "10.8.51.21";
 "client002" "10.8.51.25";
 default   "mydomain.xxx";
}

server {
        listen 33380;

        location ~ "^/(client(0-9){3})|/(adm)$" {

                set $clientname $1;
                set $adm $2;
                set $svc_pfix "/ui";

                if ($adm = "adm") {
                        set $svc_pfix "";
                }

                set $svc_port "3780";

                rewrite ^(.*)$ $svc_pfix break;
                proxy_pass http://$back_srv:$svc_port;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";

        }
}

When I go to http://mydomain.xxx:33380/client001 nginx redirects to http://mydomain.xxx:33380/ui and show 404 error. Look like proxy_pass doesn’t works.

I tested other simple config without regexp and map, it works properly:

server {

        listen 888;

        location /svc_loc {
                rewrite ^/svc_loc /(.*) /$1  break;
                proxy_pass http://10.8.51.21:3780;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
        }
}

Any ideas?

nginx – alterar diretório index

acabo vindo recorrer aqui depois de tantas buscas e tentativas fracassadas



arquivo nginx.conf:

user www-data;

sites-enabled/website.conf:

server {
    listen 80;
    listen [::]:80;
    root /var/www/website;
    index index.htm index.html;
    server_name website;
    location / {
    autoindex on;
 }
}


permissão de pasta:
***$sudo chmod -R 755 /var/www/website***

detalhes:
$ls -l /var/www/website
-rwxrwxrwx 1 root root 6 Nov 13 04:57 index.html



alguém pode me explicar o que táh errado?! thanks

Converting nginx reverse proxy (with CSS filter) to IIS10 URL Rewrite

I’m currently using nginx (for Windows) to handle SSL as well as handling my reverse proxies. Below, is an example reverse proxy code for nginx (which also includes a CSS mod):

        location /files {
            proxy_pass http://localhost:999/files;
            proxy_set_header Accept-Encoding "";
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $http_connection;
            sub_filter
            '</head>'
            '<link rel="stylesheet" type="text/css" href="https://github.io/test/CSS/themes/dark.css">
            
            <style>
            .CalendarEvent/downloaded/2vSrJ {
                background: rgba(39, 194, 76, 0.7) !important;
                border-left-color: rgba(39, 194, 76, 0.0) !important;
            }
            </style>

            </head>';
            sub_filter_once on;
        }

Can someone please show me how to setup the same reverse proxy using IIS URL Rewrite? I’m particularly curious about how to handle the CSS mods above. I learn best from real working examples. If someone can post a screenshot, that would be ideal.

PS: Are there any performance benefits/disadvantages switching to IIS URL Rewrite over nginx?

docker – nginx proxy_pass return 502 Bad Gateway

I’m building nginx for reverse_proxy with Spring and Docker

Here is my configuration.

nginx.conf

user  proxy;
worker_processes  auto;
error_log  logs/error.log;
error_log  logs/error.log  notice;
error_log  logs/error.log  info;
pid        logs/nginx.pid;

events {
    worker_connections  1024;
}

http {
    log_format  main  '$remote_addr - $remote_user ($time_local) "$request" '
    '$status $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  logs/access.log  main;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include       mime.types;
    default_type  application/octet-stream;

    include /home/wertkey/nginx/conf/conf.d/*.conf;

    client_max_body_size 200M;
    client_header_buffer_size  48k;

    server {
        listen       7070 default_server;
        listen       (::):7070 default_server;
        server_name  _;
        root         /usr/share/nginx/html;

        location / {
        }

        error_page 404 /404.html;
        location = /404.html {
        }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        }
    }
}

conf.d/default.conf

server {
    listen 7070;
    server_name something.com;

    proxy_connect_timeout   900s;
    proxy_send_timeout      900s;
    proxy_read_timeout      900s;
    send_timeout            900s;

    location ^~ /editor/ {
        proxy_pass http://localhost:8081;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;

        rewrite ^/editor/(/.*)$ $1 break;
    }
}

docker

CONTAINER ID        IMAGE        COMMAND                  CREATED             STATUS              PORTS                    NAMES
a6a6a98a25a9        editor       "/bin/sh -c /usr/l..."   8 minutes ago       Up 8 minutes        0.0.0.0:8081->8080/tcp   editor

My spring server is running at 7070 port.
I want to be this way.

  1. request something.com:7070/api
  2. nginx proxy_pass to 8081
  3. and docker 8081 -> 8080

But response always return 502 Bad Gateway

What am i missing?

nginx – ERR_TUNNEL_CONNECTION_FAILED for my website after installing new SSL certificate

My website groceryshoptest.com was hosted in Digital Ocean droplets with a Nginx server. I’ve used free SSL from Lets encrypts certbot, I’ve just put few commands which added some configuration in etc/nginx/sites-available/groceryshoptest file and installed certificate everything was working fine.
Later I decided to move my server to Linode. So I’ve stopped my previous server, pointed my DNS to my new server address, installed everything and it was working fine over http. Then I again installed certificate from Letsencrypt in my new Linode server. It showed me everything installed successfully. So my problem is I can access the site from Bangladesh but can’t access from USA following error in browser

ERR_TUNNEL_CONNECTION_FAILED

My config file is here

 server {
    server_name groceryshoptest.com;
    root /var/www/html/shop;
    index index.html;
    location / {
        try_files $uri $uri/ /index.html?$args;
    }

    listen (::):443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/groceryshoptest.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/groceryshoptest.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

    server {
    if ($host = groceryshoptest.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen (::):80;
    server_name groceryshoptest.com;
    return 404; # managed by Certbot
}

proxypass – Nginx how to show IP blocked page?

server {
 listen 80;

 listen 443 ssl;

 ssl_certificate /etc/nginx/cert/domain.csr;
 ssl_certificate_key /etc/nginx/cert/domain.key;

 server_name ~^(w+).(w+)$ ;

 location / {
  rewrite ^/(.*) /$1 break;
  proxy_pass https://my-app.ondigitalocean.app/ ;
 }

 error_page 500 502 503 504 /50x.html;
 location = /50x.html {
  root  /usr/share/nginx/html;
 }

 error_page 444 =200 @unavailable.html;
 location = @unavailable.html {
   #root   /usr/share/nginx/html;
   proxy_pass https://myapp.ondigitalocean.app/unavailable.html;
  allow all;
 }

 if ($allowed_country = no) {
  return 444;
 }
}

I have a config like this for my Nginx server. It works fine, but I can’t get IP blocked page it allocated at the remote server (proxy_pass) What I’m missing? Is it even possible? Or I have to copy-paste such page to nginx home ?