The nginx proxy header variable does not work

I'm trying to set up a load balancer with Nginx.

The problem I have for some reason the variable $ host is not working for me when I try to use proxy_set_header

If I have tried to go to http://proxy.domain.com I will give a 404 error, if I check the logs I will give this.

Server: proxy.domain.com, Request: "GET / HTTP / 1.0", upstream: "http://1.2.3.4:80/", Host: "proxy.domain.com"

The IP 1.2.3.4 is the real IP of ss.domain.com, if this is ok, but why are you giving it to me?
http://1.2.3.4:80/ instead of my domain name, so I get the error 404 and do not look right from vhost.

I configured my proxy settings as follows:

Upstream S3 {
server ss.domain.com weight = 2;
Server vv.domain.com;
}
Server {
listen to 80;
listen [::]: 80;
Server name proxy.domain.com;
root /var/www/proxy.domain.com/html;

Location / {
proxy_pass http: // s3;
proxy_set_header Host $ host;
proxy_set_header X-Real-IP $ remote_addr;
proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded Host $ host;
proxy_set_header X-Forwarded Server $ host;
proxy_set_header X-Forwarded Port $ server_port;
proxy_set_header X-Forwarded-Proto $ -Schema;
}
}   

How to replace Apache with NGINX on Ubuntu 18.04




NGINX is the modern web server founded in 2004 by computer software developer Igor Sysoev. NGINX is used by the most frequented websites. NGINX instantly works with most major web stacks, including LEMP stacks (Linux, NGINX, MySQL, PHP). This tutorial assumes that your website is hosted on the Apache web server and you want to migrate to NGINX. The migration process involves replacing NGINX with the Apache web server, without losing website data with less downtime.

Why replace Apache with NGINX?

There are several reasons to replace Apache with NGINX:

  • NGINX is the fastest web server that supports concurrent connections and high site utilization.
  • NGINX consumes less RAM and CPU compared to Apache and is resource efficient.
  • NGINX improves website performance by supporting the built-in cache system for faster access to site static content such as images, CSS, JavaScript, etc.

What is the main difference between Apache and NGINX?

These are the main differences between Apache and NGINX:

  • The main configuration files for Apache and NGINX are located at /etc/apache2/apache2.conf and /etc/nginx/nginx.conf respectively.
  • NGINX uses server block, but Apache uses the virtual host.
  • NGINX and Apache use the same default root directory / var / www / html.
  • NGINX has a built-in cache system, but Apache does not have an integrated cache system.

requirements

Before you start the tutorial, you will need:

  • You need Ubuntu 18.04 VPS with at least 1GB of RAM for smooth operation.
  • The Apache web server must have been previously installed on your VPS.

Step 1: Remove the Apache web server

Before installing NGINX, you must remove the Apache web server to avoid conflicts.

First, stop the Apache service before removing the Apache web server. This will allow us to easily remove Apache.

$ sudo systemctl stops apache2

After stopping Apache, the start Apache entries are removed from systemctl. This will allow us to remove the startup entries so that the Apache services do not start automatically during startup.

$ sudo systemctl disable Apache2

When the Apache services have completed successfully and the boot entries have been removed, the Apache Web server packages must be removed from the system.

$ sudo apt remove apache2

The above command removes only Apache2 packages, but Apache-related dependencies are retained in the system. Be sure to remove these unwanted dependencies to free up disk space. This can be done with a specific command.

$ sudo apt autoremove

The Apache web server has now been successfully removed. The installation of NGINX will be described in the next step.

Step 2: Install the NGINX web server

Let's start with installing NGINX on Ubuntu. The Ubuntu standard repository contains all the packages from NGINX. Installation is straightforward, so you need to install it easily with apt package manager.

First, remove the old apt repository cache and empty it. Then update the repository to load the latest package information and perform a full upgrade to update all installed packages.

$ sudo apt clear everything && sudo apt update && sudo apt dist-upgrade

After updating the repository, it is time to install the updated NGINX packages.

$ sudo apt install nginx

If NGINX has been successfully installed, we will start with the next step, which will help you with the firewall configuration for the NGINX web server.

Step 3: Configure the UFW firewall

The NGINX web server requires HTTP port # 80 and HTTPS port # 443 to work successfully with the firewall. Therefore, it is important to keep this port open for this purpose for NGINX to work properly. The UFW (Unified Firewall) is the default firewall for the Linux distribution of Ubuntu 18.04. Therefore, add firewall rules to allow HTTP and HTTPS ports.

By default, no rules are added to the UFW firewall, so adding these rules is so easy. You must add the HTTP and HTTPS port rules to the UFW firewall. This can be done with simple commands. The NGINX Full rules include both the HTTP and HTTP ports. This way, these ports can be left open by the UFW firewall.

$ sudo ufw allow "Nginx Full"

After adding the firewall rules, it's time to review the rules that were added or updated using these rules with the status command.

$ sudo ufw status

The above command shows an example output.

Status: active

To the action of
------------
80 / tcp ALLOW Anywhere
443 / tcp ALLOW Anywhere
22 / tcp LIMIT Everywhere
Nginx Full ALLOW Everywhere
80 / tcp (v6) ALLOW Anywhere (v6)
443 / tcp (v6) ALLOW Anywhere (v6)
22 / tcp (v6) LIMIT Anywhere (v6)
Nginx Full (v6) ALLOW Anywhere (v6)

The above output shows that you have successfully added the firewall rules and are ready to configure the NGINX web server described in the next step.

Step 4: Understand the configuration file of NGINX Web Server compared to Apache Web Server

The configuration of NGINX is almost identical to that of Apache web servers, but structure and syntax are different with respect to configuration files. This difference can be seen in the example configuration file provided by Apache and NGINX

The Apache configuration file is located at /etc/apache2/sites-available/example.com.conf





Servername example.com
ServerAlias ​​www.example.com
ServerAdmin admin@example.com
DocumentRoot / var / www / html /






Need all granted
AllowOverride None

The sample NGINX configuration file is located at /etc/nginx/sites-available/example.com.conf

Server {
listen to 80;
Server name example.com www.example.com;
root / var / www / html;

Location / {
try_files $ uri $ uri / = 404;
}
}

If you look closely at the two configuration files, you will notice that the Apache configuration file is expressed in the virtual host and the NGINX configuration file is in the server block. After understanding the difference between the Apache configuration file and NGINX. Now you can configure the remaining NGINX configuration files, which will be described in the next step.

Step 5: Configure the NGINX web server

The NGINX has the same features as the Apache web server, but supports faster concurrent connections. The NGINX configuration file uses the server blocks in the configuration. You must configure it to store all of your static web assets, such as HTML, CSS, JavaScript, and images, in the same location as the root of the document.

Note: This manual always assumes that your document root is located / var / www / html and default domain name example.com

In Ubuntu, the NGINX server blocks are under Websites available and Sites enabled Directory in the NGINX configuration directory. You edit the server block files in / etc / nginx / sites-available / and you will create one to enable the server blocks for your domain. This method is highly recommended because you can host more than one Web site, as well as various domains and file locations on your Ubuntu.

$ sudo nano /etc/nginx/sites-available/example.com.conf

Add the specified lines and do not forget to replace them example.com and www.example.com with your base domain name and subdomain to enable server blocks for NGINX.

Server {
listen to 80;
Server name example.com www.example.com;
root / var / www / html;

Location / {
try_files $ uri $ uri / = 404;
}
}

When you have completely added all these lines, press Ctrl + O to save and Ctrl + X to leave the nano text editor.

In NGINX server block configuration files, you create the symbolic join using soft links Websites available and Sites enabled Directory. Softlinks allow you to make changes to the server block configuration file at any time Websites available Directory and it will be replicated immediately Sites enabled Directory.

$ sudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/example.com.conf

You will search for the correct syntax and avoid errors in the NGINX configuration files. This command also tells you where there are errors.

$ sudo nginx -t

If the entire syntax is correct, it will be displayed Syntax OK as an issue. If something goes wrong, please check again if the NGINX server blocks files. When all the steps are completed, restart the services to make changes to the effect.

$ sudo systemctl restart nginx

When all things are done, change the permission for the default NGINX user www-data to enable read, write, and execute permissions on the default Web root directory.

$ sudo chown www-data: www-data / var / www / html

To check if the www-data Users and groups have the default Web Root directory by running the specified long enumeration command

$ ll / var / www / html

After executing this command, the output is displayed www-data User and group belong to the default Web Root directory / var / www / html , This means standard NGINX user www-data can read, write, and execute the default Web Root directory.

Conclusion

Most recently, you successfully replaced Apache with NGINX. Now you can use NGINX for your web property for quick access to web assets and low memory requirements. Finally, the NGINX can be used for various suggestions and it can be used for both static and dynamic websites. For more information about NGINX, see the man pages available in Ubuntu.




http requests can not be routed to the web application in nginx

I have a reactjs application running on port 5000. I want to pass the requirements of Nginx to the web application.

I get the following log

2019/06/20 04:30:10 [error] 17709 # 17709: * 67 connect () failed (111: Connection denied) while connecting to upstream, Client: 72.163.217.106, Server: 159.65.123.84, Request: "GET / HTTP / 1.1", upstream: "http: // / 127.0.0.1:8000/ ", Host:" example.com "
2019/06/20 04:30:10 [error] 17709 # 17709: * 69 connect () failed (111: Connection denied) while connecting to upstream, Client: 72.163.217.106, Server: 159.65.123.84, Request: "GET /favicon.ico HTTP / 1.1, Upstream:" http: //127.0.0.1: 8000 / favicon.ico ", host:" example.com ", reference:" http://example.com/ "
2019/06/20 04:30:10 [error] 17709 # 17709: * 71 connect () failed (111: Connection denied) while connecting upstream, Client: 72.163.217.106, Server: 159.65.123.84, Request: "GET /favicon.ico HTTP / 1.1" , Upstream: "http: //127.0.0.1: 8000 / favicon.ico", host: "example.com", reference: "http://example.com/"

Here is my nginx configuration file under / etc / nginx / sites-available / default

Server {
hear 0.0.0.0:80;
Server name example.com; # or servername subdomain.yourapp.com;

Location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $ remote_addr;
proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for;
proxy_set_header Host $ http_host;
proxy_set_header X-NginX proxy true;

# Enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $ http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
}
}

What could be the reason for this kind of behavior? To correct this problem.

magento2 – Magento 2 + paint + nginx + SSL get real IP

I have a setup for Magento 2 with Nginx + Varnish + SSL in Ubuntu Server 18.04. Now I get with my setup only all the logs in Nginx and in magento admin from the same localhost ip that listens to Varnish.
I want to change that.

How is that best?
With nginx and

ngx_http_realip_module

Or configure Varnish with a GeoIP module I found here:
Lacquer GeoIP

For option one, does this work in my Nginx configuration file?

Server {
listen to 80;
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
    
}

Do I have to change something in Magento?

nginx.conf

File?

Remove nginx – apcu dev

I have manually installed apcu from the source with the following commands:

cd / tmp
Git clone https://github.com/krakjoe/apcu
cd apcu
phpize
./configure
do
sudo make install

How can I remove it? I want a clean way so I can install the live version without any problems.

I use Nginx on Centos7. I use the latest version of PHP.

Reverse Proxy – Nginx proxy_pass works only with a trailing slash

I am trying to host a shiny server in the / shiny / subpath of my website. With the following configuration I can access my demo app via www.example.com/shiny/demo/.

However, if I exclude the last slash from the URI, I'll end up with www.example.com/demo/ instead, which does not exist. I do not know which part of my configuration leads to this redirect: though I have rewrite_log on I do not see anything in error.log. If I remove the rewrite or delete the trailing slash from the proxy_pass, everything will stop working. The final slash in the location directive is not necessarily required (I think so?), But I'd rather keep it, because removing it makes no difference. I am not sure if I need proxy_redirect, but removing does not fix the problem.

Any suggestions on how I can change my configuration to redirect from / shiny / demo to / demo / to / shiny / demo /?

My configuration with the appropriate location below:

# Forward to HTTPS
Server {
list 80 default_server;
listen [::]: 80 default_server;

Server name example.com www.example.com;
Returns 301 https: // $ server_name $ request_uri;
}

# Forward to the WWW subdomain
Server {
listen 443 ssl default_server;
listen [::]: 443 ssl default_server;

ssl_certificate / path / to / cert;
ssl_certificate_key / path / to / key;

add_header Strict-Transport-Security "max-age = 15768000; includeSubDomains; preload" always;

Server name example.com;
return 301 https: //www.example.com$request_uri;
}

# Main server
Server {
hear 443 ssl http2;
listen [::]: 443 ssl http2;

root / path / to / root;

index index.php;
Server name www.example.com;

ssl_certificate / path / to / cert;
ssl_certificate_key / path / to / key;

Shared ssl_session_cache: SSL: 50m;
ssl_session_timeout 1d;
ssl_session_tickets off;

add_header Strict-Transport-Security "max-age = 15768000; includeSubDomains; preload" always;


Location / {
if ($ request_uri ~ ^ / (. *) . html $) {return 302 / $ 1; }
try_files $ uri / $ uri $ uri.html $ uri.php $ is_args $ query_string;
}

Place ~  .php $ {
if ($ request_uri ~ ^ / ([^?]*) . php ($ | ?)) {return 302 / $ 1 $ is_args $ query_string; }
include snippets / fastcgi-php.conf;
fastcgi_pass unix: /run/php/php7.0-fpm.sock;
}


Location ^ ~ / shiny / {
rewrite_log on;
rewrite ^ / shiny /(.*) $ / $ 1 break;
proxy_pass http: // localhost: 1234 /;
proxy_redirect http: // localhost: 1234 / $ scheme: // $ server_name / shiny /;

proxy_http_version 1.1;
proxy_set_header Upgrade $ http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $ remote_addr;
proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for;
proxy_set_header Host $ http_host;
proxy_set_header X-NginX proxy true;
}
}

Nginx behind Proxy and Symfony 4 application

I'm providing a Symfony 4 application that will be available through the proxy: https://proxydomain.com/application

The application works when accessed with the URL without a slash: https://proxydomain.com/application but if I add the slash at the end (https://proxydomain.com/application/) nginx returns 404.

Here is the log fragment of these two examples:

172.20.83.254 - - [11/Jun/2019:16:10:06 +0200] GET / HTTP / 1.1 200 316 - Mozilla / 5.0 (X11; Linux x86_64) AppleWebKit / 537.36 (KHTML, like Gecko) Ubuntu Chromium / 74.0.3729.169 Chrome / 74.0.3729.169 Safari / 537.36
172.20.83.254 - - [11/Jun/2019:16:10:03 +0200] GET // HTTP / 1.1 404 522 - Mozilla / 5.0 (X11; Linux x86_64) AppleWebKit / 537.36 (KHTML, like Gecko) Ubuntu Chromium / 74.0.3729.169 Chrome / 74.0.3729.169 Safari / 537.36

And here is my nginx configuration file:

Server {
Server name _;
root / var / www / application / public;

Location / {
# Try deploying the file directly and access the app.php file
try_files $ uri /index.php$is_args$args;
}

# PROD
Location ~ ^ / index  .php (/ | $) {
fastcgi_pass unix: /var/run/php/php7.2-fpm.sock;
fastcgi_split_path_info ^ (. + . php) (/.*) $;
include fastcgi_params;
# If you use symlinks to link the document root to it
# Current version of your application, you should pass the real one
# Application path instead of the symlink path to PHP
# FPM.
# Otherwise, PHP's OPcache may not recognize changes made to it properly
# Your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126)
# for more informations).
fastcgi_param SCRIPT_FILENAME $ realpath_root $ fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $ realpath_root;
# Prevents URIs containing the front controller. This will be 404:
# http: //domain.tld/app.php/some-path
# Remove the internal directive to allow such URIs
internally;
}

# return 404 for all other PHP files that do not match the front controller
# This prevents access to other PHP files that you do not want to access.
Place ~  .php $ {
return 404;
}

error_log /var/log/nginx/application_error.log;
access_log /var/log/nginx/application_access.log;
}

Do you know what I can do to make it work?

██ 50% DISCOUNT ██ FOR LIFE !!! Cheapest web hosting with Lets Encrypt SSL, Nginx, SSD, cPanel, MySQL

TrexHost.com, Choose a Secure, Reliable and Customer Friendly Web Hosting Provider to Strengthen Your Business.

50% off all shared hosting plans for the duration of your hosting account, if you select an annual billing period.

All accounts are hosted on
– Fast server with two processors
-Php 5.3, 5.4, 5.5, 5.6,7.0+
-cPanel
Virus scan and spam protection
SSD hard drives
Powerful server, extremely low CPU usage, high performance. Great 24/7 customer service
-GD, Curl, Zend, Softaculous.

Shared TrexHost web hosting

Welcome Package– (More information here!)
Bandwidth 25GB
-DiskSpace- 2 GB
-Email Accounts- 5
-Domain- 1
-Cpanel + Softaculous
– $ 1.29 monthly or $ 7.74 / year after 50% off coupon
-Order here!

Economy Package– (More information here!)
Bandwidth – 100 GB
-DiskSpace- 20 GB
-Email Accounts- Unlimited
-Domains- Unlimited
-Cpanel + Softaculous
– $ 2.49 monthly or $ 14.94 / year After 50% off coupon
-Order here!

Extended package– (More information here!)
Bandwidth – 500 GB
-DiskSpace- 50 GB
-Email Accounts- Unlimited
-Domains- Unlimited
-Cpanel + Softaculous
– $ 4.49 / month or $ 29.94 / year, after 50% off coupon
-Order here!

When ordering, use promotional code TREXHOST50 to get a lifetime 50% discount if you select an annual billing cycle.

All of our accounts are created on two-processor servers and SSD disks.
TrexhostHost.comChoose a secure, reliable and customer-friendly web hosting provider to strengthen your business.

KamHost.com 1GB – 6USD / YEAR, Unlimited Hosting – 12USD / YEAR, SSD, Free SSL, Nginx, 24-7 Support

KamHost.com, Choose a Secure, Reliable and Customer Friendly Web Hosting Provider to Boost Your Business.

All accounts are hosted on
-Octa Core, two-processor server
-Php5.3, 5.4, 5.5, 5.6,
-cPanel
Virus scan and spam protection
SSD hard drives
Powerful server, extremely low CPU usage, high performance. Great 24/7 customer service
-GD, Curl, Zend, Softaculous.

KamHost Shared Web Hosting

Welcome Package– (More information here!)
Bandwidth – 10,000 MB
-DiskSpace- 1,000 MB
-Email Accounts- 10
-Domain- 1
-Cpanel + Softaculous
– 6 USD / year
-Order here!

Silver package– (More information here!)
Bandwidth – Unlimited MB
-DiskSpace- Unlimited MB
-Email Accounts- Unlimited
-Domain- 3
-Cpanel + Softaculous
– 12 USD / YEAR
-Order here!

Gold Package– (More information here!)
Bandwidth – Unlimited MB
-DiskSpace- Unlimited MB
-Email Accounts- Unlimited
-Domains- Unlimited
-Cpanel + Softaculous
– 3.99 USD / month or 36 USD / year
-Order here!

All of our accounts are created on Octa Core servers with two processors (16 CPUs total) and SSD disks.
KamHost.comChoose a secure, reliable and customer-friendly web hosting provider to strengthen your business.

Static nginx proxy static file locations for multiple Web applications where static files have the same relative path

I've set up Nginx as a reverse proxy for various web apps running on an Apache server:

/ var / www / app_abc
| -static
| | -app.js
| | -app.css
| -index.html

/ var / www / app_xyz
| -static
| | -app.js
| | -app.css
| -index.html

app_abc runs on the Apache virtual host port 8081
The app_xyz runs on the Apache virtual host port 8082

They work properly in Apache when you access them:

lure http: // localhost: 8081
lure http: // localhost: 8082

Now I only have one domain: real-domain.com
I can not create a subdomain like abc.domain.com or xyz.domain.com

I have the nginx configuration as follows:

By default, app_abc is called when the request is "http://www.real-domain.com":

Location / {
proxy_pass http: // localhost: 8081
}

If you are requesting http://www.real-domain.com/xyz, call app_xyz

location ~ /xyz(.*) {
rewrite ^ / xyz /?(.*) / $ 1 break;
proxy_pass http: // localhost: 8082;
}

for static files

Location ~ ^ / static {
try_files $ uri $ uri / / var / www / app_abc / $ uri / var / www / app_xyz / $ uri;
}

The only problem here is that the requests:

static / app.js
static / app.cs

for "http://www.real-domain.com/xyz" 404 is returned

works for "http://www.real-domain.com/"

my question is :

How are static files provided for different apps where static files in different apps share the same relative paths?