Re: Nginx 404 redirection to error page

[Francis Daly]

On Fri, Apr 08, 2022 at 05:44:08PM +0530, Dhanushka Parakrama wrote:

Hi there,

> when it try to access non existing  page such as   https://example.com/abc
> , then  from nginx page correctly get redirect to the
> *https://example.com/page-not-found

> But when i try to access non non-existing page ( with extension )  such as
>  https://example.com/*abc.js  * it does not get redirected to the
> *https://example.com/page-not-found

What is your config? As in:

* in which location{} is the request /abc.js handled? What is the
error_page directive there, and what handler ("something_pass" directive,
usually) is there?

* in which location{} is the request /abc handled? What is the
error_page directive there, and what handler ("something_pass" directive,
usually) is there?

> So is there any way to fix this issue?  , please advice

Maybe "fastcgi_intercept_errors on;" will help, if you are using
fastcgi_pass.

http://nginx.org/r/fastcgi_intercept_errors

Cheers,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-le...@nginx.org

Nginx 404 redirection to error page

[Dhanushka Parakrama]

Hi All

I have simple drupal site running  and i wanted to redirect 404 pages to a
error page , So i  have following configuration in place

error_page  404 https://example.com/page-not-found;

when it try to access non existing  page such as   https://example.com/abc
, then  from nginx page correctly get redirect to the
*https://example.com/page-not-found
*

But when i try to access non non-existing page ( with extension )  such as
 https://example.com/*abc.js  * it does not get redirected to the
*https://example.com/page-not-found
  *page .

So is there any way to fix this issue?  , please advice

Thank You
___
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-le...@nginx.org

Re: Reverse proxy redirection issue

[Daniel Armando Rodriguez]

El 2021-09-21 09:23, Francis Daly escribió:
On Mon, Sep 20, 2021 at 05:20:55PM -0300, Daniel Armando Rodriguez 
wrote:

El 2021-09-20 13:49, Francis Daly escribió:
> On Sun, Sep 19, 2021 at 10:08:08PM -0300, Daniel Armando Rodriguez
> wrote:


Hi there,


> > curl -i https://4.DOMAIN.edu.ar
> >
> > Returns a redirect to https://4.DOMAIN.edu.ar
>
> And that is a redirect loop, which is not what you want.
>
> When you request https://4.DOMAIN.edu.ar, that should get to nginx,
> which should make a http request to INTERNAL_IP and return the response.



> What response do you get if you start on the nginx server and run the
> command
>
> curl -v -H Host:4.DOMAIN.edu.ar http://INTERNAL-IP/




This is the output

# curl -v -H Host:4.DOMAIN.edu.ar http://INTERNAL-IP/





> GET / HTTP/1.1
> Host:4.DOMAIN.edu.ar



< HTTP/1.1 301 Moved Permanently
< Location: https://1.DOMAIN.edu.ar/


This indicates that the internal web server is returning a redirect to
https://1, when you ask it for http://4.

Is there any chance that that internal web server is not yet configured 
to
believe that it is 4, and it instead redirects to its default name of 
1?


However, the same target machine hosts other services (each one with 
its own

subdomain: 1, 2 & 3) that also go through the proxy. And they work as
expected. Just to compare, this is the output.

# curl -v -H Host:2.DOMAIN.edu.ar http://INTERNAL-IP/



> GET / HTTP/1.1
> Host:2.DOMAIN.edu.ar



< HTTP/1.1 200 OK


(And, presumably, the correct content from 2.)


That might also explain why the first test failed, then started working
-- perhaps the internal web server reloaded its configuration and it
started behaving as expected?

(And maybe it works for 4 now too, if the config reloaded over night?)

Cheers,

f



Well, reloaded conf in internal server but issue is still there. Seems 
there's some odd behaviuor from Apache in that host. So, my quest will 
go that way.


Thanks for taking the time to read.

Regards
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Reverse proxy redirection issue

[Francis Daly]

On Mon, Sep 20, 2021 at 05:20:55PM -0300, Daniel Armando Rodriguez wrote:
> El 2021-09-20 13:49, Francis Daly escribió:
> > On Sun, Sep 19, 2021 at 10:08:08PM -0300, Daniel Armando Rodriguez
> > wrote:

Hi there,

> > > curl -i https://4.DOMAIN.edu.ar
> > > 
> > > Returns a redirect to https://4.DOMAIN.edu.ar
> > 
> > And that is a redirect loop, which is not what you want.
> > 
> > When you request https://4.DOMAIN.edu.ar, that should get to nginx,
> > which should make a http request to INTERNAL_IP and return the response.

> > What response do you get if you start on the nginx server and run the
> > command
> > 
> > curl -v -H Host:4.DOMAIN.edu.ar http://INTERNAL-IP/


> This is the output
> 
> # curl -v -H Host:4.DOMAIN.edu.ar http://INTERNAL-IP/



> > GET / HTTP/1.1
> > Host:4.DOMAIN.edu.ar

> < HTTP/1.1 301 Moved Permanently
> < Location: https://1.DOMAIN.edu.ar/

This indicates that the internal web server is returning a redirect to
https://1, when you ask it for http://4.

Is there any chance that that internal web server is not yet configured to
believe that it is 4, and it instead redirects to its default name of 1?

> However, the same target machine hosts other services (each one with its own
> subdomain: 1, 2 & 3) that also go through the proxy. And they work as
> expected. Just to compare, this is the output.
> 
> # curl -v -H Host:2.DOMAIN.edu.ar http://INTERNAL-IP/

> > GET / HTTP/1.1
> > Host:2.DOMAIN.edu.ar

> < HTTP/1.1 200 OK

(And, presumably, the correct content from 2.)


That might also explain why the first test failed, then started working
-- perhaps the internal web server reloaded its configuration and it
started behaving as expected?

(And maybe it works for 4 now too, if the config reloaded over night?)

Cheers,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Port redirection is not working as expected

[blason]

Hi Team,

Here is one more issue I am facing. I have portal running on
http://test.example.com:8080/AppWise and http://test.example.com/WebAdmin
Now I diverted that portal through Nginx reverse proxy

here is my config
**
server {
listen 8080;
listen 80;
server_name test.example.com;
access_log /var/log/nginx/twprod/access.log;
error_log /var/log/nginx/twprod/error.log;
include /etc/nginx/applox/feeds/badips.txt;
location /AppWise/{
client_max_body_size10m;
client_body_buffer_size 128k;
proxy_send_timeout   90;
proxy_read_timeout   90;
proxy_buffer_size128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_connect_timeout 30s;
proxy_pass http://test.example.com:8080;
proxy_redirect off;
proxy_set_header   Host   $host;
proxy_set_header   X-Real-IP  $remote_addr;
proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /WebAdmin/{
client_max_body_size10m;
client_body_buffer_size 128k;
proxy_send_timeout   90;
proxy_read_timeout   90;
proxy_buffer_size128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_connect_timeout 30s;
proxy_pass http://test.example.com:8080;
proxy_redirect off;
proxy_set_header   Host   $host;
proxy_set_header   X-Real-IP  $remote_addr;
proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
***

The thing is First page open properly and then it asks for username
password; this is fine. now after login suddenly I receive 302 and page is
diverted to http://test/example.com/Appwise/<...REST of the
URI.>

#
10.0.22.99 - - [20/Sep/2021:18:41:05 +0530] "POST
/AppWise/servlet/TeamAccess/Login HTTP/1.1" 302 0
"http://test.example.com:8080/AppWise/servlet/TeamAccess/Login"; "Mozilla/5.0
(Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/93.0.4577.82 Safari/537.36"
10.0.22.99 - - [20/Sep/2021:18:47:42 +0530] "POST
/AppWise/servlet/TeamAccess/Login HTTP/1.1" 302 0
"http://test.example.com:8080/AppWise/servlet/TeamAccess/Login"; "Mozilla/5.0
(Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/93.0.4577.82 Safari/537.36"
10.0.22.99 - - [20/Sep/2021:18:51:04 +0530] "POST
/AppWise/servlet/TeamAccess/Login HTTP/1.1" 302 0
"http://test.example.com:8080/AppWise/servlet/TeamAccess/Login"; "Mozilla/5.0
(Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/93.0.4577.82 Safari/537.36"
###

I expected for this page to stay at http://test.example.com:8080

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,292448,292448#msg-292448

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Reverse proxy redirection issue

[Daniel Armando Rodriguez]

El 2021-09-20 13:49, Francis Daly escribió:
On Sun, Sep 19, 2021 at 10:08:08PM -0300, Daniel Armando Rodriguez 
wrote:

El 2021-09-19 04:00, Francis Daly escribió:


Hi there,


Today I added a new domain, and the issue showed up again.

curl -i http://4.DOMAIN.edu.ar

Returns a redirect to https://4.DOMAIN.edu.ar


Ok, so that much is doing what is wanted.


But

curl -i https://4.DOMAIN.edu.ar

Returns a redirect to https://4.DOMAIN.edu.ar


And that is a redirect loop, which is not what you want.

When you request https://4.DOMAIN.edu.ar, that should get to nginx,
which should make a http request to INTERNAL_IP and return the 
response.



server {
listen 443 ssl http2;

server_name 4.DOMAIN.edu.ar;



location / {
   proxy_http_version  1.1;
   #For Websockets and keepalive connections
   proxy_set_header Upgrade   $http_upgrade;
   proxy_set_header Connection"upgrade";
   #required when using Websockets
   proxy_set_header Host  $host;

...

   proxy_pass http://INTERNAL-IP/;
}


What response do you get if you start on the nginx server and run the 
command


curl -v -H Host:4.DOMAIN.edu.ar http://INTERNAL-IP/

? I'm not sure if the Connection header will make a difference here;
it is possible that some of the X- headers are specially handled by the
internal server; and maybe adding --http1.1 to the curl command line
will make a difference too.

The aim is to see how the internal server responds, to see if there is
an nginx-side config that can be made to make the end-user experience
more useful.



It is possible that the internal server logs, or the nginx debug log,
could give more detail; but the "curl" command is probably relatively
quick to run and interpret.

Cheers,

f


This is the output

# curl -v -H Host:4.DOMAIN.edu.ar http://INTERNAL-IP/
* Expire in 0 ms for 6 (transfer 0x56179d823c10)
*   Trying INTERNAL-IP...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x56179d823c10)
* Connected to INTERNAL-IP (INTERNAL-IP) port 80 (#0)

GET / HTTP/1.1
Host:4.DOMAIN.edu.ar
User-Agent: curl/7.64.0
Accept: */*


< HTTP/1.1 301 Moved Permanently
< Date: Mon, 20 Sep 2021 20:07:38 GMT
< Server: Apache/2.4.38
< X-Pingback: http://1.DOMAIN.edu.ar/xmlrpc.php
< X-Redirect-By: WordPress
< Location: https://1.DOMAIN.edu.ar/
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
<
* Connection #0 to host INTERNAL-IP left intact

However, the same target machine hosts other services (each one with its 
own subdomain: 1, 2 & 3) that also go through the proxy. And they work 
as expected. Just to compare, this is the output.


# curl -v -H Host:2.DOMAIN.edu.ar http://INTERNAL-IP/
* Expire in 0 ms for 6 (transfer 0x55c30497ac10)
*   Trying INTERNAL-IP...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55c30497ac10)
* Connected to INTERNAL-IP (INTERNAL-IP) port 80 (#0)

GET / HTTP/1.1
Host:2.DOMAIN.edu.ar
User-Agent: curl/7.64.0
Accept: */*


< HTTP/1.1 200 OK
< Date: Mon, 20 Sep 2021 20:12:01 GMT
< Server: Apache/2.4.38
< Set-Cookie: PHPSESSID=qujrksv6dbcf4t2pvf53judvnk; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< Vary: Accept-Encoding
< Content-Length: 4364
< Content-Type: text/html; charset=UTF-8

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Reverse proxy redirection issue

[Francis Daly]

On Sun, Sep 19, 2021 at 10:08:08PM -0300, Daniel Armando Rodriguez wrote:
> El 2021-09-19 04:00, Francis Daly escribió:

Hi there,

> Today I added a new domain, and the issue showed up again.
> 
> curl -i http://4.DOMAIN.edu.ar
> 
> Returns a redirect to https://4.DOMAIN.edu.ar

Ok, so that much is doing what is wanted.

> But
> 
> curl -i https://4.DOMAIN.edu.ar
> 
> Returns a redirect to https://4.DOMAIN.edu.ar

And that is a redirect loop, which is not what you want.

When you request https://4.DOMAIN.edu.ar, that should get to nginx,
which should make a http request to INTERNAL_IP and return the response.

> server {
> listen 443 ssl http2;
> 
> server_name 4.DOMAIN.edu.ar;

> location / {
>proxy_http_version  1.1;
>#For Websockets and keepalive connections
>proxy_set_header Upgrade   $http_upgrade;
>proxy_set_header Connection"upgrade";
>#required when using Websockets
>proxy_set_header Host  $host;
...
>proxy_pass http://INTERNAL-IP/;
> }

What response do you get if you start on the nginx server and run the command

curl -v -H Host:4.DOMAIN.edu.ar http://INTERNAL-IP/

? I'm not sure if the Connection header will make a difference here;
it is possible that some of the X- headers are specially handled by the
internal server; and maybe adding --http1.1 to the curl command line
will make a difference too.

The aim is to see how the internal server responds, to see if there is
an nginx-side config that can be made to make the end-user experience
more useful.



It is possible that the internal server logs, or the nginx debug log,
could give more detail; but the "curl" command is probably relatively
quick to run and interpret.

Cheers,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Reverse proxy redirection issue

[Daniel Armando Rodriguez]

El 2021-09-19 22:08, Daniel Armando Rodriguez escribió:

El 2021-09-19 04:00, Francis Daly escribió:
On Sat, Sep 18, 2021 at 09:16:28AM -0300, Daniel Armando Rodriguez 
wrote:

El 2021-09-18 05:03, Francis Daly escribió:
> On Fri, Sep 17, 2021 at 10:24:44PM -0300, Daniel Armando Rodriguez
> wrote:


Hi there,


> if you do
>
> curl -i http://2.DOMAIN.edu.ar
>
> you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar (which
> is not what you want).
>
> Is that correct?

Yep, that was exactly the issu. And saying 'was' 'cause this morning
everything is working like a charm. Without made any further 
modification I
mean. Really don't know what have happened here, but glad to see it 
working

as expected.


Great that you have a config and setup that now does what you want :-)

Now that is isn't broken, with no known changes, it's hard to guess
what might have been the problem. Maybe something restarted overnight,
or caches cleared, or something odd like that.

Cheers,

f


Today I added a new domain, and the issue showed up again.

curl -i http://4.DOMAIN.edu.ar

Returns a redirect to https://4.DOMAIN.edu.ar

But

curl -i https://4.DOMAIN.edu.ar

Returns a redirect to https://4.DOMAIN.edu.ar

I really would like to understand why this happens.

This is the output of nginx -T

# configuration file /etc/nginx/sites-enabled/4.DOMAIN.edu.ar.conf:
server {
listen 80;
server_name 4.DOMAIN.edu.ar;
server_tokens off;
# Don't show the nginx version number

include /etc/nginx/snippets/location-letsencrypt.conf;

return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl http2;

server_name 4.DOMAIN.edu.ar;
server_tokens off;
# Don't show the nginx version number

include /etc/nginx/snippets/location-letsencrypt.conf;
include /etc/nginx/snippets/ssl-params.conf;

ssl_certificate 
/etc/letsencrypt/live/4.DOMAIN.edu.ar/fullchain.pem;
ssl_certificate_key 
/etc/letsencrypt/live/4.DOMAIN.edu.ar/privkey.pem;


location / {
   proxy_http_version  1.1;
   #For Websockets and keepalive connections
   proxy_set_header Upgrade   $http_upgrade;
   proxy_set_header Connection"upgrade";
   #required when using Websockets
   proxy_set_header Host  $host;
   #Contains:
   #   hostname from the request line,
   #   or hostname from the Host request header field,
   #   or the server name matching a request.
   proxy_set_header X-Real-IP $remote_addr;
   #Forwards the real visitor remote IP address
   proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
   #List containing the IP addresses of every server the client
has been proxied through.
   proxy_set_header X-Forwarded-Proto $scheme;
   #When used inside an HTTPS server block,
   #each HTTP response from the proxied server is rewritten to 
HTTPS

   proxy_set_header X-Forwarded-Host  $host;
   #Original host requested by the client
   proxy_set_header X-Forwarded-Port  $server_port;
   #Original port requested by the client
   proxy_pass http://INTERNAL-IP/;
}

access_log /var/log/nginx/4.DOMAIN.edu.ar/access.log;
error_log /var/log/nginx/4.DOMAIN.edu.ar/error.log;

}


Gave a try adding

server {
listen  80;
return  444;
}

server {
listen  443;
return  444;
}

to prevent processing requests with undefined server names, but the 
message was 'Connection closed'

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Reverse proxy redirection issue

[Daniel Armando Rodriguez]

El 2021-09-19 04:00, Francis Daly escribió:
On Sat, Sep 18, 2021 at 09:16:28AM -0300, Daniel Armando Rodriguez 
wrote:

El 2021-09-18 05:03, Francis Daly escribió:
> On Fri, Sep 17, 2021 at 10:24:44PM -0300, Daniel Armando Rodriguez
> wrote:


Hi there,


> if you do
>
> curl -i http://2.DOMAIN.edu.ar
>
> you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar (which
> is not what you want).
>
> Is that correct?

Yep, that was exactly the issu. And saying 'was' 'cause this morning
everything is working like a charm. Without made any further 
modification I
mean. Really don't know what have happened here, but glad to see it 
working

as expected.


Great that you have a config and setup that now does what you want :-)

Now that is isn't broken, with no known changes, it's hard to guess
what might have been the problem. Maybe something restarted overnight,
or caches cleared, or something odd like that.

Cheers,

f


Today I added a new domain, and the issue showed up again.

curl -i http://4.DOMAIN.edu.ar

Returns a redirect to https://4.DOMAIN.edu.ar

But

curl -i https://4.DOMAIN.edu.ar

Returns a redirect to https://4.DOMAIN.edu.ar

I really would like to understand why this happens.

This is the output of nginx -T

# configuration file /etc/nginx/sites-enabled/4.DOMAIN.edu.ar.conf:
server {
listen 80;
server_name 4.DOMAIN.edu.ar;
server_tokens off;
# Don't show the nginx version number

include /etc/nginx/snippets/location-letsencrypt.conf;

return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl http2;

server_name 4.DOMAIN.edu.ar;
server_tokens off;
# Don't show the nginx version number

include /etc/nginx/snippets/location-letsencrypt.conf;
include /etc/nginx/snippets/ssl-params.conf;

ssl_certificate /etc/letsencrypt/live/4.DOMAIN.edu.ar/fullchain.pem;
ssl_certificate_key 
/etc/letsencrypt/live/4.DOMAIN.edu.ar/privkey.pem;


location / {
   proxy_http_version  1.1;
   #For Websockets and keepalive connections
   proxy_set_header Upgrade   $http_upgrade;
   proxy_set_header Connection"upgrade";
   #required when using Websockets
   proxy_set_header Host  $host;
   #Contains:
   #   hostname from the request line,
   #   or hostname from the Host request header field,
   #   or the server name matching a request.
   proxy_set_header X-Real-IP $remote_addr;
   #Forwards the real visitor remote IP address
   proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
   #List containing the IP addresses of every server the client has 
been proxied through.

   proxy_set_header X-Forwarded-Proto $scheme;
   #When used inside an HTTPS server block,
   #each HTTP response from the proxied server is rewritten to HTTPS
   proxy_set_header X-Forwarded-Host  $host;
   #Original host requested by the client
   proxy_set_header X-Forwarded-Port  $server_port;
   #Original port requested by the client
   proxy_pass http://INTERNAL-IP/;
}

access_log /var/log/nginx/4.DOMAIN.edu.ar/access.log;
error_log /var/log/nginx/4.DOMAIN.edu.ar/error.log;

}
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Reverse proxy redirection issue

[Francis Daly]

On Sat, Sep 18, 2021 at 09:16:28AM -0300, Daniel Armando Rodriguez wrote:
> El 2021-09-18 05:03, Francis Daly escribió:
> > On Fri, Sep 17, 2021 at 10:24:44PM -0300, Daniel Armando Rodriguez
> > wrote:

Hi there,

> > if you do
> > 
> > curl -i http://2.DOMAIN.edu.ar
> > 
> > you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar (which
> > is not what you want).
> > 
> > Is that correct?
> 
> Yep, that was exactly the issu. And saying 'was' 'cause this morning
> everything is working like a charm. Without made any further modification I
> mean. Really don't know what have happened here, but glad to see it working
> as expected.

Great that you have a config and setup that now does what you want :-)

Now that is isn't broken, with no known changes, it's hard to guess
what might have been the problem. Maybe something restarted overnight,
or caches cleared, or something odd like that.

Cheers,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Reverse proxy redirection issue

[Daniel Armando Rodriguez]

El 2021-09-18 05:03, Francis Daly escribió:
On Fri, Sep 17, 2021 at 10:24:44PM -0300, Daniel Armando Rodriguez 
wrote:


Hi there,

I am using nginx as a reverse proxy, I managed to configure SSL 
certificates

using LetsEncrypt but nginx does the redirection to the wrong vhost.

This is the configuration of one of the vhost, they are 3 identical 
ones

pointing to the same virtual machine. I have a fourth one pointing to
another virtual machine that works without problems.

I have the domains 1.DOMAIN.edu.ar, 2.DOMAIN.edu.ar and 
3.DOMAIN.edu.ar
pointing to the same internal IP. But any domain I enter in the 
browser the

redirection is made to 1.DOMAIN.edu.ar.


I think you are reporting that if you do

curl -i http://1.DOMAIN.edu.ar

you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar 
(which

is what you want); and if you do

curl -i http://2.DOMAIN.edu.ar

you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar 
(which

is not what you want).

Is that correct?


Yep, that was exactly the issu. And saying 'was' 'cause this morning 
everything is working like a charm. Without made any further 
modification I mean. Really don't know what have happened here, but glad 
to see it working as expected.




If so...


Also set a 4th as default_server, but behaviuor still remains.

This is the vhost configuration
---
# cat /etc/nginx/sites-enabled/2.DOMAIN.edu.ar.conf
server {
listen 80;
server_name 2.DOMAIN.edu.ar;
server_tokens off;
# Don't show the nginx version number

include /etc/nginx/snippets/location-letsencrypt.conf;

#return 301 https://2.DOMAIN.edu.ar$request_uri;
rewrite ^ https://2.DOMAIN.edu.ar$request_uri? permanent;
}


...can you show the "server" blocks that have "listen 80", to make sure
that they each have the expected "server_name" values and 
return/rewrite

value?


At the time the mail was sent I've double check those values.

The output of "nginx -T" should list the configuration that nginx 
actually

reads; that might be simpler to copy from than the files.


(There are other possible things to check too -- perhaps the problem is
not that "curl -i http://2.DOMAIN.edu.ar"; gives the unwanted response,
but that "curl -i https://2.DOMAIN.edu.ar"; gives the unwanted response. 
Or

perhaps the problem is that the requests are not getting to this nginx
at all. But, one step at a time, to identify where the problem is.)


The issue raised on https redirection, indeed. But, as said, no changes 
made at all and now it's all working.



Good luck with it,


Thank's for taking the time to read, and sorry for the noise.


ATB


f


___
Daniel A. Rodriguez
Informática, Conectividad y Sistemas
Universidad Nacional del Alto Uruguay
San Vicente - Misiones - Argentina
www.unau.edu.ar
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Reverse proxy redirection issue

[Francis Daly]

On Fri, Sep 17, 2021 at 10:24:44PM -0300, Daniel Armando Rodriguez wrote:

Hi there,

> I am using nginx as a reverse proxy, I managed to configure SSL certificates
> using LetsEncrypt but nginx does the redirection to the wrong vhost.
> 
> This is the configuration of one of the vhost, they are 3 identical ones
> pointing to the same virtual machine. I have a fourth one pointing to
> another virtual machine that works without problems.
> 
> I have the domains 1.DOMAIN.edu.ar, 2.DOMAIN.edu.ar and 3.DOMAIN.edu.ar
> pointing to the same internal IP. But any domain I enter in the browser the
> redirection is made to 1.DOMAIN.edu.ar.

I think you are reporting that if you do

curl -i http://1.DOMAIN.edu.ar

you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar (which
is what you want); and if you do

curl -i http://2.DOMAIN.edu.ar

you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar (which
is not what you want).

Is that correct?

If so...

> Also set a 4th as default_server, but behaviuor still remains.
> 
> This is the vhost configuration
> ---
> # cat /etc/nginx/sites-enabled/2.DOMAIN.edu.ar.conf
> server {
> listen 80;
> server_name 2.DOMAIN.edu.ar;
> server_tokens off;
> # Don't show the nginx version number
> 
> include /etc/nginx/snippets/location-letsencrypt.conf;
> 
> #return 301 https://2.DOMAIN.edu.ar$request_uri;
> rewrite ^ https://2.DOMAIN.edu.ar$request_uri? permanent;
> }

...can you show the "server" blocks that have "listen 80", to make sure
that they each have the expected "server_name" values and return/rewrite
value?

The output of "nginx -T" should list the configuration that nginx actually
reads; that might be simpler to copy from than the files.


(There are other possible things to check too -- perhaps the problem is
not that "curl -i http://2.DOMAIN.edu.ar"; gives the unwanted response,
but that "curl -i https://2.DOMAIN.edu.ar"; gives the unwanted response. Or
perhaps the problem is that the requests are not getting to this nginx
at all. But, one step at a time, to identify where the problem is.)

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reverse proxy redirection issue

[Daniel Armando Rodriguez]

Hello,

I am new in this world (of nginx) and I have a problem that has me 
crazy.


I am using nginx as a reverse proxy, I managed to configure SSL 
certificates using LetsEncrypt but nginx does the redirection to the 
wrong vhost.


This is the configuration of one of the vhost, they are 3 identical ones 
pointing to the same virtual machine. I have a fourth one pointing to 
another virtual machine that works without problems.


I have the domains 1.DOMAIN.edu.ar, 2.DOMAIN.edu.ar and 3.DOMAIN.edu.ar 
pointing to the same internal IP. But any domain I enter in the browser 
the redirection is made to 1.DOMAIN.edu.ar.


Also set a 4th as default_server, but behaviuor still remains.

This is the vhost configuration
---
# cat /etc/nginx/sites-enabled/2.DOMAIN.edu.ar.conf
server {
listen 80;
server_name 2.DOMAIN.edu.ar;
server_tokens off;
# Don't show the nginx version number

include /etc/nginx/snippets/location-letsencrypt.conf;

#return 301 https://2.DOMAIN.edu.ar$request_uri;
rewrite ^ https://2.DOMAIN.edu.ar$request_uri? permanent;
}

server {
listen 443 ssl http2;

server_name 2.DOMAIN.edu.ar;
server_tokens off;
# Don't show the nginx version number

include /etc/nginx/snippets/location-letsencrypt.conf;

ssl_certificate /etc/letsencrypt/live/2.DOMAIN.edu.ar/fullchain.pem;
ssl_certificate_key 
/etc/letsencrypt/live/2.DOMAIN.edu.ar/privkey.pem;


ssl_session_cache builtin:1000 shared:SSL:10m;
# Defining option to share SSL Connection with Passed Proxy

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# Defining used protocol versions.

ssl_ciphers 
HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;

# Defining ciphers to use.

ssl_prefer_server_ciphers on;
# Enabling ciphers

location / {
   proxy_http_version  1.1;
   #For Websockets and keepalive connections
   proxy_set_header Upgrade   $http_upgrade;
   proxy_set_header Connection"upgrade";
   #required when using Websockets
   proxy_set_header Host  $host;
   #Contains:
   #   hostname from the request line,
   #   or hostname from the Host request header field,
   #   or the server name matching a request.
   proxy_set_header X-Real-IP $remote_addr;
   #Forwards the real visitor remote IP address
   proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
   #List containing the IP addresses of every server the client has 
been proxied through.

   proxy_set_header X-Forwarded-Proto $scheme;
   #When used inside an HTTPS server block,
   #each HTTP response from the proxied server is rewritten to HTTPS
   proxy_set_header X-Forwarded-Host  $host;
   #Original host requested by the client
   proxy_set_header X-Forwarded-Port  $server_port;
   #Original port requested by the client
   proxy_pass http://INTERNAL-IP/;
}

access_log /var/log/nginx/2.DOMAIN.edu.ar/access.log;
error_log /var/log/nginx/2.DOMAIN.edu.ar/error.log;

}
---

Any hint will be much appreciated.


Thanks in advance.-
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Query on nginx. conf file regarding redirection.

[Francis Daly]

On Sat, Oct 31, 2020 at 06:48:00AM +0530, Kaushal Shriyan wrote:
> On Sat, Oct 31, 2020 at 5:13 AM Francis Daly  wrote:

Hi there,

thanks for the extra information.

> > Something like
> >
> >   /usr/local/sbin/nginx -c /etc/nginx.conf -T | grep -e 'server\|listen'
> >
> > where the first three words match whatever your system is doing, will
> > probably be helpful.

> I am sharing the output of cat /etc/nginx/nginx.conf

> > include /etc/nginx/conf.d/*.conf;

That line *might* add lots more config, but...

> #nginx -c /etc/nginx/nginx.conf -T | grep -e 'server\|listen'
> nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /etc/nginx/nginx.conf test is successful
> #server {
> # listen 80;
> server {
>  listen 80;

..that output shows that there is no other config used here.

What error message, if any, do you get when you do

  nginx -c /etc/nginx/nginx.conf

? (I suspect it will complain that it can't bind to port 80, because
another nginx is listening there.)

As a test, if you kill any running nginx process, and do

  nginx -c /etc/nginx/nginx.conf

what happens if you repeat your test request?

Cheers,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Query on nginx. conf file regarding redirection.

[Kaushal Shriyan]

On Sat, Oct 31, 2020 at 5:13 AM Francis Daly  wrote:

> On Fri, Oct 30, 2020 at 10:45:14PM +0530, Kaushal Shriyan wrote:
> > On Fri, Oct 30, 2020 at 4:35 AM Francis Daly  wrote:
>
> Hi there,
>
> > > What does the nginx access log or error log say happened to that
> request?
>
> > I am seeing this below message when I hit
> > http://219.11.134.114/test/_plugin/kibana/app/kibana
> >
> > ==> /var/log/nginx/error.log <==
> > 2020/10/30 17:10:57 [error] 9616#0: *20 open()
> > "/usr/share/nginx/html/test/_plugin/kibana/app/kibana" failed (2: No such
> > file or directory), client: 14.98.153.6, server: , request: "GET
> > /test/_plugin/kibana/app/kibana HTTP/1.1", host: "219.11.134.114"
> >
> > ==> /var/log/nginx/access.log <==
> > 14.98.153.6 - - [30/Oct/2020:17:10:57 +] "GET
> > /test/_plugin/kibana/app/kibana HTTP/1.1" 404 3650 "-" "Mozilla/5.0
> > (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like
> Gecko)
> > Chrome/86.0.4240.111 Safari/537.36" "-"
>
> When a request comes to nginx, first it decides which server{} you
> have configured to handle the request; then it decides which location{}
> in that server{} you have configured to handle the request (more or less).
>
> In this case, the request is being handled by looking at the filesystem;
> that means that it is handled in a location{} that does not have a
> proxy_pass or other similar handler defined.
>
> >  # TEST
> > server {
>
> If you have shown the complete server{} block, then this is not the
> server{} block that the running nginx is using to handle this request.
>
> Maybe there is another location{} in the same server{} block? Or maybe
> there is another server{} in the same configuration? Or maybe the running
> nginx is using a different configuration?
>
>
> Some variant of "ps" should show your running nginx and any "-c" argument
> it has; if you copy that much and add "-T", then find the "server" and
> "listen" lines, it might help identify which server{} block is actually
> configured to be used for this request.
>
> Something like
>
>   /usr/local/sbin/nginx -c /etc/nginx.conf -T | grep -e 'server\|listen'
>
> where the first three words match whatever your system is doing, will
> probably be helpful.
>
> (Do read the output, and edit any information you consider private,
> before pasting into email.)
>
> > Also, I am not sure why it is getting referenced to
> /usr/share/nginx/html/?
> > Is there a way to change the default document root? Please suggest
> further.
>
> Yes, there is -- root (http://nginx.org/r/root).
>
>
>
Hi Francis,

I am sharing the output of cat /etc/nginx/nginx.conf

OS version : CentOS Linux release 7.8.2003 (Core)
nginx version: nginx/1.16.1

cat /etc/nginx/nginx.conf

> # For more information on configuration, see:
> #   * Official English Documentation: http://nginx.org/en/docs/
> #   * Official Russian Documentation: http://nginx.org/ru/docs/
> user nginx;
> worker_processes auto;
> error_log /var/log/nginx/error.log;
> pid /run/nginx.pid;
> # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
> include /usr/share/nginx/modules/*.conf;
> events {
> worker_connections 1024;
> }
> http {
> log_format  main  '$remote_addr - $remote_user [$time_local]
> "$request" '
>   '$status $body_bytes_sent "$http_referer" '
>   '"$http_user_agent" "$http_x_forwarded_for"';
> access_log  /var/log/nginx/access.log  main;
> sendfileon;
> tcp_nopush  on;
> tcp_nodelay on;
> keepalive_timeout   65;
> types_hash_max_size 2048;
> include /etc/nginx/mime.types;
> default_typeapplication/octet-stream;
> # Load modular configuration files from the /etc/nginx/conf.d
> directory.
> # See http://nginx.org/en/docs/ngx_core_module.html#include
> # for more information.
> include /etc/nginx/conf.d/*.conf;
>
> #PROD
> #server {
> # listen 80;
> # location /prod {
> #proxy_set_header   X-Forwarded-For $remote_addr;
> #proxy_set_header   Host $http_host;
> # #   fastcgi_read_timeout 240;
> #proxy_connect_timeout 600;
> #proxy_send_timeout 600;
> #proxy_read_timeout 600;
> #send_timeout 600;
> #proxy_pass
> https://vpc-lab-prod-search-zvf5bfbabstbb7gi5sklqh7ll4.eu-west-1.es.amazonaws.com/
> ;
> #}
> #error_page 404 /404.html;
> #location = /40x.html {
> #}
> #
> # #   location = /img {
> # #  index index.html index.htm index.php;
> # #  root /var/www/html/images/;
> # #   }
> #
> #  location /img {
> #  root   html;
> #  index  index.php index.html index.htm;
> #  }
> #error_page 500 502 503 504 /50x.html;
> #location = /50x.html {
> #}
> #}
> # TEST
> server {
>  listen 80;
>  location /test {
> proxy_set_header   X-Forwarded-For $remote_addr;
>  

Re: Query on nginx. conf file regarding redirection.

[Francis Daly]

On Fri, Oct 30, 2020 at 10:45:14PM +0530, Kaushal Shriyan wrote:
> On Fri, Oct 30, 2020 at 4:35 AM Francis Daly  wrote:

Hi there,

> > What does the nginx access log or error log say happened to that request?

> I am seeing this below message when I hit
> http://219.11.134.114/test/_plugin/kibana/app/kibana
> 
> ==> /var/log/nginx/error.log <==
> 2020/10/30 17:10:57 [error] 9616#0: *20 open()
> "/usr/share/nginx/html/test/_plugin/kibana/app/kibana" failed (2: No such
> file or directory), client: 14.98.153.6, server: , request: "GET
> /test/_plugin/kibana/app/kibana HTTP/1.1", host: "219.11.134.114"
> 
> ==> /var/log/nginx/access.log <==
> 14.98.153.6 - - [30/Oct/2020:17:10:57 +] "GET
> /test/_plugin/kibana/app/kibana HTTP/1.1" 404 3650 "-" "Mozilla/5.0
> (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko)
> Chrome/86.0.4240.111 Safari/537.36" "-"

When a request comes to nginx, first it decides which server{} you
have configured to handle the request; then it decides which location{}
in that server{} you have configured to handle the request (more or less).

In this case, the request is being handled by looking at the filesystem;
that means that it is handled in a location{} that does not have a
proxy_pass or other similar handler defined.

>  # TEST
> server {

If you have shown the complete server{} block, then this is not the
server{} block that the running nginx is using to handle this request.

Maybe there is another location{} in the same server{} block? Or maybe
there is another server{} in the same configuration? Or maybe the running
nginx is using a different configuration?


Some variant of "ps" should show your running nginx and any "-c" argument
it has; if you copy that much and add "-T", then find the "server" and
"listen" lines, it might help identify which server{} block is actually
configured to be used for this request.

Something like

  /usr/local/sbin/nginx -c /etc/nginx.conf -T | grep -e 'server\|listen'

where the first three words match whatever your system is doing, will
probably be helpful.

(Do read the output, and edit any information you consider private,
before pasting into email.)

> Also, I am not sure why it is getting referenced to /usr/share/nginx/html/?
> Is there a way to change the default document root? Please suggest further.

Yes, there is -- root (http://nginx.org/r/root).

But that is not the problem here.

Cheers,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Query on nginx. conf file regarding redirection.

[Kaushal Shriyan]

On Fri, Oct 30, 2020 at 4:35 AM Francis Daly  wrote:

> On Thu, Oct 29, 2020 at 11:42:11PM +0530, Kaushal Shriyan wrote:
>
> Hi there,
>
> > When I hit this URL http://219.11.134.114/test/_plugin/kibana/app/kibana
> on
> > the browser it does not get redirected to
> > https://vpc-lab-test-search-7hyay88a9kjuisl.eu-north-1.es.amazonaws.com/
> ;
>
> What does the nginx access log or error log say happened to that request?
>
> Also: what IP address does
> vpc-lab-test-search-7hyay88a9kjuisl.eu-north-1.es.amazonaws.com have
> right now; and what IP address did it have when nginx was started?
>
>
> Your test request goes to port 80 on a specific IP address; your nginx
> is listening on port 81 on a non-specified IP address -- if the nginx
> logs do not show that this nginx got that request, then that's a thing
> to fix before the nginx config.
>
> And your proxy_pass is to a hostname that will be resolved once,
> at startup; if the remote address changes, your nginx config will not
> notice the change.
>
> > Similarly, when I hit this URL
> > http://219.11.134.114/prod/_plugin/kibana/app/kibana on the browser it
> does
> > not get redirected to
> > https://vpc-lab-prod-search-9aay182kkjoisl.eu-north-1.es.amazonaws.com/
>
> Same questions; same reasons (except this nginx does listen on port 80).
>
> Cheers,
>
>
>


Hi Francis,

I am seeing this below message when I hit
http://219.11.134.114/test/_plugin/kibana/app/kibana

==> /var/log/nginx/error.log <==
2020/10/30 17:10:57 [error] 9616#0: *20 open()
"/usr/share/nginx/html/test/_plugin/kibana/app/kibana" failed (2: No such
file or directory), client: 14.98.153.6, server: , request: "GET
/test/_plugin/kibana/app/kibana HTTP/1.1", host: "219.11.134.114"

==> /var/log/nginx/access.log <==
14.98.153.6 - - [30/Oct/2020:17:10:57 +] "GET
/test/_plugin/kibana/app/kibana HTTP/1.1" 404 3650 "-" "Mozilla/5.0
(Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/86.0.4240.111 Safari/537.36" "-"


 # TEST
server {
 listen 80;
 location /test {
proxy_set_header   X-Forwarded-For $remote_addr;
proxy_set_header   Host $http_host;
#fastcgi_read_timeout 240;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
proxy_pass
https://vpc-lab-test-search-7hyay88a9kjuisl.eu-north-1.es.amazonaws.com/;
}
error_page 404 /404.html;
location = /40x.html {
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

Also, I am not sure why it is getting referenced to /usr/share/nginx/html/?
Is there a way to change the default document root? Please suggest further.

Best Regards,
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Query on nginx. conf file regarding redirection.

[Francis Daly]

On Thu, Oct 29, 2020 at 11:42:11PM +0530, Kaushal Shriyan wrote:

Hi there,

> When I hit this URL http://219.11.134.114/test/_plugin/kibana/app/kibana on
> the browser it does not get redirected to
> https://vpc-lab-test-search-7hyay88a9kjuisl.eu-north-1.es.amazonaws.com/;

What does the nginx access log or error log say happened to that request?

Also: what IP address does
vpc-lab-test-search-7hyay88a9kjuisl.eu-north-1.es.amazonaws.com have
right now; and what IP address did it have when nginx was started?


Your test request goes to port 80 on a specific IP address; your nginx
is listening on port 81 on a non-specified IP address -- if the nginx
logs do not show that this nginx got that request, then that's a thing
to fix before the nginx config.

And your proxy_pass is to a hostname that will be resolved once,
at startup; if the remote address changes, your nginx config will not
notice the change.

> Similarly, when I hit this URL
> http://219.11.134.114/prod/_plugin/kibana/app/kibana on the browser it does
> not get redirected to
> https://vpc-lab-prod-search-9aay182kkjoisl.eu-north-1.es.amazonaws.com/

Same questions; same reasons (except this nginx does listen on port 80).

Cheers,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Query on nginx. conf file regarding redirection.

[Kaushal Shriyan]

Hi,

I have a specific query regarding the below /etc/nginx/nginx.conf file.

When I hit this URL http://219.11.134.114/test/_plugin/kibana/app/kibana on
the browser it does not get redirected to
https://vpc-lab-test-search-7hyay88a9kjuisl.eu-north-1.es.amazonaws.com/;

# TEST
server {
 listen 81;
 location /test {
proxy_set_header   X-Forwarded-For $remote_addr;
proxy_set_header   Host $http_host;
fastcgi_read_timeout 240;
proxy_pass
https://vpc-lab-test-search-7hyay88a9kjuisl.eu-north-1.es.amazonaws.com/;
}
error_page 404 /404.html;
location = /40x.html {
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

Similarly, when I hit this URL
http://219.11.134.114/prod/_plugin/kibana/app/kibana on the browser it does
not get redirected to
https://vpc-lab-prod-search-9aay182kkjoisl.eu-north-1.es.amazonaws.com/

# PROD
server {
 listen 80;
 location /prod {
proxy_set_header   X-Forwarded-For $remote_addr;
 proxy_set_header   Host $http_host;
fastcgi_read_timeout 240;
 proxy_pass
https://vpc-lab-prod-search-9aay182kkjoisl.eu-north-1.es.amazonaws.com/;;
}
error_page 404 /404.html;
location = /40x.html {
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

Any help will be highly appreciated. Thanks in Advance and I look forward
to hearing from you.

Best Regards,

Kaushal
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Force SSL redirection to target service host for all protocols

[siva.pannier]

Thanks Francis!

I was able to resolve that after a creating a Keystore jks with my cert &
key and pointing my java code to that store using the system property, after
that added keystore manager to the SSL context.

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,288541,288716#msg-288716

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Force SSL redirection to target service host for all protocols

[Francis Daly]

On Tue, Jul 14, 2020 at 09:55:04AM -0400, siva.pannier wrote:

Hi there,

> Output from the server when client initiated the connection is.. 
> #

> javax.net.ssl.SSLHandshakeException: no cipher suites in common

That suggests that the ssl client (nginx) and the ssl server (your code)
are unable to agree on how to set up a suitable ssl session.

Possibly the nginx side will have (debug) logs showing what it tried
and what response it got.

Your nginx config does say what ciphers nginx should try; does your
server accept one of those?

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Force SSL redirection to target service host for all protocols

[siva.pannier]

Extremely sorry, I mentioned the wrong port in that post.. Actually I am
using the correct port number.. 

Client (Windows + non SSL):8091  ==> Nginx host (ubuntu vm+ SSL redirection)
==> TCP server (Windows + SSL enabled)

TCP server listening on 8091
Nginx Server listening on 8091
Client makes call to Nginx on 8091

I modified my server code for additional debugging as below

#
ServerSocketFactory ssf = SSLServerSocketFactory.getDefault();
int port = 8091;
ServerSocket ss = ssf.createServerSocket(port);

while (true) {

  try {
  Socket sock = ss.accept();
  System.out.println("Timeout set is " + sock.getSoTimeout());
  System.out.println("New client connected");

  PrintWriter pw = new PrintWriter(sock.getOutputStream());
  pw.println(new Date().toString() + " from port: "+port);
  System.out.println("Data ready to sent to client");
  pw.flush();
  //pw.close();
  System.out.println("Data sent to client");
  
  System.out.println("Ready to read client data");
  BufferedReader br = new BufferedReader(new
InputStreamReader(sock.getInputStream()));
  String data = br.readLine();
  System.out.println("Data received from Client: "+ data);
  //br.close();
  
  sock.close();
  System.out.println("Socket closed");


Output from the server when client initiated the connection is.. 
#
Timeout set is 0
New client connected
Data ready to sent to client
Data sent to client
Ready to read client data
I/O error: Connection has been shutdown:
javax.net.ssl.SSLHandshakeException: no cipher suites in common
Exception in thread "main" javax.net.ssl.SSLException: Connection has been
shutdown: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.SSLSocketImpl.checkEOF(Unknown Source)
at sun.security.ssl.AppInputStream.read(Unknown Source)
at sun.nio.cs.StreamDecoder.readBytes(Unknown Source)
at sun.nio.cs.StreamDecoder.implRead(Unknown Source)
at sun.nio.cs.StreamDecoder.read(Unknown Source)
at java.io.InputStreamReader.read(Unknown Source)
at java.io.BufferedReader.fill(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at com.att.tcp.server.TCPSServer.main(TCPSServer.java:37)
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ServerHandshaker.chooseCipherSuite(Unknown Source)
at sun.security.ssl.ServerHandshaker.clientHello(Unknown Source)
at sun.security.ssl.ServerHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown 
Source)
at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at sun.security.ssl.AppOutputStream.write(Unknown Source)
at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
at sun.nio.cs.StreamEncoder.flush(Unknown Source)
at java.io.OutputStreamWriter.flush(Unknown Source)
at java.io.BufferedWriter.flush(Unknown Source)
at java.io.PrintWriter.flush(Unknown Source)
at com.att.tcp.server.TCPSServer.main(TCPSServer.java:31)

Error was thrown on the line  "pw.flush();" in the above code




Output from the client is
#

I/O error: Connection reset
Exception in thread "main" java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(Unknown Source)
at java.net.SocketInputStream.read(Unknown Source)
at sun.security.ssl.InputRecord.readFully(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown 
Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.att.client.tcp.TimeClient.main(TimeClient.java:34)

Error is thrown on the client code " socket

Re: Force SSL redirection to target service host for all protocols

[Francis Daly]

On Mon, Jul 13, 2020 at 02:57:34PM -0400, siva.pannier wrote:

Hi there,

> https://docs.nginx.com/nginx/admin-guide/security-controls/securing-tcp-traffic-upstream/
> 
> My TCP (non-ssl) client is able to hit the TCP Server (SSL enabled) via the
> Nginx (proxy_ssl) but buffered reader gets back only 'null'

When my client is "nc", and my server is "openssl s_server -port 12345",
things seem to work for me. Anything I write on one end is shown on the
other, with nginx handling the ssl/no-ssl translation.

> Server code:
> #
> ServerSocketFactory ssf = SSLServerSocketFactory.getDefault();
> int port = 8091;
> ServerSocket ss = ssf.createServerSocket(port);

This looks like your server wants to listen on port 8091.

Your nginx configuration suggests that nginx listens on 8091, and talks
to the server on 12345.

> Nginx Conf:
> 
> stream {
> upstream backend {
> server backend1.example.com:12345;
>}
> 
> server {
> listen 8091;
> proxy_pass backend;
> proxy_ssl  on;

Match the ports, and it should work.

Cheers,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Force SSL redirection to target service host for all protocols

[siva.pannier]

Hi there,

I have tried doing TCP redirection to a backend TCP server with SSL enabled
following the below URL.

https://docs.nginx.com/nginx/admin-guide/security-controls/securing-tcp-traffic-upstream/

My TCP (non-ssl) client is able to hit the TCP Server (SSL enabled) via the
Nginx (proxy_ssl) but buffered reader gets back only 'null'

Client code:
##
Socket socket = new Socket(hostname, port);
InputStream input = socket.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(input));
String time = reader.readLine(); //returns only null
System.out.println(time);

Server code:
#
ServerSocketFactory ssf = SSLServerSocketFactory.getDefault();
int port = 8091;
ServerSocket ss = ssf.createServerSocket(port);

while (true) {
  Socket sock = ss.accept();
  try {
  System.out.println("New client connected");
  //BufferedReader br = new BufferedReader(new
InputStreamReader(sock.getInputStream()));
  //String data = br.readLine();
  PrintWriter pw = new PrintWriter(sock.getOutputStream());
  pw.println(new Date().toString() + " from port: "+port);
  pw.flush();
  pw.close();
  sock.close();



Nginx Conf:

stream {
upstream backend {
server backend1.example.com:12345;
   }

server {
listen 8091;
proxy_pass backend;
proxy_ssl  on;

proxy_ssl_certificate /etc/ssl/certs/backend.crt;
proxy_ssl_certificate_key /etc/ssl/certs/backend.key;
proxy_ssl_protocols   TLSv1 TLSv1.1 TLSv1.2;
proxy_ssl_ciphers HIGH:!aNULL:!MD5;
proxy_ssl_trusted_certificate /etc/ssl/certs/trusted_ca_cert.crt;

proxy_ssl_verifyon;
proxy_ssl_verify_depth  2;
proxy_ssl_session_reuse on;
}
}


can somebody please suggest what is wrong with the above configuration?

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,288541,288680#msg-288680

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Force SSL redirection to target service host for all protocols

[siva.pannier]

Hi.. 

> An you want your clients to talk to nginx without encryption, and for
> nginx to talk to upstream with encryption.

Yup this is what I am trying to achieve. Started testing on these scenarios.
Will you keep you all posted on the results.

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,288541,288663#msg-288663

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Force SSL redirection to target service host for all protocols

[Francis Daly]

On Fri, Jul 03, 2020 at 09:12:56AM -0400, siva.pannier wrote:

Hi there,

> I want all my client applications make call to the service host via proxy.
> And the hosted services are TLSv1.2 enabled. Clients are not in a position
> to upgrade. Hence I want to enforce the SSL encryption when the call
> routed/redirected to the target from proxy.

I may be misunderstanding the terminology, but I think your scenario is
that your clients speak their protocol over a "normal" (non-encrypted)
network connection; and your (upstream) servers allow the protocol both
directly over a "normal" connection, or over a SSL-wrapped connection.

An you want your clients to talk to nginx without encryption, and for
nginx to talk to upstream with encryption.

If nginx does not already have a dedicated module for the protocol you
care about, then possibly the "stream" module with "proxy_ssl" will work
for you.

http://nginx.org/en/docs/stream/ngx_stream_proxy_module.html

That *does* depend on the nature of the protocol, of course -- if the
protocol does not easily allow proxying, then it is not going to easily
work through the nginx stream proxy.

> I have seen few blogs that talks about HTTP to HTTPS redirection. I want to
> do that for all protocols like TCPS, UDPS(DTLS), SMTPS, IIOPS. 
> 
> Can you please share your suggestions on this?

If my protocol writes IP addresses or ports within the content payload,
then a "blind" traffic-forwarder (as "stream" mostly is) will probably
not be able to reliably proxy things that use my protocol.

For the specific protocols you care about: can they be proxied?

I suspect that the list will be interested in the results of your testing,
if you are willing to share them.

Thanks,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Force SSL redirection to target service host for all protocols

[siva.pannier]

Can somebody please comment on this?

Thanks,
Siva

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,288541,288565#msg-288565

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Force SSL redirection to target service host for all protocols

[siva.pannier]

Hi,

I want all my client applications make call to the service host via proxy.
And the hosted services are TLSv1.2 enabled. Clients are not in a position
to upgrade. Hence I want to enforce the SSL encryption when the call
routed/redirected to the target from proxy.

I have seen few blogs that talks about HTTP to HTTPS redirection. I want to
do that for all protocols like TCPS, UDPS(DTLS), SMTPS, IIOPS. 

Can you please share your suggestions on this?


Thanks,
Siva

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,288541,288541#msg-288541

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Nginx Lowercase URL and Redirection

[Francis Daly]

On Sat, Apr 18, 2020 at 11:05:36AM -0400, mustafa.chapal wrote:

Hi there,

> First, URLs like www.example.com/new-arrivalS which include a character like
> hyphen are not triggering on the following location.

Works for me. What other location do you have that does handle this
request?

==
  location ~ [A-Z] {
return 200 "Does match A-Z\n";
  }
  location / {
return 200 "Does not match A-Z\n";
  }
==
$ curl http://127.0.0.1/new-arrivalS
Does match A-Z
$ curl http://127.0.0.1/new-arrivals
Does not match A-Z


> Second, URLs like www.example.com/dealS?p=2 get redirected to
> www.example.com/deals instead of www.example.com/deals?p=2
> 
> location ~ [A-Z] {
>   return 307 $scheme://$host$my_uri_to_lowercase;
> }
> 
> Kindly help me resolve both the issues.

Either change your $my_uri_to_lowercase to include the query string;
or change the return line to be

  return 307 $scheme://$host$my_uri_to_lowercase$is_args$args;

http://nginx.org/r/$is_args and http://nginx.org/r/$args for details.

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Nginx Lowercase URL and Redirection

[mustafa.chapal]

Hi,

I am facing two issues.

First, URLs like www.example.com/new-arrivalS which include a character like
hyphen are not triggering on the following location.

Second, URLs like www.example.com/dealS?p=2 get redirected to
www.example.com/deals instead of www.example.com/deals?p=2

location ~ [A-Z] {
  return 307 $scheme://$host$my_uri_to_lowercase;
}

Kindly help me resolve both the issues.

Thank you

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,287707,287707#msg-287707

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Web site not working on port redirection

[Francis Daly]

On Fri, May 10, 2019 at 12:31:43PM -0400, cox123456a wrote:

Hi there,

> Thanks for the detailed explanation. I agree with your diagnostic.

> I really need a way to bring 80 to 8000 and make it work.

Another way to approach this could be to change your code. It would make
it more efficient (avoiding one http redirect each time); but the real
reason to do it is to work around the particular nginx issue.

That is, where you currently have

===
class NavButton extends Component {
handleModuleNav = action => {
let to = "/" + action;
window.location = to;
};

render = () => {
return (
   this.handleModuleNav("admin")}>
 GO TO ADMIN
  
)
}
}
===

the intention is to make a request for "/admin". You could change that
so that it make a request for "/admin/"; either by changing one line to be

let to = "/" + action + "/";

or by changing another to be

   this.handleModuleNav("admin/")}>

Either of those changes would avoid nginx having to tell the client
to switch from /admin to /admin/. It would not fix the general case,
but that might not matter for your specific case.

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Web site not working on port redirection

[Francis Daly]

On Fri, May 10, 2019 at 12:31:43PM -0400, cox123456a wrote:

Hi there,

> I really need a way to bring 80 to 8000 and make it work.

I've not used it; but you could try "absolute_redirect off"
(http://nginx.org/r/absolute_redirect) and see if your clients are happy
with the response from that.

Instead of automatic redirects going to http://name:port/place, they would
just go to /place, and let the clients assume that the http://name:port
part matches what the original url had.

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Web site not working on port redirection

[cox123456a]

Added port 8000:

listen 8000 default_server;

Unfortunatelly It does not work. Same behaviour I'm out of ideas...

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,284120,284124#msg-284124

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Web site not working on port redirection

[cox123456a]

Hi Francis,

Thanks for the detailed explanation. I agree with your diagnostic.

In fact I've tried to listen on port 8000 and it works properly. The problem
is that I cannot let this port open on LAN, just 80 due to security
requirements. And port 80 cannot be opened to the internet, so I need to use
a high numbered port (8000). Sounds strange but that's my scenario.

I really need a way to bring 80 to 8000 and make it work.


Repair that NGINX seens to knowsthat the request is coming from port 8000 (I
can see in the logs and my print of window.location shows it), I just need a
way to optionally include it in the redirected address. Some log events when
navigating:

190.254.100.100 - - [10/May/2019:09:53:29 -0300] "POST /graphql HTTP/1.1"
200 1372895 "http://190.80.200.100:8000/admin/running"; "Mozilla/5.0
(Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/74.0.3729.131 Safari/537.36"
190.254.100.100 - - [10/May/2019:09:53:59 -0300] "POST /graphql HTTP/1.1"
200 1386 "http://190.80.200.100:8000/admin/orders"; "Mozilla/5.0 (Macintosh;
Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/74.0.3729.131 Safari/537.36"
190.254.100.100 - - [10/May/2019:09:54:00 -0300] "POST /graphql HTTP/1.1"
200 191740 "http://190.80.200.100:8000/admin/orders"; "Mozilla/5.0
(Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/74.0.3729.131 Safari/537.36"
205.185.100.100 - - [10/May/2019:10:12:12 -0300] "GET / HTTP/1.1" 200 580
"http://190.80.200.100:8000/"; "Mozilla/5.0 (compatible; MSIE 10.0; Windows
NT 6.1; Trident/6.0)"

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,284120,284122#msg-284122

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Web site not working on port redirection

[Francis Daly]

On Fri, May 10, 2019 at 07:57:14AM -0400, cox123456a wrote:

Hi there,

> When I click to change the module (from admin to analytics, for example),
> I'm loosing the port number:
> http://170.180.190.200:8000/admin => http://170.180.190.200/analytics  (Page
> breaks as the port is missing)

You can check the nginx logs to be sure; but what I suspect is happening
is that when you change to analytics, your browser makes a request
for http://170.180.190.200:8000/analytics, which gets a redirect to
http://170.180.190.200/analytics/. And the second one is the one that
fails for you, because you want it to keep the port from the Host:
header in the http redirection from nginx.

If that is the case...

> How can I configure NGINX to forcelly add the port number when I change the
> module?

I think that you cannot easily.

When nginx generates a http redirection, it can use the hostname from the
Host: header, and it can use the port that the request came to nginx on;
but it cannot (I think) use the port that was listed in the Host: header.

One possible way, which may or may not be useful in your case, would
be to change your nginx so that it listens on both port 80 and 8000;
and change your port forwarding so that [external] port 8000 is sent to
[nginx] port 8000 (instead of to the current [nginx] port 80).

With that config, then I think that internal things that talk to port
80 will continue to talk to port 80; while external things that talk to
port 8000, will have their redirects-from-nginx directed to port 8000
(because they are now talking to nginx-port-8000).

That is, in nginx, where you have

> server {
>   listen 80 default_server;

add an extra line

>   listen 8000 default_server;

and change this:

> My router configuration (page 8000 to 80):
> 
> https://unix.stackexchange.com/questions/518085/accessing-nginx-behind-a-virtual-server-looses-port-number/518183?noredirect=1#5181833

to go to port 8000 instead of port 80.

Untested by me, but it looks like it should work.

Good luck testing it!

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Web site not working on port redirection

[cox123456a]

I've post this on SO but no solution after weeks, so I think here I have a
better chance as this is being critical to myself.

I have the following NGINX setup:

server {
  listen 80 default_server;

  root /var/www/serviceserver1;
  index index.html index.htm;  

  location /api {
proxy_redirect  http://localhost:3001/  /api;
proxy_pass_header   Server;
proxy_set_headerX-Real-IP $remote_addr;
proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_headerX-Scheme $scheme;
proxy_set_headerHost $http_host;
proxy_set_headerX-NginX-Proxy true;
proxy_connect_timeout   5;
proxy_read_timeout  240;
proxy_intercept_errors  on;

proxy_pass  http://localhost:3001;
}

location /graphql {
proxy_redirect  http://localhost:3001/  /graphql;
proxy_pass_header   Server;
proxy_set_headerX-Real-IP $remote_addr;
proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_headerX-Scheme $scheme;
proxy_set_headerHost $http_host;
proxy_set_headerX-NginX-Proxy true;
proxy_connect_timeout   5;
proxy_read_timeout  240;
proxy_intercept_errors  on;

proxy_pass  http://localhost:3001;
   }

  # Root route
  location = / {
try_files $uri /landing/index.html;
  }

  # admin routes
  location /admin {
try_files $uri $uri/ /admin/index.html;
  }

  # analytics routes
  location /analytics {
try_files $uri $uri/ /analytics/index.html;
  }

  # landing routes
  location /landing {
try_files $uri $uri/ /landing/index.html;
  }

  # Any other route default to landing
  location / {
try_files $uri $uri/ /landing/index.html;
  }
}

landing, analytics, admin are my application modules, where I navigate using
window.location = "/admin" in example. All works fine in my LAN, all fine,
no problems.

Now I have setup a Virtual Server on my access point/router to access the
system from the internet. I'm not allowed on this IP to access port 80 from
the Internet, so I've redirected port 8000 to 80 in the Virtual Server.

Now, every time I navigate from the Internet, my pages are breaking. Let me
explain better:

Navigating inside a module works fine:
http://170.180.190.200:8000/admin => http://170.180.190.200:8000/admin
(FINE)
http://170.180.190.200:8000/admin/home =>
http://170.180.190.200:8000/admin/home (FINE)
http://170.180.190.200:8000/admin/page1 =>
http://170.180.190.200:8000/admin/page1 (FINE)

When I click to change the module (from admin to analytics, for example),
I'm loosing the port number:
http://170.180.190.200:8000/admin => http://170.180.190.200/analytics  (Page
breaks as the port is missing)

How can I configure NGINX to forcelly add the port number when I change the
module?

Inside the application, just before calling window.location:

console.log(windows.location);

ancestorOrigins: DOMStringList {length: 0}
assign: ƒ ()
hash: ""
host: "170.80.224.142:8000"
hostname: "170.80.224.142"
href: "http://170.80.224.142:8000/";
origin: "http://170.80.224.142:8000";
pathname: "/"
port: "8000"
protocol: "http:"
reload: ƒ reload()
replace: ƒ ()
search: ""
toString: ƒ toString()
valueOf: ƒ valueOf()
Symbol(Symbol.toPrimitive): undefined
__proto__: Location

Component that changes the module (ReactJS):

class NavButton extends Component {
handleModuleNav = action => {
let to = "/" + action;
window.location = to;
};

render = () => {
return (
   this.handleModuleNav("admin")}>
 GO TO ADMIN
  
)
}
}


My router configuration (page 8000 to 80):

https://unix.stackexchange.com/questions/518085/accessing-nginx-behind-a-virtual-server-looses-port-number/518183?noredirect=1#5181833

Thanks for helping. This is being critical for my production site.

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,284120,284120#msg-284120

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Nginx reverse proxy redirection combinations

[Francis Daly]

On Thu, Apr 11, 2019 at 01:07:53PM +0200, Andr� Auchecorne wrote:

Hi there,

> Could you please help me? I'm trying to figure out if with Nginx Reverse 
> Proxy it is possible to redirect trafic as in the following cases?
> 
> 1- IP==>IP
...

For each of these, I do not understand what you are trying to achieve.

Could you rephrase your question, perhaps giving an example of the
intended input and the desired output?

In general: for http, nginx acts as web server (e.g. issuing http
redirects) or as a reverse proxy (e.g., presenting the content from one
web server as if it came from this web server); while for tcp or udp
("stream"), nginx acts as a proxy (packet forwarder, with rewritten
source/destination).

That summary is incorrect, but hopefully close enough to allow you to
gauge what might be doable.

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Nginx reverse proxy redirection combinations

[Andr� Auchecorne]

Hi Every one!

Could you please help me? I'm trying to figure out if with Nginx Reverse Proxy 
it is possible to redirect trafic as in the following cases?

1- IP==>IP
2- IP==>Port
3- IP==>URL
4- IP==>Domaine Name
5- IP==>URI

6- Port==>IP
6- Port==>Port
8- Port==>URL
9- Port==>Domaine Name
10- Port==>URI

11- URL==>IP
12- URL==>Port
13- URL==>URL
14- URL==>Domaine Name
15- URL==>URI

16- Domaine Name==>IP
17- Domaine Name==>Port
18- Domaine Name==>URL
19- Domaine Name==>Domaine Name
20- Domaine Name==>URI

21- URI==>IP
22- URI==>Port
23- URI==>URL
24- URI==>Domaine Name
25- URI==>URI

Thank you very much for any assistance!
Kind regards!
André
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Nginx tries to open the html file and through error 404. I expected the redirection to the php script

[dertin]

Hi,

Nginx tries to open the html file and through error 404. 
I expected the redirection to the php script.

server {

listen 443 ssl http2 fastopen=500 reuseport;
listen [::]:443 ssl http2 fastopen=500 reuseport ipv6only=on;
server_name www.testing.com.uy;
resolver 1.1.1.1 1.0.0.1 valid=300s;

charset utf-8;

root /var/www/webdisk/testing.com.uy/htdocs;

autoindex off;
index load.php index.php index.html;

pagespeed Disallow "*";
pagespeed Allow "​https://www.testing.com.uy/*";;
pagespeed Disallow "*/blog/*";
pagespeed Disallow "*/ws/*";
pagespeed Disallow "*/not-exist-file/*";

# Script PHP - WORK
location ~ \.php$ {
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/run/php/php7-fpm.sock;
}

# Wordpress - WORK
location ~ /blog/ {

index index.php;
try_files $uri $uri/ /blog/index.php?$args;
break;
}
# NOT WORK With \.html
# Nginx tries to open the html file and through error 404.
# I expected the redirection to the php script.
location ~ /not-exist-file/([a-zA-Z0-9-]*)\.html$ {

rewrite /not-exist-file/([a-zA-Z0-9-]*)\.html$
/not-exist-file/post.php?name=$1 last;
break;

}
location ~* /(.+)$ {

# /test.html -> /public/prov/test.html - WORK
if (-f $document_root/public/prov/$1.html) {

rewrite (.+)$ /public/prov/$1.html last;
break;

}
# Framework PHP - WORK
if (!-e $request_filename) {

rewrite (.+)$ /load.php?request=$1 last;

break;
}
}
}

Error:

[debug] 50772#0: *64 Passing on content handling for non-pagespeed resource
'​https://www.testing.com.uy/not-exist-file/test.html'

[error] 50772#0: *64 open()
"/var/www/webdisk/testing.com.uy/htdocs/not-exist-file/test.html" failed (2:
No such file or directory), client: X.X.X.X, server: www.testing.com.uy,
request: "GET /not-exist-file/test.html HTTP/2.0", ...


Regards.
Guillermo.


Version:

uname -a

Linux host 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2018-10-08) x86_64
GNU/Linux

nginx -V

nginx version: nginx/1.15.6 built by gcc 6.3.0 20170516 (Debian
6.3.0-18+deb9u1) built with OpenSSL 1.1.1 11 Sep 2018 TLS SNI support
enabled configure arguments: --prefix=/usr/share/nginx
--sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf
--pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log --user=www-data --group=www-data
--without-mail_pop3_module --without-mail_imap_module
--without-mail_smtp_module --without-http_uwsgi_module
--without-http_scgi_module --without-http_memcached_module
--with-http_ssl_module --with-http_stub_status_module
--with-http_gzip_static_module --with-http_v2_module --with-file-aio
--with-http_realip_module --with-http_sub_module
--with-ld-opt='-L/usr/local/lib -Wl,-rpath,/usr/local/lib -ljemalloc'
--with-cc-opt='-m64 -march=native -DTCP_FASTOPEN=23 -g -O3
-fstack-protector-strong -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat
-Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -gsplit-dwarf'
--add-module=/var/tmp/nginx_build/nginx_src/./incubator-pagespeed-ngx-1.13.35.2-stable

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,282219,282219#msg-282219

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Nginx redirection

[Enrico]

Hi,

Thanks for your help.

Your solution is good, my server works !

Thanks

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,279813,280143#msg-280143

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Nginx redirection

[Aleksandar Lazic]

Hi.

On 16/05/2018 02:22, Enrico wrote:

Hi,

I have a nginx server (called mynginxserver) and need to redirect some
urls
:

I want to have all url with the string tso:

http://www.mynginxserver.com/XXtsoX

redirected to

https://myserver.com/XXtsoX

if the string tso is in the url and redirect to

http://www.mynottsoserver.com/XXX

if the string tso is not present.

   XXtsoX and XXX must be keep.
   The string "tso" can ben anywhere in the last parameter (tsoX,
Xtso, tso, etc.)

I think i need to use the location and rewrite directive but don't know how
to do that.

Thanks for your help


Please can you take a look into this documents.

https://nginx.org/en/docs/http/request_processing.html
https://nginx.org/en/docs/http/ngx_http_core_module.html#location
https://nginx.org/en/docs/varindex.html

I suggest two locations like this,untested.

```
location ~ tso {
 return 302 https://myserver.com/$uri
}

location / {
 return 302 https://www.mynottsoserver.com/$uri
}

```

Regards
Aleks


Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,279813,279813#msg-279813

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: POST redirection with NGINX

[Aleksandar Lazic]

Hi Pedro

On 18/05/2018 16:02, pedrobrigatto wrote:
> Hi guys, 
> 
> The base name of a web application has changed and now I need to implement a
> redirection of POST requests so that, whenever clients already using the old
> base path are not affected by this modification. So, let's say the old path
> to a web service is https://ip-address/old-name/rest/mymethod and now it is
> going to be https://ip-address/new-name/rest/mymethod
> 
> I tried both return 307 and rewrite rules but nothing worked until now. 
> Can you please give me a hand on this?

This will not work without proper post handling.

https://duckduckgo.com/?q=post+redirect+data

Why not using a proxy_pass with new-name?
https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass

Untested

location /old-name/rest/mymethod {
  proxy_pass https://ip-address/new-name/rest/mymethod;
}

> Thank you very much in advance!
> 
> Best regards, 
> Pedro

Best regards
Aleks

> Posted at Nginx Forum: 
> https://forum.nginx.org/read.php?2,279868,279868#msg-279868
> 
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

POST redirection with NGINX

[pedrobrigatto]

Hi guys, 

The base name of a web application has changed and now I need to implement a
redirection of POST requests so that, whenever clients already using the old
base path are not affected by this modification. So, let's say the old path
to a web service is https://ip-address/old-name/rest/mymethod and now it is
going to be https://ip-address/new-name/rest/mymethod

I tried both return 307 and rewrite rules but nothing worked until now. 
Can you please give me a hand on this?

Thank you very much in advance!

Best regards, 
Pedro

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,279868,279868#msg-279868

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Nginx redirection

[Enrico]

Hi,

I have a nginx server (called mynginxserver) and need to redirect some urls
:

I want to have all url with the string tso:

http://www.mynginxserver.com/XXtsoX

redirected to

https://myserver.com/XXtsoX

if the string tso is in the url and redirect to

http://www.mynottsoserver.com/XXX

if the string tso is not present.

XXtsoX and XXX must be keep.
The string "tso" can ben anywhere in the last parameter (tsoX,
Xtso, tso, etc.)

I think i need to use the location and rewrite directive but don't know how
to do that.

Thanks for your help

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,279813,279813#msg-279813

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

RE: Redirection

[Jason Whittington]

One easy newbie mistake to make is leaving out trailing slashes for location 
and proxy_pass blocks.   I'd expect the location block to look something like 
this:

location /app/ {
   proxy_pass http://tomcatdomain/application_name/;
}

Note the trailing slashes after /app/ and /application_name/. Without them the 
routing is not going to do what you want.

Jason

-Original Message-
From: nginx [mailto:nginx-boun...@nginx.org] On Behalf Of imrickysingh
Sent: Thursday, February 22, 2018 7:18 AM
To: nginx@nginx.org
Subject: [IE] Redirection

Hi guys,

I am new to nginx and facing some problem with my setup.

In my setup i have nginx and tomcat with the application running on tomcat as 
http://tomcatdomain/application_name. I want to redirect to application if 
someone hit http://nginxdomain/app. I am able to do the redirection using 
location block as:

location /app {
  proxy_pass $tomcatdomain;
  proxy_set_header Host $host;
  proxy_pass_request_headers  on;
}

http://nginxdomain/app gives default tomcat page but i am not being able to 
reach the application.
If i do like: http://nginxdomain/app/application_name, then it doesn't go 
anywhere but gives me the default tomcat page



Regards,
Ricky Singh

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,278722,278722#msg-278722

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

This message contains proprietary information from Equifax which may be 
confidential. If you are not an intended recipient, please refrain from any 
disclosure, copying, distribution or use of this information and note that such 
actions are prohibited. If you have received this transmission in error, please 
notify by e-mail postmas...@equifax.com. Equifax® is a registered trademark of 
Equifax Inc. All rights reserved.
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection

[Aziz Rozyev]

Hi,

show your full config, usually there is no need to set variable like 
$tomcatdomain,

proxy_pass http://tomcatdomain;

is enough.

br,
Aziz.





> On 22 Feb 2018, at 16:17, imrickysingh  wrote:
> 
> Hi guys,
> 
> I am new to nginx and facing some problem with my setup.
> 
> In my setup i have nginx and tomcat with the application running on tomcat
> as http://tomcatdomain/application_name. I want to redirect to application
> if someone hit http://nginxdomain/app. I am able to do the redirection using
> location block as:
> 
> location /app {
>  proxy_pass $tomcatdomain;
>  proxy_set_header Host $host;
>  proxy_pass_request_headers  on;
> }
> 
> http://nginxdomain/app gives default tomcat page but i am not being able to
> reach the application.
> If i do like: http://nginxdomain/app/application_name, then it doesn't go
> anywhere but gives me the default tomcat page
> 
> 
> 
> Regards,
> Ricky Singh
> 
> Posted at Nginx Forum: 
> https://forum.nginx.org/read.php?2,278722,278722#msg-278722
> 
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Redirection

[imrickysingh]

Hi guys,

I am new to nginx and facing some problem with my setup.

In my setup i have nginx and tomcat with the application running on tomcat
as http://tomcatdomain/application_name. I want to redirect to application
if someone hit http://nginxdomain/app. I am able to do the redirection using
location block as:

location /app {
  proxy_pass $tomcatdomain;
  proxy_set_header Host $host;
  proxy_pass_request_headers  on;
}

http://nginxdomain/app gives default tomcat page but i am not being able to
reach the application.
If i do like: http://nginxdomain/app/application_name, then it doesn't go
anywhere but gives me the default tomcat page



Regards,
Ricky Singh

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,278722,278722#msg-278722

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Login-Credentials based redirection?

[B.R. via nginx]

You could use a map to match proxy_pass URI to user names, and then use a
single password file for the auth_basic module.
​This removes the need of having specific location URI for each user,
although you could still keep doing it if they are part of your
requirements.
---
*B. R.*

On Fri, Apr 7, 2017 at 5:41 PM, Ajay Garg  wrote:

> I have been searching if it is possible to do a one-to-one mapping,
> something like ::
>
> location /9000
> {
> auth_basic
> auth_value username9000:password9000
> proxy_pass http://localhost:9000
> }
>
> location /9001
> {
> auth_basic
> auth_value username9002:password9002
> proxy_pass http://localhost:9001
> }
>
> Also, ports 9000, 9001 will be firewalled from the public.
>
>
> Above will ensure that someone wanting to get access to say port 9000,
> will have to come via http://1.2.3.4/9000. and must know the credentials
> username9000:password9000
>
> Do I make sense?
> If yes, can someone please point me out as to how to specify
> username:password on the URL basis.
>
>
> Thanks and Regards,
> Ajay
>
> On Fri, Apr 7, 2017 at 7:15 PM, Ajay Garg  wrote:
>
>> Hi All.
>>
>> We have setup multiple ssh-reverse tunnels, and our server will be
>> listening to ports from 9000 to 1.
>> The server will have a public-IP, and we DO NOT want just anyone to look
>> into any of the ports by trying ::
>>
>> http://1.2.3.4:9000
>> http://1.2.3.4:9001 and so on ...
>>
>>
>> So, we are wondering if we can do something like this ::
>>
>>
>> 1. User types in a URL, let's say https://1.2.3.4/index.html
>> 2. The user gets presented with a login/password page.
>> 3. Depending upon the credentials passed, the user gets "proxied" to the
>> appropriate end-url.
>>
>> So, a user with credentials for port 9000 will ONLY be able to see
>> http://1.2.3.4:9000
>> A user with credentials for port 9001 will ONLY be able to see
>> http://1.2.3.4:9001, and so on ..
>>
>> An important point to note that the URLs http://1.2.3.4:9000,
>> http://1.2.3.4:9001 must be not be directly accessible, else it defeats
>> the purpose of authentication at first place.
>>
>> Is the above approach feasible logically and technically-via-nginx?
>>
>>
>> Will be grateful for pointers.
>>
>>
>> Thanks and Regards,
>> Ajay
>>
>
>
>
> --
> Regards,
> Ajay
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Login-Credentials based redirection?

[Ajay Garg]

I have been searching if it is possible to do a one-to-one mapping,
something like ::

location /9000
{
auth_basic
auth_value username9000:password9000
proxy_pass http://localhost:9000
}

location /9001
{
auth_basic
auth_value username9002:password9002
proxy_pass http://localhost:9001
}

Also, ports 9000, 9001 will be firewalled from the public.


Above will ensure that someone wanting to get access to say port 9000, will
have to come via http://1.2.3.4/9000. and must know the credentials
username9000:password9000

Do I make sense?
If yes, can someone please point me out as to how to specify
username:password on the URL basis.


Thanks and Regards,
Ajay

On Fri, Apr 7, 2017 at 7:15 PM, Ajay Garg  wrote:

> Hi All.
>
> We have setup multiple ssh-reverse tunnels, and our server will be
> listening to ports from 9000 to 1.
> The server will have a public-IP, and we DO NOT want just anyone to look
> into any of the ports by trying ::
>
> http://1.2.3.4:9000
> http://1.2.3.4:9001 and so on ...
>
>
> So, we are wondering if we can do something like this ::
>
>
> 1. User types in a URL, let's say https://1.2.3.4/index.html
> 2. The user gets presented with a login/password page.
> 3. Depending upon the credentials passed, the user gets "proxied" to the
> appropriate end-url.
>
> So, a user with credentials for port 9000 will ONLY be able to see
> http://1.2.3.4:9000
> A user with credentials for port 9001 will ONLY be able to see
> http://1.2.3.4:9001, and so on ..
>
> An important point to note that the URLs http://1.2.3.4:9000,
> http://1.2.3.4:9001 must be not be directly accessible, else it defeats
> the purpose of authentication at first place.
>
> Is the above approach feasible logically and technically-via-nginx?
>
>
> Will be grateful for pointers.
>
>
> Thanks and Regards,
> Ajay
>



-- 
Regards,
Ajay
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Login-Credentials based redirection?

[Ajay Garg]

Hi All.

We have setup multiple ssh-reverse tunnels, and our server will be
listening to ports from 9000 to 1.
The server will have a public-IP, and we DO NOT want just anyone to look
into any of the ports by trying ::

http://1.2.3.4:9000
http://1.2.3.4:9001 and so on ...


So, we are wondering if we can do something like this ::


1. User types in a URL, let's say https://1.2.3.4/index.html
2. The user gets presented with a login/password page.
3. Depending upon the credentials passed, the user gets "proxied" to the
appropriate end-url.

So, a user with credentials for port 9000 will ONLY be able to see
http://1.2.3.4:9000
A user with credentials for port 9001 will ONLY be able to see
http://1.2.3.4:9001, and so on ..

An important point to note that the URLs http://1.2.3.4:9000,
http://1.2.3.4:9001 must be not be directly accessible, else it defeats the
purpose of authentication at first place.

Is the above approach feasible logically and technically-via-nginx?


Will be grateful for pointers.


Thanks and Regards,
Ajay
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Trailing Slash redirection poblem

[Muhammad Yousuf Khan]

Thanks for the info. will check on that.



On Wed, May 4, 2016 at 12:22 AM, Francis Daly  wrote:

> On Mon, May 02, 2016 at 05:48:12PM +0500, Muhammad Yousuf Khan wrote:
>
> Hi there,
>
> > Thanks for the reply, actually we have 5 categories. and then we have
> > hundred plus post in each category. now when user click on our category.
> he
> > sees intro about the category and then list of all posts.
> > when user click on catagory it open up like this
> > https://.com/catagory/
>
> It sounds to me like that is an internal-to-wordpress thing, so you
> may be better off removing any clever nginx config and just configure
> wordpress to create the links that you want it to create.
>
> (I do not know if it possible to configure wordpress like that.)
>
> > and when post is clicked it opens up like this
> > https://.com/catagory/posts.html
> >
> > but now what client want is when some one open up the category it should
> > open up like this.
> > https://.com/catagory (with out trailing slash)
>
> When someone clicks on catagory, they are following a link in whatever
> html was returned from their previous request. If that link has a trailing
> slash, they'll ask for the trailing slash.
>
> If the content on the catagory page contains links like "post1.html",
> then you will need the trailing slash -- or you will need to change
> the content to be of the form "catagory/post1.html". That should all be
> configurable within wordpress, if anywhere.
>
> Good luck with it,
>
> f
> --
> Francis Dalyfran...@daoine.org
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Trailing Slash redirection poblem

[Francis Daly]

On Mon, May 02, 2016 at 05:48:12PM +0500, Muhammad Yousuf Khan wrote:

Hi there,

> Thanks for the reply, actually we have 5 categories. and then we have
> hundred plus post in each category. now when user click on our category. he
> sees intro about the category and then list of all posts.
> when user click on catagory it open up like this
> https://.com/catagory/

It sounds to me like that is an internal-to-wordpress thing, so you
may be better off removing any clever nginx config and just configure
wordpress to create the links that you want it to create.

(I do not know if it possible to configure wordpress like that.)

> and when post is clicked it opens up like this
> https://.com/catagory/posts.html
> 
> but now what client want is when some one open up the category it should
> open up like this.
> https://.com/catagory (with out trailing slash)

When someone clicks on catagory, they are following a link in whatever
html was returned from their previous request. If that link has a trailing
slash, they'll ask for the trailing slash.

If the content on the catagory page contains links like "post1.html",
then you will need the trailing slash -- or you will need to change
the content to be of the form "catagory/post1.html". That should all be
configurable within wordpress, if anywhere.

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Trailing Slash redirection poblem

[Muhammad Yousuf Khan]

 first of all my apologies if i question something inapplicable , this
could be the result of my less knowledge in nginx. i hope you guys don't
mind.

Thanks for the reply, actually we have 5 categories. and then we have
hundred plus post in each category. now when user click on our category. he
sees intro about the category and then list of all posts.
when user click on catagory it open up like this
https://.com/catagory/

and when post is clicked it opens up like this
https://.com/catagory/posts.html


but now what client want is when some one open up the category it should
open up like this.
https://.com/catagory (with out trailing slash)

This is all what they want.

Thanks,
Yousuf


On Mon, May 2, 2016 at 2:18 PM, Francis Daly  wrote:

> On Sun, May 01, 2016 at 01:16:51PM +0500, Muhammad Yousuf Khan wrote:
>
> Hi there,
>
> > >>The configuration you have shown says "if the request is for /live/,
> > >>ask the browser to instead request /live".
> >
> > >>The configuration you have not shown says "if the request is for /live,
> > >>ask the browser to instead request /live/".
> >
> > Thanks for the tip I think I got the problem but could not resolve it.
>
> If you make the request for "/live", what response do you actually want?
>
> The contents of some file? The output of wordpress being given some
> arguments? Be as specific as possible, and it is much more likely that
> you will understand how nginx needs to be configured to do that.
>
> > >>So: why do you want to remove the trailing slash, in the shown
> > >>configuration?
> > Actually this is a requirement from my client.
>
> Sometimes, the correct response to a client requirement is "no".
>
> It is not yet clear to me whether this is one of those times.
>
> f
> --
> Francis Dalyfran...@daoine.org
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Trailing Slash redirection poblem

[Francis Daly]

On Sun, May 01, 2016 at 01:16:51PM +0500, Muhammad Yousuf Khan wrote:

Hi there,

> >>The configuration you have shown says "if the request is for /live/,
> >>ask the browser to instead request /live".
> 
> >>The configuration you have not shown says "if the request is for /live,
> >>ask the browser to instead request /live/".
> 
> Thanks for the tip I think I got the problem but could not resolve it.

If you make the request for "/live", what response do you actually want?

The contents of some file? The output of wordpress being given some
arguments? Be as specific as possible, and it is much more likely that
you will understand how nginx needs to be configured to do that.

> >>So: why do you want to remove the trailing slash, in the shown
> >>configuration?
> Actually this is a requirement from my client.

Sometimes, the correct response to a client requirement is "no".

It is not yet clear to me whether this is one of those times.

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Trailing Slash redirection poblem

[B.R.]

So these opposite redirection rules are fighting each other and are the
source of your problem, which Francis helped you to alleviate.

Sit back, grab an erasable whiteboard, scratch your head and think about
your website's design: both rules probably have their use in their own
corner, but you shall not have them activated at the same spot at any given
time, as it will result in an infinite loop: a computer does exactly what
you tell it to do. There is nothing stupider than that.
The problem lies between the desk and the chair. ;o)

​Do not merely copy-paste pre-cooked Wordpress-hypothetically-ready
configuration directives​. Try to recreate it by hand, understanding the
use and intention of every line.
nginx docs <http://nginx.org/en/docs/> will most probably come helpful.

Enjoy learning! :o)
---
*B. R.*

On Sun, May 1, 2016 at 10:18 AM, Muhammad Yousuf Khan 
wrote:

> just want to make it more clear that when i comment out this line #try_files
> $uri $uri.html $uri/ /index.php?q=$request_uri; error become 404 from
> redirection loop error.
>
> On Sun, May 1, 2016 at 1:16 PM, Muhammad Yousuf Khan 
> wrote:
>
>>
>> >>The configuration you have shown says "if the request is for /live/,
>> >>ask the browser to instead request /live".
>>
>> >>The configuration you have not shown says "if the request is for /live,
>> >>ask the browser to instead request /live/".
>>
>> Thanks for the tip I think I got the problem but could not resolve it.
>> try_files $uri $uri.html $uri/ /index.php?q=$request_uri;
>> I even tried deleting “$uri.html $uri/” but still creating loop. I know
>> this is a important line to display wordpress pages .  now the error turn
>> 404 from redirection loop.
>>
>> >>You should not have both of those in the same configuration file, or
>> >>you get a loop.
>>
>> Yes I got this now as shared. Thanks for the tip again.
>>
>> >>The not-shown configuration is usually a very good idea if "/live"
>> >>is to be served from the filesystem and corresponds to a directory.
>>
>> >>So: why do you want to remove the trailing slash, in the shown
>> >>configuration?
>> Actually this is a requirement from my client.
>>
>> >>If you want /live to redirect to /live/, then you should configure thing
>> >>such that /live/ does not redirect to /live.
>>
>> No I want /live/ to be redirected to /live and the rule which is
>> redirecting /live to /live/ and ending up as loop Is also important.  Any
>> helpful advice is highly appreciated.
>>
>>
>> On Sat, Apr 30, 2016 at 1:40 PM, Francis Daly  wrote:
>>
>>> On Sat, Apr 30, 2016 at 12:47:20PM +0500, Muhammad Yousuf Khan wrote:
>>>
>>> Hi there,
>>>
>>> > I have been trying to remove the trailing slash with this redirection
>>> rule.
>>> > rewrite ^/(.*)/$ /$1 permanent;
>>> >
>>> > however it is creating a loop.
>>> >
>>> > curl -I https://.com/live/
>>> >
>>> > HTTP/1.1 301 Moved Permanently
>>> > Location: https://.com/live
>>>
>>> > curl -I https://.com/live
>>> >
>>> > HTTP/1.1 301 Moved Permanently
>>> > Location: https://.com/live/
>>>
>>> > Can you please guide what i am doing wrong here.
>>>
>>> The configuration you have shown says "if the request is for /live/,
>>> ask the browser to instead request /live".
>>>
>>> The configuration you have not shown says "if the request is for /live,
>>> ask the browser to instead request /live/".
>>>
>>> You should not have both of those in the same configuration file, or
>>> you get a loop.
>>>
>>> The not-shown configuration is usually a very good idea if "/live"
>>> is to be served from the filesystem and corresponds to a directory.
>>>
>>> So: why do you want to remove the trailing slash, in the shown
>>> configuration?
>>>
>>> If you want /live to redirect to /live/, then you should configure thing
>>> such that /live/ does not redirect to /live.
>>>
>>> f
>>> --
>>> Francis Dalyfran...@daoine.org
>>>
>>> ___
>>> nginx mailing list
>>> nginx@nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>
>>
>>
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Trailing Slash redirection poblem

[Muhammad Yousuf Khan]

just want to make it more clear that when i comment out this line #try_files
$uri $uri.html $uri/ /index.php?q=$request_uri; error become 404 from
redirection loop error.

On Sun, May 1, 2016 at 1:16 PM, Muhammad Yousuf Khan 
wrote:

>
> >>The configuration you have shown says "if the request is for /live/,
> >>ask the browser to instead request /live".
>
> >>The configuration you have not shown says "if the request is for /live,
> >>ask the browser to instead request /live/".
>
> Thanks for the tip I think I got the problem but could not resolve it.
> try_files $uri $uri.html $uri/ /index.php?q=$request_uri;
> I even tried deleting “$uri.html $uri/” but still creating loop. I know
> this is a important line to display wordpress pages .  now the error turn
> 404 from redirection loop.
>
> >>You should not have both of those in the same configuration file, or
> >>you get a loop.
>
> Yes I got this now as shared. Thanks for the tip again.
>
> >>The not-shown configuration is usually a very good idea if "/live"
> >>is to be served from the filesystem and corresponds to a directory.
>
> >>So: why do you want to remove the trailing slash, in the shown
> >>configuration?
> Actually this is a requirement from my client.
>
> >>If you want /live to redirect to /live/, then you should configure thing
> >>such that /live/ does not redirect to /live.
>
> No I want /live/ to be redirected to /live and the rule which is
> redirecting /live to /live/ and ending up as loop Is also important.  Any
> helpful advice is highly appreciated.
>
>
> On Sat, Apr 30, 2016 at 1:40 PM, Francis Daly  wrote:
>
>> On Sat, Apr 30, 2016 at 12:47:20PM +0500, Muhammad Yousuf Khan wrote:
>>
>> Hi there,
>>
>> > I have been trying to remove the trailing slash with this redirection
>> rule.
>> > rewrite ^/(.*)/$ /$1 permanent;
>> >
>> > however it is creating a loop.
>> >
>> > curl -I https://.com/live/
>> >
>> > HTTP/1.1 301 Moved Permanently
>> > Location: https://.com/live
>>
>> > curl -I https://.com/live
>> >
>> > HTTP/1.1 301 Moved Permanently
>> > Location: https://.com/live/
>>
>> > Can you please guide what i am doing wrong here.
>>
>> The configuration you have shown says "if the request is for /live/,
>> ask the browser to instead request /live".
>>
>> The configuration you have not shown says "if the request is for /live,
>> ask the browser to instead request /live/".
>>
>> You should not have both of those in the same configuration file, or
>> you get a loop.
>>
>> The not-shown configuration is usually a very good idea if "/live"
>> is to be served from the filesystem and corresponds to a directory.
>>
>> So: why do you want to remove the trailing slash, in the shown
>> configuration?
>>
>> If you want /live to redirect to /live/, then you should configure thing
>> such that /live/ does not redirect to /live.
>>
>> f
>> --
>> Francis Dalyfran...@daoine.org
>>
>> ___
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Trailing Slash redirection poblem

[Muhammad Yousuf Khan]

>>The configuration you have shown says "if the request is for /live/,
>>ask the browser to instead request /live".

>>The configuration you have not shown says "if the request is for /live,
>>ask the browser to instead request /live/".

Thanks for the tip I think I got the problem but could not resolve it.
try_files $uri $uri.html $uri/ /index.php?q=$request_uri;
I even tried deleting “$uri.html $uri/” but still creating loop. I know
this is a important line to display wordpress pages .  now the error turn
404 from redirection loop.

>>You should not have both of those in the same configuration file, or
>>you get a loop.

Yes I got this now as shared. Thanks for the tip again.

>>The not-shown configuration is usually a very good idea if "/live"
>>is to be served from the filesystem and corresponds to a directory.

>>So: why do you want to remove the trailing slash, in the shown
>>configuration?
Actually this is a requirement from my client.

>>If you want /live to redirect to /live/, then you should configure thing
>>such that /live/ does not redirect to /live.

No I want /live/ to be redirected to /live and the rule which is
redirecting /live to /live/ and ending up as loop Is also important.  Any
helpful advice is highly appreciated.


On Sat, Apr 30, 2016 at 1:40 PM, Francis Daly  wrote:

> On Sat, Apr 30, 2016 at 12:47:20PM +0500, Muhammad Yousuf Khan wrote:
>
> Hi there,
>
> > I have been trying to remove the trailing slash with this redirection
> rule.
> > rewrite ^/(.*)/$ /$1 permanent;
> >
> > however it is creating a loop.
> >
> > curl -I https://.com/live/
> >
> > HTTP/1.1 301 Moved Permanently
> > Location: https://.com/live
>
> > curl -I https://.com/live
> >
> > HTTP/1.1 301 Moved Permanently
> > Location: https://.com/live/
>
> > Can you please guide what i am doing wrong here.
>
> The configuration you have shown says "if the request is for /live/,
> ask the browser to instead request /live".
>
> The configuration you have not shown says "if the request is for /live,
> ask the browser to instead request /live/".
>
> You should not have both of those in the same configuration file, or
> you get a loop.
>
> The not-shown configuration is usually a very good idea if "/live"
> is to be served from the filesystem and corresponds to a directory.
>
> So: why do you want to remove the trailing slash, in the shown
> configuration?
>
> If you want /live to redirect to /live/, then you should configure thing
> such that /live/ does not redirect to /live.
>
> f
> --
> Francis Dalyfran...@daoine.org
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Trailing Slash redirection poblem

[Francis Daly]

On Sat, Apr 30, 2016 at 12:47:20PM +0500, Muhammad Yousuf Khan wrote:

Hi there,

> I have been trying to remove the trailing slash with this redirection rule.
> rewrite ^/(.*)/$ /$1 permanent;
> 
> however it is creating a loop.
> 
> curl -I https://.com/live/
> 
> HTTP/1.1 301 Moved Permanently
> Location: https://.com/live

> curl -I https://.com/live
> 
> HTTP/1.1 301 Moved Permanently
> Location: https://.com/live/

> Can you please guide what i am doing wrong here.

The configuration you have shown says "if the request is for /live/,
ask the browser to instead request /live".

The configuration you have not shown says "if the request is for /live,
ask the browser to instead request /live/".

You should not have both of those in the same configuration file, or
you get a loop.

The not-shown configuration is usually a very good idea if "/live"
is to be served from the filesystem and corresponds to a directory.

So: why do you want to remove the trailing slash, in the shown
configuration?

If you want /live to redirect to /live/, then you should configure thing
such that /live/ does not redirect to /live.

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Trailing Slash redirection poblem

[Muhammad Yousuf Khan]

Dear All,
Need some help to remove trailing Slash.
I have been trying to remove the trailing slash with this redirection rule.
rewrite ^/(.*)/$ /$1 permanent;

however it is creating a loop.

curl -I https://.com/live/

HTTP/1.1 301 Moved Permanently
Server: nginx/1.6.2
Date: Sat, 30 Apr 2016 07:39:07 GMT
Content-Type: text/html
Content-Length: 184
Location: https://.com/live
Connection: keep-alive

curl -I https://.com/live

HTTP/1.1 301 Moved Permanently
Server: nginx/1.6.2
Date: Sat, 30 Apr 2016 07:39:29 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Location: https://.com/live/

Can you please guide what i am doing wrong here.

Thanks,
Yousuf
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: only .json file not load using rewrite or internal redirection cycle while internally redirecting

[rahulgupta20nov]

Thanks Maxim Dounin,

This solution is absolutely working fine. I am suffering from last 2 month
from this problem. I didn't notice I have done regular express mistake. 
Thanks for solution. I will make better Regular Expression Concept.

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,266308,266335#msg-266335

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: only .json file not load using rewrite or internal redirection cycle while internally redirecting

[Maxim Dounin]

Hello!

On Thu, Apr 21, 2016 at 02:05:24AM -0400, rahulgupta20nov wrote:

> Hi,
> In nginx conf file I have written:-
> 
> location /hello {
> alias /var/www/html/hello/some_path/www;
> try_files $uri $uri/ /helllo/some_path/www/index.html;
> }
> 
> location ~ /hello/(.*)\.(css|js|html|eot|svg|ttf|woff|ico|png|map|json)
> {
> try_files $uri $uri/ /hello/some_path/www/$1.$2;
> }
> 
> So when I request a json file eg:-
> http://localhost/hello/language/locale-en-us.json
> 
> it should be redirect to 
> http://localhost/hello/some_path/www/language/locale-en-us.json
> 
> But it not redirect to mentioned path.

Your understanding of how regular expressions work is incorrect.  
The "/hello/language/locale-en-us.json" URI, when matched by the 
regular expression specified, will match at:

/hello/(language/locale-en-us).(js)on

That's because:

- Matching full string is not required unless anchors are 
  explicitly used.

- Between alternative branches first one is preffered in NFA 
  algorithm as used by PCRE (an hence nginx), and "js" in your 
  regex will match.

In this case, correct fix would be to use explicit anchors, "^" at 
the start and "$" at the end:

location ~ ^/hello/(.*)\.(css|js|html|eot|svg|ttf|woff|ico|png|map|json)$ {
...
}

Only "$" is required to fix the problem with "js" vs. "json", 
but "^" is also needed to prevent the regex from matching 
".../hello..." in the middle of other unrelated URIs, and unlikely 
it's something you want to happen.

If you want to understand regular expressions better, consider 
Jeffrey Friedl's excellent book "Mastering Regular Expressions", 
http://regex.info/.

-- 
Maxim Dounin
http://nginx.org/

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

only .json file not load using rewrite or internal redirection cycle while internally redirecting

[rahulgupta20nov]

Hi,
In nginx conf file I have written:-

location /hello {
alias /var/www/html/hello/some_path/www;
try_files $uri $uri/ /helllo/some_path/www/index.html;
}

location ~ /hello/(.*)\.(css|js|html|eot|svg|ttf|woff|ico|png|map|json)
{
try_files $uri $uri/ /hello/some_path/www/$1.$2;
}

So when I request a json file eg:-
http://localhost/hello/language/locale-en-us.json

it should be redirect to 
http://localhost/hello/some_path/www/language/locale-en-us.json

But it not redirect to mentioned path.

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,266308,266308#msg-266308

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection problem again in new rules.

[Muhammad Yousuf Khan]

Thanks Alot Francis Daly, actually i was trying to understand the working
of rewrite and location rules how they handle the query. you explain it
very well. Thanks again for sharing such useful and detailed explanation. i
really appreciate that. :)



On Tue, Apr 19, 2016 at 4:23 AM, Francis Daly  wrote:

> On Mon, Apr 18, 2016 at 06:37:59PM +0500, Muhammad Yousuf Khan wrote:
>
> Hi there,
>
> > Thanks alot Francis Daly :). the try_file option worked for me and
> location
> > tip also worked but try_file seems more better approach.
>
> I'm glad you got it working for you.
>
> > Btw, can you please explain this paragraph. actually i am really sorry
> for
> > this newbie type question. actually i have been working as ssytem admin
> for
> > last 5 years. now my Firewall concepts of rules are collapsing with nginx
> > rules.
>
> No worries - nginx config follows its own rules, which are generally
> consistent but not necessarily the same as any other program.
>
> > >location /x { rewrite ^ /x.html redirect; }
> > >fails because "location /x" will match /x.html, so the second request
> > >will match the same location as the first one and the same redirect will
> > >happen again; and one way to avoid the loop is to make the "location"
> > >only match exactly "/x".
> > >Based on that, can you guess what the "~" in
> >
> > can you please explain how the second request creates the loop. if i use
> > break instead of redirect?
>
> I don't understand the question.
>
> What break, and what loop?
>
> I thought you had said that when you used "break" instead of "redirect"
> in the above "location /x", you got a 404. And that is what I would
> expect if the file $document_root/x.html does not exist. 404 is not a loop.
>
> Can you start with one specific configuration, and use the documentation
> (probably at http://nginx.org/r/rewrite, since that seems to be the
> troublesome one) to work out what will happen?
>
> Note: when a request arrives, the server-level "rewrite"-module directives
> (basically: if and rewrite) are used; if that does not complete the
> request, then the location is chosen, and the "rewrite"-modules directives
> in that location are used.
>
> If a "rewrite" leads to an external redirect, that completes the
> request; and the browser may then come back with a whole new request
> that is handled afresh.
>
> If the "rewrite" leads to an internal rewrite (to a new url), then the
> "subrequest" of the new url is handled according to the docs -- possibly
> with a whole new selection of the location to use, depending on the
> arguments given to the rewrite.
>
> So: show your (simplified, but complete) config; show your http request;
> show your http response; and if appropriate, describe the response that
> you wanted to get instead.
>
> "break" does exactly what it says in the documentation. If that is
> unclear, let's fix the documentation.
>
> f
> --
> Francis Dalyfran...@daoine.org
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Nginx redirection problem in odoo

[cubells]

Hi all:

I'm trying to print a report with product ean13 barcodes and the 
barcodes are printed blank.


I think my problem is an incorrect redirection problem because I can see 
correctly the barcodes if I browse to the url:


https://mydomain.net/report/barcode/?type=EAN13&value=8435095319553&width=300&height=300&humanreadable=1

MY server response in that case is:

"GET
/report/barcode/?type=EAN13&value=8435095319553&width=300&height=300&humanreadable=1 


HTTP/1.0" 200 -


But if I try to print the report with barcodes my server response is:

"GET
/report/barcode/?type=EAN13&value=8435095319508&width=600&height=200&humanreadable=1 


HTTP/1.0" 302 -
"GET
/?redirect=http%3A%2F%2Fmydomain.com%2Freport%2Fbarcode%2F%3Ftype%3DEAN13%26value%3D8435095319508%26width%3D600%26height%3D200%26humanreadable%3D1 


HTTP/1.0" 302 -


My nginx configuration file:

upstream openerpweb {
 server 127.0.0.1:8069 weight=1 fail_timeout=300s;
}

server {
 listen 80;
 server_name mydomain.net;
 return 301 https://mydomain.net$request_uri;
}

server {
 # server port and name
 listen443 default;
 server_name   mydomain.net;
 add_header Strict-Transport-Security max-age=2592000;

 # Specifies the maximum accepted body size of a client request,
 # as indicated by the request header Content-Length.
 client_max_body_size 200m;

 # ssl log files
 access_log/var/log/nginx/openerp-access.log;
 error_log/var/log/nginx/openerp-error.log;

 log_format main '$http_x_forwarded_for - $remote_user [$time_local]
"$host" "$request" '
 '$status $body_bytes_sent "$http_referer" '
 '"$http_user_agent" $request_time';

 # ssl certificate files
 ssl on;
 ssl_certificate/etc/ssl/nginx/server.crt;
 ssl_certificate_key/etc/ssl/nginx/server.key;

 # add ssl specific settings
 keepalive_timeout60;

 # limit ciphers
 ssl_ciphersHIGH:!ADH:!MD5;
 ssl_protocolsSSLv3 TLSv1;
 ssl_prefer_server_cipherson;

 # increase proxy buffer to handle some OpenERP web requests
 proxy_buffers 16 64k;
 proxy_buffer_size 128k;

 location / {
 proxy_passhttp://openerpweb;
 # force timeouts if the backend dies
 proxy_next_upstream error timeout invalid_header http_500
http_502 http_503;

 # set headers
 proxy_set_header Host $host;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;

 # set timeouts
 proxy_connect_timeout   600;
 proxy_send_timeout  600;
 proxy_read_timeout  600;
 send_timeout600;

 # Let the OpenERP web service know that we're using HTTPS,
otherwise
 # it will generate URL using http:// and not https://
 proxy_set_header X-Forwarded-Proto https;

 # by default, do not forward anything
 proxy_redirect off;
 }

 # cache some static data in memory for 60mins.
 # under heavy load this should relieve stress on the OpenERP web
interface a bit.
 location ~* /web/static/ {
 proxy_cache_valid 200 60m;
 proxy_bufferingon;
 expires 864000;
 proxy_pass http://openerpweb;
 }

}


Any idea?

Thanks a lot.



--
Atentament, cubells.
--

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection problem again in new rules.

[Francis Daly]

On Mon, Apr 18, 2016 at 06:37:59PM +0500, Muhammad Yousuf Khan wrote:

Hi there,

> Thanks alot Francis Daly :). the try_file option worked for me and location
> tip also worked but try_file seems more better approach.

I'm glad you got it working for you.

> Btw, can you please explain this paragraph. actually i am really sorry for
> this newbie type question. actually i have been working as ssytem admin for
> last 5 years. now my Firewall concepts of rules are collapsing with nginx
> rules.

No worries - nginx config follows its own rules, which are generally consistent 
but not necessarily the same as any other program.

> >location /x { rewrite ^ /x.html redirect; }
> >fails because "location /x" will match /x.html, so the second request
> >will match the same location as the first one and the same redirect will
> >happen again; and one way to avoid the loop is to make the "location"
> >only match exactly "/x".
> >Based on that, can you guess what the "~" in
> 
> can you please explain how the second request creates the loop. if i use
> break instead of redirect?

I don't understand the question.

What break, and what loop?

I thought you had said that when you used "break" instead of "redirect"
in the above "location /x", you got a 404. And that is what I would
expect if the file $document_root/x.html does not exist. 404 is not a loop.

Can you start with one specific configuration, and use the documentation
(probably at http://nginx.org/r/rewrite, since that seems to be the
troublesome one) to work out what will happen?

Note: when a request arrives, the server-level "rewrite"-module directives
(basically: if and rewrite) are used; if that does not complete the
request, then the location is chosen, and the "rewrite"-modules directives
in that location are used.

If a "rewrite" leads to an external redirect, that completes the
request; and the browser may then come back with a whole new request
that is handled afresh.

If the "rewrite" leads to an internal rewrite (to a new url), then the 
"subrequest" of the new url is handled according to the docs -- possibly
with a whole new selection of the location to use, depending on the
arguments given to the rewrite.

So: show your (simplified, but complete) config; show your http request;
show your http response; and if appropriate, describe the response that
you wanted to get instead.

"break" does exactly what it says in the documentation. If that is
unclear, let's fix the documentation.

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection problem again in new rules.

[Muhammad Yousuf Khan]

Thanks alot Francis Daly :). the try_file option worked for me and location
tip also worked but try_file seems more better approach.

Btw, can you please explain this paragraph. actually i am really sorry for
this newbie type question. actually i have been working as ssytem admin for
last 5 years. now my Firewall concepts of rules are collapsing with nginx
rules.

>location /x { rewrite ^ /x.html redirect; }
>fails because "location /x" will match /x.html, so the second request
>will match the same location as the first one and the same redirect will
>happen again; and one way to avoid the loop is to make the "location"
>only match exactly "/x".
>Based on that, can you guess what the "~" in

can you please explain how the second request creates the loop. if i use
break instead of redirect?
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection problem again in new rules.

[Francis Daly]

On Sat, Apr 16, 2016 at 12:22:46PM +0500, Muhammad Yousuf Khan wrote:

Hi there,

> location ~ \.php$ {

> location ~*
> \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|woff|woff2)$

> location / {
> try_files $uri $uri/ /index.php?q=$request_uri;
>  autoindex off;
> rewrite ^/([^_]*)_([^_]*_.*)\.html /$1-$2;
> rewrite ^/([^_]*)_([^_]*)\.html$ /$1-$2.html redirect;
> }

> if ( $request_filename ~ /action/cycling/cycling-is-best-for-health ) {
> rewrite ^ /action/cycling/cycling-is-best-for-health.html? permanent;
> }

To recap:

A loop is when the second (redirected) request is handled in the same
way as the first request. So to avoid or break the loop, the second
request must not get the same response as the first one.

You know that

  location /x { rewrite ^ /x.html redirect; }

fails because "location /x" will match /x.html, so the second request
will match the same location as the first one and the same redirect will
happen again; and one way to avoid the loop is to make the "location"
only match exactly "/x".

Based on that, can you guess what the "~" in

  if ( $request_filename ~ /action/cycling/cycling-is-best-for-health ) {

means, in the context of "matching both the first request and the second
request"?

http://nginx.org/r/if

One way to avoid the loop is the make the "if" only match exactly the
first request.


Also, you know that

  rewrite ^ /x.html redirect;

fails because the first argument to "rewrite" is a pattern, and both
your original /x and your rewritten /x.html match it; so another way
to avoid the loop is to make the "rewrite" only match exactly "/x".

So you could try that approach instead.

http://nginx.org/r/rewrite


Anyhow: since your example redirect is static, not depending on anything
other than the first request, what you probably want here is a series
of exact location matches, of the form

  location = /action/cycling/cycling-is-best-for-health {
return 301 /action/cycling/cycling-is-best-for-health.html;
  }

But *if* what you want is always-and-only serve the file of "the original
request with .html on the end", then you don't necessarily need a redirect
at all. Depending on what the full requirements are, you might be able
to get away with adjusting your try_files line instead:

> try_files $uri $uri/ /index.php?q=$request_uri;

Make that

  try_files $uri $uri.html $uri/ /index.php?q=$request_uri;

and it might do what you want without any redirects.

(Whether the new $uri.html goes before or after "$uri/" depends on
the requirements.)

> here is the test run of curl -i
> http://mydomain.com/action/cycling/cycling-is-best-for-health
> 
> 
> HTTP/1.1 301 Moved Permanently
> Server: nginx/1.6.2
> Date: Sat, 16 Apr 2016 07:10:33 GMT
> Content-Type: text/html
> Content-Length: 184
> Location: http://mydomain.com/action/cycling/cycling-is-best-for-health.html
> Connection: keep-alive

We know from the config that that is handled directly by nginx;
additionally, if it were handled by PHP or wordpress, there would probably
be an extra header in there to indicate that.

> test run with ".html" at the end.
> curl -i http://mydomain.com/action/cycling/cycling-is-best-for-health.html
> 
> HTTP/1.1 301 Moved Permanently
> Server: nginx/1.6.2
> Date: Sat, 16 Apr 2016 07:10:37 GMT
> Content-Type: text/html
> Content-Length: 184
> Location: http://mydomain.com/action/cycling/cycling-is-best-for-health.html
> Connection: keep-alive

Since that extra PHP-or-wordpress header is not there, we can suspect
that it is also handled directly by nginx.

(To be sure, you would have to check the headers for a wordpress response
as well.)

But from the analysis above, we already now that it is handled directly
by nginx, because your "if/rewrite" configuration is the loop.

Cheers,

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection problem again in new rules.

[Muhammad Yousuf Khan]

Here is our nginx default configuration file.

server {
  server_name www.mydomain.com;
  return 301 $scheme://mydomain.com$request_uri;
}

server {
server_name mydomain.com;
#listen 80;
root /var/www/html/mydomain/public_html;
index index.php info.php;

access_log /var/log/nginx/mydomain/access.log;
error_log /var/log/nginx/mydomain/error.log;

location ~ \.php$ {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass  127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
}

location ~*
\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|woff|woff2)$
{
add_header Access-Control-Allow-Origin mydomain.com;
}

location / {
try_files $uri $uri/ /index.php?q=$request_uri;
 autoindex off;
rewrite ^/([^_]*)_([^_]*_.*)\.html /$1-$2;
rewrite ^/([^_]*)_([^_]*)\.html$ /$1-$2.html redirect;
#if (!-e $request_filename){
#rewrite ^(.*)$ /index.php redirect;
#}
}

if ( $request_filename ~ /action/cycling/cycling-is-best-for-health ) {
rewrite ^ /action/cycling/cycling-is-best-for-health.html? permanent;
}


#Server HTTP End
}


Thanks for your troubleshooting tip. the redirection rule is working great
however but the.html link again redirection to the .html link. i can not
get this thing. where is the second 301 rule once the link is redirected
why again html is redirecting.

here is the test run of curl -i
http://mydomain.com/action/cycling/cycling-is-best-for-health


HTTP/1.1 301 Moved Permanently
Server: nginx/1.6.2
Date: Sat, 16 Apr 2016 07:10:33 GMT
Content-Type: text/html
Content-Length: 184
Location: http://mydomain.com/action/cycling/cycling-is-best-for-health.html
Connection: keep-alive


301 Moved Permanently

301 Moved Permanently
nginx/1.6.2

test run with ".html" at the end.
curl -i http://mydomain.com/action/cycling/cycling-is-best-for-health.html

HTTP/1.1 301 Moved Permanently
Server: nginx/1.6.2
Date: Sat, 16 Apr 2016 07:10:37 GMT
Content-Type: text/html
Content-Length: 184
Location: http://mydomain.com/action/cycling/cycling-is-best-for-health.html
Connection: keep-alive


301 Moved Permanently

301 Moved Permanently
nginx/1.6.2

what i found out is that 2nd test on .html is again redirecting to .html.
now what is causing this second redirection i have no clue.

any advice would be highly appreciated.

Thanks,
Yousuf


On Fri, Apr 15, 2016 at 9:35 PM, Francis Daly  wrote:

> On Fri, Apr 15, 2016 at 12:27:11PM +0500, Muhammad Yousuf Khan wrote:
>
> Hi there,
>
> > Sorry for the mistake in a's and b's i was typing that in general because
> > the context was not the URL but the problem.
>
> If you can show one specific url which does show the problem, then it
> makes it much easier to see what is going on.
>
> If you can also include one small but complete config file that shows
> the problem, that makes it much easier for someone else to repeat your
> experiment.
>
> (And sometimes, the act of making a small config that shows the problem,
> will show you what the fix is.)
>
> > >Do note that "location /x" can match anything that starts with /x; and
> > >if a request for /x.html returns a redirect to /x.html, you've got a
> loop.
> >
> > Yes , i have double checked but my redirection rules are not created
> wrong.
> > so i am sure no loop is happening there.
>
> Part of the point of you asking the question, is that you do not know
> where the problem is.
>
> So usually, the best thing is to run a test nginx with your config, then
> remove as much as possible while still showing the problem. Maybe that
> config will just have two location{} blocks, and the loop will be obvious.
>
> > BTW just to update you guys. i am using wordpress.
> >
> > i am doing two redirections , one domain base and second URL base.
> >
> > domain base is working fine however URL redirections are giving me
> issues.
>
> Use "curl" to test your broken url and see what exactly is returned.
>
> Do something like
>
>   curl -i http://your-server//
>
> and you should get a http 301 response, with something in the Location:
> header.
>
> Then do "curl -i" against that url, and see if you get the loop.
>
> The *rest* of the headers may show that PHP was, or was not, involved
> in the redirections.
>
> > could this be related to wordpress?
>
> It could be.
>
>

Re: Redirection problem again in new rules.

[Francis Daly]

On Fri, Apr 15, 2016 at 12:27:11PM +0500, Muhammad Yousuf Khan wrote:

Hi there,

> Sorry for the mistake in a's and b's i was typing that in general because
> the context was not the URL but the problem.

If you can show one specific url which does show the problem, then it
makes it much easier to see what is going on.

If you can also include one small but complete config file that shows
the problem, that makes it much easier for someone else to repeat your
experiment.

(And sometimes, the act of making a small config that shows the problem,
will show you what the fix is.)

> >Do note that "location /x" can match anything that starts with /x; and
> >if a request for /x.html returns a redirect to /x.html, you've got a loop.
> 
> Yes , i have double checked but my redirection rules are not created wrong.
> so i am sure no loop is happening there.

Part of the point of you asking the question, is that you do not know
where the problem is.

So usually, the best thing is to run a test nginx with your config, then
remove as much as possible while still showing the problem. Maybe that
config will just have two location{} blocks, and the loop will be obvious.

> BTW just to update you guys. i am using wordpress.
> 
> i am doing two redirections , one domain base and second URL base.
> 
> domain base is working fine however URL redirections are giving me issues.

Use "curl" to test your broken url and see what exactly is returned.

Do something like

  curl -i http://your-server//

and you should get a http 301 response, with something in the Location:
header.

Then do "curl -i" against that url, and see if you get the loop.

The *rest* of the headers may show that PHP was, or was not, involved
in the redirections.

> could this be related to wordpress?

It could be.

If the "curl" responses show that PHP is involved, then it probably is.

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection problem again in new rules.

[Muhammad Yousuf Khan]

Hi All,

Thanks for your help. Ph. Gras and Francis for your support and advice i
really appreciate that.

Ph. Gras, i tried "break" but now it is showing 404.


Francis,

Sorry for the mistake in a's and b's i was typing that in general because
the context was not the URL but the problem.

>Do note that "location /x" can match anything that starts with /x; and
>if a request for /x.html returns a redirect to /x.html, you've got a loop.



Yes , i have double checked but my redirection rules are not created wrong.
so i am sure no loop is happening there.


BTW just to update you guys. i am using wordpress.

i am doing two redirections , one domain base and second URL base.

domain base is working fine however URL redirections are giving me issues.


could this be related to wordpress?


Thanks,
MYK




On Thu, Apr 14, 2016 at 10:04 PM, Francis Daly  wrote:

> On Thu, Apr 14, 2016 at 07:03:19PM +0500, Muhammad Yousuf Khan wrote:
>
> Hi there,
>
> > there are multiple apache redirection rules that were working
> successfully.
> > for example something like this
> >
> > Redirect 301 //bbb /a/bb.html
> >
> > Now i have converted this rule in nginx like this
> >
> > location // {
> > rewrite ^(.*)$ //bb.html redirect;
> > }
>
> You have different numbers of a:s and b:s there, which makes it quite
> difficult to know what it is that you actually want to do.
>
> > now all redirection rules are keep giving error "redirection loops".
> > and when i disable the rule things back to normal. there is no
> duplication
> > happening as far as config is concern. i can confirm.
>
> Do note that "location /x" can match anything that starts with /x; and
> if a request for /x.html returns a redirect to /x.html, you've got a loop.
>
> *Possibly* you want your "rewrite/redirect" to only happen for specific
> requests; in that case, set the first argument to "rewrite" to be as
> specific as you want. Or leave the "rewrite" applying to everything,
> but have it in an exact-match location{}.
>
>
> (And if you are doing the same "rewrite...redirect" for all inputs,
> "return" may be a better directive to use instead.)
>
> > can you guys please advice how can i troubleshoot this and fix the issue.
>
> "troubleshoot" is "turn on the debug log to see, or otherwise work out,
> what you have asked nginx to do". Then compare that with what you want
> nginx to do.
>
> Good luck with it,
>
> f
> --
> Francis Dalyfran...@daoine.org
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection problem again in new rules.

[Francis Daly]

On Thu, Apr 14, 2016 at 07:03:19PM +0500, Muhammad Yousuf Khan wrote:

Hi there,

> there are multiple apache redirection rules that were working successfully.
> for example something like this
> 
> Redirect 301 //bbb /a/bb.html
> 
> Now i have converted this rule in nginx like this
> 
> location // {
> rewrite ^(.*)$ //bb.html redirect;
> }

You have different numbers of a:s and b:s there, which makes it quite
difficult to know what it is that you actually want to do.

> now all redirection rules are keep giving error "redirection loops".
> and when i disable the rule things back to normal. there is no duplication
> happening as far as config is concern. i can confirm.

Do note that "location /x" can match anything that starts with /x; and
if a request for /x.html returns a redirect to /x.html, you've got a loop.

*Possibly* you want your "rewrite/redirect" to only happen for specific
requests; in that case, set the first argument to "rewrite" to be as
specific as you want. Or leave the "rewrite" applying to everything,
but have it in an exact-match location{}.


(And if you are doing the same "rewrite...redirect" for all inputs,
"return" may be a better directive to use instead.)

> can you guys please advice how can i troubleshoot this and fix the issue.

"troubleshoot" is "turn on the debug log to see, or otherwise work out,
what you have asked nginx to do". Then compare that with what you want
nginx to do.

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection problem again in new rules.

[Ph. Gras]

Le 14 avr. 2016 à 16:03, Muhammad Yousuf Khan  a écrit :

> Redirect 301 //bbb /a/bb.html
> 
> Now i have converted this rule in nginx like this 
> 
> location // {
> rewrite ^(.*)$ //bb.html redirect;
> }
> 

You should use break instead redirect :
http://nginx.org/en/docs/http/ngx_http_rewrite_module.html#rewrite
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Redirection problem again in new rules.

[Muhammad Yousuf Khan]

Hi,


there are multiple apache redirection rules that were working successfully.
for example something like this

Redirect 301 //bbb /a/bb.html

Now i have converted this rule in nginx like this

location // {
rewrite ^(.*)$ //bb.html redirect;
}


i also tried adding "permanent" and rewrite line but also didn;t wrok.

now all redirection rules are keep giving error "redirection loops".
and when i disable the rule things back to normal. there is no duplication
happening as far as config is concern. i can confirm.

can you guys please advice how can i troubleshoot this and fix the issue.

your friendly advice is highly appreciated.

Thanks,
Yousuf
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection 301 create "Redirection loop" while using wordpress site.

[Muhammad Yousuf Khan]

Thanks Steve and Alt for the hint. you point out the correct problem. there
are two settings in wp-config.php which i change something like this and it
worked.

from this

define('WP_HOME','http://www.xxx.com');
define('WP_SITEURL','http://www.xxx.com');

to this

define('WP_HOME','http://xxx.com');
define('WP_SITEURL','http://xxx.com');


now things are working as expected.

Thanks Alot :)

MYK


On Tue, Apr 12, 2016 at 8:07 PM, Steve Wilson 
wrote:

> It sounds to me like wordpress believes that www is required and nginx
> doesn't want it.
>
> I'd try commenting out the redirect server{} block and add the server_name
> to the xxx.com one and see what you end up with in your browser, then
> have a look through the wordpress settings to see what it's wanting in the
> address bar.
>
> For my wordpress there seems to be 2 options under Settings/General,
> "Wordpress Address (URL)" and "Site Address (URL)".
>
> On 12/04/2016 15:32, Muhammad Yousuf Khan wrote:
>
> Dear All,
>
> I am very new to nginx and trying to learn it from very basic. i have a
> website and i am willing to remove the "www" before my actual domain name.
> the solution so far i have find out on google is very simple.
>
> so when ever any of the visitor visits my website by using www.xxx.com he
> should be redirected to xxx.com. fortunately everything is working as
> expected i can load php files and html file correctly, however when i try
> to load my  actual website my browser shows error "redirection loop created"
>
> here is the config code of my website.
>
> server {
> server_name www.xxx.com;
> return 301 $scheme://xxx.com$request_uri;
> }
>
> server {
> server_name xxx.com;
> root /var/www/html/xxx/public_html;
> index index.php info.php;
> access_log /var/log/nginx/xxx.com/access.log;
> error_log /var/log/nginx/xxx.com/error.log;
>
> location / {
> try_files $uri $uri/ /index.php?q=$request_uri;
> }
>
> rewrite /wp-admin$ $scheme://$host$uri/ permanent;
>
>
> location ~ \.php$ {
> include fastcgi_params;
> fastcgi_split_path_info ^(.+\.php)(/.+)$;
> #fastcgi_pass unix:/var/run/php5-fpm.sock;
> fastcgi_pass  127.0.0.1:9000;
> fastcgi_index index.php;
> fastcgi_param SCRIPT_FILENAME $request_filename;
> }
>
> location ~*
> \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|woff|woff2)$
> {
> add_header Access-Control-Allow-Origin xxx.com;
>
> }
>
> }
>
>
>
> I can access  php files properly like info.php. to check whether php is
> working or not. however the problem part is wordpress.
>
> when i try to load my wordpress site chrome shows an error saying
> reduction loop occur.
>
> Any friendly advice will be highly appreciated.
>
> Thanks,
> Yousuf
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection 301 create "Redirection loop" while using wordpress site.

[Steve Wilson]

It sounds to me like wordpress believes that www is required and nginx
doesn't want it. 

I'd try commenting out the redirect server{} block and add the
server_name to the xxx.com one and see what you end up with in your
browser, then have a look through the wordpress settings to see what
it's wanting in the address bar. 

For my wordpress there seems to be 2 options under Settings/General,
"Wordpress Address (URL)" and "Site Address (URL)". 

On 12/04/2016 15:32, Muhammad Yousuf Khan wrote:

> Dear All,
> 
> I am very new to nginx and trying to learn it from very basic. i have a 
> website and i am willing to remove the "www" before my actual domain name. 
> the solution so far i have find out on google is very simple. 
> 
> so when ever any of the visitor visits my website by using www.xxx.com [1] he 
> should be redirected to xxx.com [2]. fortunately everything is working as 
> expected i can load php files and html file correctly, however when i try to 
> load my  actual website my browser shows error "redirection loop created" 
> here is the config code of my website.
> 
> server {
> server_name www.xxx.com [1];
> return 301 $scheme://xxx.com [2]$request_uri;
> }
> 
> server {
> server_name xxx.com [2];
> root /var/www/html/xxx/public_html;
> index index.php info.php;
> access_log /var/log/nginx/xxx.com/access.log [3];
> error_log /var/log/nginx/xxx.com/error.log [4];
> 
> location / {
> try_files $uri $uri/ /index.php?q=$request_uri;
> }
> 
> rewrite /wp-admin$ $scheme://$host$uri/ permanent;
> 
> location ~ \.php$ {
> include fastcgi_params;
> fastcgi_split_path_info ^(.+\.php)(/.+)$;
> #fastcgi_pass unix:/var/run/php5-fpm.sock;
> fastcgi_pass  127.0.0.1:9000 [5];
> fastcgi_index index.php;
> fastcgi_param SCRIPT_FILENAME $request_filename;
> }
> 
> location ~* 
> \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|woff|woff2)$
>  {
> add_header Access-Control-Allow-Origin xxx.com [2];
> 
> }
> 
> }
> 
> I can access  php files properly like info.php. to check whether php is 
> working or not. however the problem part is wordpress.
> 
> when i try to load my wordpress site chrome shows an error saying reduction 
> loop occur. 
> 
> Any friendly advice will be highly appreciated.
> 
> Thanks, 
> Yousuf 
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

 

Links:
--
[1] http://www.xxx.com
[2] http://xxx.com
[3] http://xxx.com/access.log
[4] http://xxx.com/error.log
[5] http://127.0.0.1:9000___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Redirection 301 create "Redirection loop" while using wordpress site.

[Alt]

Hello,

Muhammad Yousuf Khan Wrote:
---
> I can access  php files properly like info.php. to check whether php
> is
> working or not. however the problem part is wordpress.
> 
> when i try to load my wordpress site chrome shows an error saying
> reduction
> loop occur.
> 

I would think there's a configuration somewhere (a config file or database?)
in WordPress which redirect your example.com to www.example.com.
As I don't use WordPress, I can't help you better.

Best Regards

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,266118,266119#msg-266119

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Redirection 301 create "Redirection loop" while using wordpress site.

[Muhammad Yousuf Khan]

Dear All,

I am very new to nginx and trying to learn it from very basic. i have a
website and i am willing to remove the "www" before my actual domain name.
the solution so far i have find out on google is very simple.

so when ever any of the visitor visits my website by using www.xxx.com he
should be redirected to xxx.com. fortunately everything is working as
expected i can load php files and html file correctly, however when i try
to load my  actual website my browser shows error "redirection loop created"

here is the config code of my website.

server {
server_name www.xxx.com;
return 301 $scheme://xxx.com$request_uri;
}

server {
server_name xxx.com;
root /var/www/html/xxx/public_html;
index index.php info.php;
access_log /var/log/nginx/xxx.com/access.log;
error_log /var/log/nginx/xxx.com/error.log;

location / {
try_files $uri $uri/ /index.php?q=$request_uri;
}

rewrite /wp-admin$ $scheme://$host$uri/ permanent;


location ~ \.php$ {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass  127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
}

location ~*
\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|woff|woff2)$
{
add_header Access-Control-Allow-Origin xxx.com;

}

}



I can access  php files properly like info.php. to check whether php is
working or not. however the problem part is wordpress.

when i try to load my wordpress site chrome shows an error saying reduction
loop occur.

Any friendly advice will be highly appreciated.

Thanks,
Yousuf
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: https redirection not working correctly

[Parzip]

could this be related to the forwarding of the address?

This is my domain registrar setting:

X.ch => web alias to subdomain.X.ch
subdomain.X.ch => A record to IP address of my server

I need this setup because my odoo-erp selects the database according to my
subdomains.

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,263786,263793#msg-263793

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: https redirection not working correctly

[Parzip]

Hello Kevin!
Thank you very much, but it's still not working



## odoo backend ##
upstream odoo {
server 127.0.0.1:8069;
}

## http redirects to https ##
server {
listen 80;
server_name *.X.ch www.X.ch X.ch;
return 301 https://$server_name$request_uri;
}



## https site##
server {
listen  443 default;
server_name *.X.ch X.ch www.X.ch;
# root/usr/share/nginx/html;
# index   index.html index.htm;

# log files
access_log  /var/log/nginx/odoo-access.log;
error_log   /var/log/nginx/odoo-error.log;

# ssl files
ssl on;
ssl_certificate /etc/letsencrypt/live/X.ch/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/X.ch/privkey.pem;
keepalive_timeout   60;

# limit ciphers 
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;


# proxy buffers
proxy_buffers 16 64k;
proxy_buffer_size 128k;

## default location ##
location / {
proxy_pass  http://odoo;
# force timeouts if the backend dies
proxy_next_upstream error timeout invalid_header http_500 http_502
http_503 http_504;
proxy_redirect off;

# set headers
proxy_set_headerHost$host;
proxy_set_headerX-Real-IP   $remote_addr;
proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_headerX-Forwarded-Proto https;
}

# cache some static data in memory for 60mins
location ~* /web/static/ {
proxy_cache_valid 200 60m;
proxy_buffering on;
expires 864000;
proxy_pass http://odoo;
}
}

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,263786,263792#msg-263792

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: https redirection not working correctly

[Kevin Worthington]

Hello!

After your upstream block, but before your server (https) block put
something like this:

server {
listen 80;
server_namex.ch www.x.ch;
return 301 https://$server_name$request_uri;
}

...and remove the ## http redirects to https ## at the bottom.

Best regards,
Kevin
--
Kevin Worthington
kworthington att gmail dat com
http://kevinworthington.com/
http://twitter.com/kworthington

On Wed, Dec 30, 2015 at 9:36 AM, Parzip  wrote:

> Hello!
>
> I am trying to set up nginx to
>
> - switch from http traffic to https
> - send alls https traffic to my odoo backend on port 8069
>
> This is already working for different subdomains, but not for the domain
> itself.
>
> http://(www.)subdomain.domain.ch => https://(www.)subdomain.domain.ch
> http://(www.)domain.ch => http://(www.)domain.ch, backend ist beeing
> loaded
> but not secured
>
> 1) Why is domain.ch not beeing redirected to https://domain.ch?
>
> 2) I would like to set up the let's encrypt ssl renewal script described
> here:
>
> https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04
> For this I need to put a file into the webroot folder, but I don't know how
> to define this folder...
>
> Thank you for your help.
>
>
> This is my "odoo" file in sites-available:
>
>
> ## odoo backend ##
> upstream odoo {
> server 127.0.0.1:8069;
> }
>
> ## https site##
> server {
> listen  443 default;
> server_name *.x.ch x.ch www.x.ch;
> # root/usr/share/nginx/html;
> # index   index.html index.htm;
>
> # log files
> access_log  /var/log/nginx/odoo-access.log;
> error_log   /var/log/nginx/odoo-error.log;
>
> # ssl files
> ssl on;
> ssl_certificate /etc/letsencrypt/live/x.ch/fullchain.pem;
> ssl_certificate_key /etc/letsencrypt/live/x.ch/privkey.pem;
> keepalive_timeout   60;
>
> # limit ciphers
> ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
> ssl_prefer_server_ciphers on;
> ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
>
>
> # proxy buffers
> proxy_buffers 16 64k;
> proxy_buffer_size 128k;
>
> ## default location ##
> location / {
> proxy_pass  http://odoo;
> # force timeouts if the backend dies
> proxy_next_upstream error timeout invalid_header http_500 http_502
> http_503 http_504;
> proxy_redirect off;
>
> # set headers
> proxy_set_headerHost$host;
> proxy_set_headerX-Real-IP   $remote_addr;
> proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_headerX-Forwarded-Proto https;
> }
>
> # cache some static data in memory for 60mins
> location ~* /web/static/ {
> proxy_cache_valid 200 60m;
> proxy_buffering on;
> expires 864000;
> proxy_pass http://odoo;
> }
> }
>
> ## http redirects to https ##
> server {
> listen  80;
> server_name *.x.ch www.x.ch x.ch;
>
> # Strict Transport Security
> add_header Strict-Transport-Security max-age=2592000;
> rewrite ^/.*$ https://$host$request_uri? permanent;
> }
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,263786,263786#msg-263786
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

https redirection not working correctly

[Parzip]

Hello!

I am trying to set up nginx to 

- switch from http traffic to https
- send alls https traffic to my odoo backend on port 8069

This is already working for different subdomains, but not for the domain
itself. 

http://(www.)subdomain.domain.ch => https://(www.)subdomain.domain.ch
http://(www.)domain.ch => http://(www.)domain.ch, backend ist beeing loaded
but not secured

1) Why is domain.ch not beeing redirected to https://domain.ch?

2) I would like to set up the let's encrypt ssl renewal script described
here:
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04
For this I need to put a file into the webroot folder, but I don't know how
to define this folder... 

Thank you for your help.


This is my "odoo" file in sites-available:


## odoo backend ##
upstream odoo {
server 127.0.0.1:8069;
}

## https site##
server {
listen  443 default;
server_name *.x.ch x.ch www.x.ch;
# root/usr/share/nginx/html;
# index   index.html index.htm;

# log files
access_log  /var/log/nginx/odoo-access.log;
error_log   /var/log/nginx/odoo-error.log;

# ssl files
ssl on;
ssl_certificate /etc/letsencrypt/live/x.ch/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/x.ch/privkey.pem;
keepalive_timeout   60;

# limit ciphers 
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;


# proxy buffers
proxy_buffers 16 64k;
proxy_buffer_size 128k;

## default location ##
location / {
proxy_pass  http://odoo;
# force timeouts if the backend dies
proxy_next_upstream error timeout invalid_header http_500 http_502
http_503 http_504;
proxy_redirect off;

# set headers
proxy_set_headerHost$host;
proxy_set_headerX-Real-IP   $remote_addr;
proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_headerX-Forwarded-Proto https;
}

# cache some static data in memory for 60mins
location ~* /web/static/ {
proxy_cache_valid 200 60m;
proxy_buffering on;
expires 864000;
proxy_pass http://odoo;
}
}

## http redirects to https ##
server {
listen  80;
server_name *.x.ch www.x.ch x.ch;

# Strict Transport Security
add_header Strict-Transport-Security max-age=2592000;
rewrite ^/.*$ https://$host$request_uri? permanent;
}

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,263786,263786#msg-263786

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: proxy_pass redirection

[Francis Daly]

On Fri, Jul 24, 2015 at 11:16:12AM +0200, Puneeth Kumar wrote:

Hi there,

> Sorry for confusion, proxy_pass is working for me.
> 
> I'm passing below link (exact URI) to proxy_pass
> 
> http://IP:8881/ingestion/v1.0/streams/NGINEX.
> 
> I want to keep the link(URI) only till
> http://IP:8881/ingestion/v1.0/streams/
> & the last word (NGINX) application should pick.

I do not understand what you want.

Can you write down one request that you will make to nginx, and the
matching request that you want nginx to make to its upstream?

And then, write down one other request that you will make to nginx,
and the matching request that you want nginx to make to its upstream.

That may make it clear what proxy_pass directive you want.

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: proxy_pass redirection

[Puneeth Kumar]

Thank you Francis for the links & the solution.

Sorry for confusion, proxy_pass is working for me.

I'm passing below link (exact URI) to proxy_pass

http://IP:8881/ingestion/v1.0/streams/NGINEX.

I want to keep the link(URI) only till
http://IP:8881/ingestion/v1.0/streams/
& the last word (NGINX) application should pick.
So Can I pass * type of wild char to the link? please help.

http://IP:8881/ingestion/v1.0/streams/*

Thank you

-- 
Posted via http://www.ruby-forum.com/.

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: proxy_pass redirection

[Francis Daly]

On Wed, Jul 22, 2015 at 11:26:11AM +0200, Puneeth Kumar wrote:

Hi there,

> I'm able to configured Nginx and it's working but I've challenge in
> configuring it for Dynamic proxy_pass. I've tried to use wild characters
> in proxy_pass it's not working, please help.

The proxy_pass documentation is at http://nginx.org/r/proxy_pass.

I am not sure what you mean by "dynamic".

You want to make one http request of nginx; and you want nginx to make
one http request of the proxy_pass upstream server.

Can you give some examples of the request you make to nginx, and the
request that you want nginx to make of upstream?

That might make clearer what it is you want to do.

Note that if you use

  location /one/ {
proxy_pass http://upstream/two/;
  }

then if you make a request of /one/abc, nginx will make a request of
/two/abc to upstream; and if you make a request of /one/def, nginx will
make a request of /two/def to upstream.

Is that what you mean by "dynamic"? If so, things should Just Work. If
you mean something else, please explain.

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: proxy_pass redirection

[Puneeth Kumar]

Thank for the quick response.

My proxy_pass path will keep on changing as per my topic, so I want to 
keep to dynamic. Pls check below e.g.

proxy_pass http://IP:8881/ingestion/v1.0/streams/NGINEX;
or
proxy_pass http://IP:8881/ingestion/v1.0/streams/NGINEX1;
or
proxy_pass http://IP:8881/ingestion/v1.0/streams/NGINEX2;

So that last word I want to keep it has dynamic, please help.

-- 
Posted via http://www.ruby-forum.com/.

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: proxy_pass redirection

[Payam Chychi]

On Wednesday, July 22, 2015 at 2:26 AM, Puneeth Kumar wrote:

> Hi,
> I'm new to Nginx and we are using for reverse proxy.
> 
> I'm able to configured Nginx and it's working but I've challenge in
> configuring it for Dynamic proxy_pass. I've tried to use wild characters
> in proxy_pass it's not working, please help.
> 
> E.G.
> location
> server {
> #listen 443;
> listen 8080;
> #server_name analyticstest.isyntax.net;
> server_name IP;
> 
> /api/ingestion/ {
> proxy_set_header HOST $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_buffers 8 512k;
> proxy_buffer_size 2024k;
> proxy_busy_buffers_size 2024k;
> proxy_read_timeout 3000;
> add_header Cache-Control no-cache;
> #rewrite ^/api/query/(.*)$ /$1;
> proxy_pass http://IP:8881/ingestion/v1.0/streams/NGINEX; (IP:
> hostname of the server where the service
> system)
> 
> In my case, in the above link last word NGINEX can be any other name, so
> how I can dynamically configure for that word.
> I tried using wild characters like *, . & _ are not working. Please
> help.
> 
> Thank you
> 
> -- 
> Posted via http://www.ruby-forum.com/.
> 
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> 
> 




Hi,

Add a cookie to the session and have the back end route to proper path post 
cookie check

  

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

proxy_pass redirection

[Puneeth Kumar]

Hi,
I'm new to Nginx and we are using for reverse proxy.

I'm able to configured Nginx and it's working but I've challenge in
configuring it for Dynamic proxy_pass. I've tried to use wild characters
in proxy_pass it's not working, please help.

E.G.
location
server {
#listen 443;
listen 8080;
#server_name analyticstest.isyntax.net;
server_name IP;

/api/ingestion/ {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffers 8 512k;
proxy_buffer_size 2024k;
proxy_busy_buffers_size 2024k;
proxy_read_timeout 3000;
add_header Cache-Control no-cache;
#rewrite ^/api/query/(.*)$ /$1;
proxy_pass http://IP:8881/ingestion/v1.0/streams/NGINEX; (IP:
hostname of the server where the service
system)

In my case, in the above link last word NGINEX can be any other name, so
how I can dynamically configure for that word.
I tried using wild characters like *, . & _ are not working. Please
help.

Thank you

-- 
Posted via http://www.ruby-forum.com/.

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Nginx URL Fallback setup with internal redirection in reverse-proxy settings

[Francis Daly]

On Fri, Jun 19, 2015 at 10:59:00PM +0530, Ashish k wrote:

Hi there,

> Set up Nginx config so that any URL address which is not found, goes
> to a fallback path with internal redirection (NO change or redirection
> in browser URL).

> Please point me to NGINX resources and a steps that will be required
> so that I can grasp NGINX quickly to do the above task.

It sounds like you want your own handler for 404 errors. So

  error_page 404 @404;

or

  error_page 404 = @404;

http://nginx.org/r/error_page for details. and the difference between
the two lines.

Then in "location @404 {}", do what you want - proxy_pass or fastcgi_pass
to something external with appropriate other settings, most likely.

Good luck with it,

f
-- 
Francis Dalyfran...@daoine.org

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Nginx URL Fallback setup with internal redirection in reverse-proxy settings

[Ashish k]

Hi
List Members Gurus

  I have installed and configured a virtual
host using NGINX in Ubuntu 14.04 Now I want to add couple of
functionalities like--

Set up Nginx config so that any URL address which is not found, goes
to a fallback path with internal redirection (NO change or redirection
in browser URL).

Assuming the following:
Fallback path needed for configuration:
http://myvirtualhost/fallback_directory/fallbackhandler.php
Anything typed after http://localhost when not found, should hit the
fallback path (internal redirection, meaning NO change or redirection
in browser address bar). The
fallback path is given above
(http://app_servers/fallback_directory/fallbackhandler.php) which
needs to be setup in Nginx config.

For example, when i visits www.test.com/not_existing_directory/ and
not_existing_directory doesn't exist, it should hit the fallback path
while still retaining www.test.com/not_existing_directory/ in browser
address bar.

Please point me to NGINX resources and a steps that will be required
so that I can grasp NGINX quickly to do the above task.

Thanks in advance
Ashish

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: rewrite or return for simple redirection

[neubyr]

Thank you Maxim! That's helpful explanation.

-N

On Mon, Nov 24, 2014 at 6:39 AM, Maxim Dounin  wrote:

> Hello!
>
> On Fri, Nov 21, 2014 at 02:53:50PM -0800, neubyr wrote:
>
> > On Fri, Nov 21, 2014 at 12:11 PM, Maxim Dounin 
> wrote:
>
> [...]
>
> > > For such cases rewrite is better, IMHO.  In some cases it may be a
> > > good idea to additionally isolate it with prefix location, like
> > > this:
> > >
> > > location /members/ {
> > > rewrite ^/members/(.*) /users/$1 redirect;
> > > }
> > >
> > >
> > Thank you Maxim. In what cases prefix might be a good idea??
>
> This mostly depends on other configuration in the server{} and
> expected workload.  That is, it doesn't make much sense to isolate
> rewrite if you just have a bunch of rewrites already isolated from
> other requests.  E.g., consider the following configuration:
>
> location / {
> rewrite ^/members/(.*) /users/$1  redirect;
> rewrite ^/images/(.*)  /static/$1 redirect;
> return 404;
> }
>
> location /users/ {
> ...
> }
>
> location /static/ {
> ...
> }
>
> This configuration assumes that all the traffic in "location /"
> will be redirected, and most normal requests should be handled in
> other locations ("/users/", "/static/").  It doesn't make much
> sense to bother doing additional isolation with prefix locations
> as it's more or less already here.
>
> On the other hand, consider the following configuration:
>
> location / {
> rewrite ^/members/(.*) /users/$1  redirect;
> rewrite ^/images/(.*)  /static/$1 redirect;
>
> proxy_pass http://backend;
> }
>
> In this configuration all requests are handled in "location /".
> And for all normal requests to "/users/..." nginx will have to
> check all the rewrites.  This is just a waste of resources.
> Moreover, such a configuration may (and likely will) become hard
> to support eventually, and this is probably even more important
> thing to consider.  So it's usually good idea to use something
> like this instead:
>
> location / {
> proxy_pass http://backend;
> }
>
> location /members/ {
> rewrite ^/members/(.*) /users/$1  redirect;
> }
>
> location /images/ {
> rewrite ^/images/(.*)  /static/$1 redirect;
> }
>
> See also this Igor's talk for additional hints on how to write
> scalable nginx configurations:
>
> https://www.youtube.com/watch?v=YWRYbLKsS0I
>
> --
> Maxim Dounin
> http://nginx.org/
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: rewrite or return for simple redirection

[Maxim Dounin]

Hello!

On Fri, Nov 21, 2014 at 02:53:50PM -0800, neubyr wrote:

> On Fri, Nov 21, 2014 at 12:11 PM, Maxim Dounin  wrote:

[...]

> > For such cases rewrite is better, IMHO.  In some cases it may be a
> > good idea to additionally isolate it with prefix location, like
> > this:
> >
> > location /members/ {
> > rewrite ^/members/(.*) /users/$1 redirect;
> > }
> >
> >
> Thank you Maxim. In what cases prefix might be a good idea??

This mostly depends on other configuration in the server{} and 
expected workload.  That is, it doesn't make much sense to isolate 
rewrite if you just have a bunch of rewrites already isolated from 
other requests.  E.g., consider the following configuration:

location / {
rewrite ^/members/(.*) /users/$1  redirect;
rewrite ^/images/(.*)  /static/$1 redirect;
return 404;
}

location /users/ {
...
}

location /static/ {
...
}

This configuration assumes that all the traffic in "location /" 
will be redirected, and most normal requests should be handled in 
other locations ("/users/", "/static/").  It doesn't make much 
sense to bother doing additional isolation with prefix locations 
as it's more or less already here.

On the other hand, consider the following configuration:

location / {
rewrite ^/members/(.*) /users/$1  redirect;
rewrite ^/images/(.*)  /static/$1 redirect;

proxy_pass http://backend;
}

In this configuration all requests are handled in "location /".  
And for all normal requests to "/users/..." nginx will have to 
check all the rewrites.  This is just a waste of resources.  
Moreover, such a configuration may (and likely will) become hard 
to support eventually, and this is probably even more important 
thing to consider.  So it's usually good idea to use something 
like this instead:

location / {
proxy_pass http://backend;
}

location /members/ {
rewrite ^/members/(.*) /users/$1  redirect;
}

location /images/ {
rewrite ^/images/(.*)  /static/$1 redirect;
}

See also this Igor's talk for additional hints on how to write 
scalable nginx configurations:

https://www.youtube.com/watch?v=YWRYbLKsS0I

-- 
Maxim Dounin
http://nginx.org/

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: rewrite or return for simple redirection

[neubyr]

On Fri, Nov 21, 2014 at 12:11 PM, Maxim Dounin  wrote:

> Hello!
>
> On Fri, Nov 21, 2014 at 12:06:54PM -0800, neubyr wrote:
>
> > On Fri, Nov 21, 2014 at 11:33 AM, Maxim Dounin 
> wrote:
> >
> > > Hello!
> > >
> > > On Fri, Nov 21, 2014 at 11:21:40AM -0800, neubyr wrote:
> > >
> > > > I am trying to understand which option would result in more efficient
> > > HTTP
> > > > redirection. I am trying to redirect ^/address page to ^/contact
> page.
> > > >
> > > > Option 1:
> > > > rewrite ^/address /contact permanent;
> > > >
> > > > Option 2:
> > > > location ~ ^/address {
> > > >   return 301 $scheme://$host/contact
> > > > }
> > > >
> > > > Which option should be preferred? Both options involve regex and I
> am not
> > > > sure which one will be faster. Are there any other better options?
> > >
> > > location = /address {
> > > return 301 /contact;
> > > }
> > >
> > >
> > >
> > Thank you Maxim!! That's helpful. I should have used precise location
> match
> > and relative redirect path.
> >
> > Also, can something with following rewrite be converted to 'location and
> > return' combination?
> >
> > rewrite ^/members/(.*) /users/$1
> >
> > Or am I better with rewrite directive in this case? Appreciate any help.
>
> For such cases rewrite is better, IMHO.  In some cases it may be a
> good idea to additionally isolate it with prefix location, like
> this:
>
> location /members/ {
> rewrite ^/members/(.*) /users/$1 redirect;
> }
>
>
Thank you Maxim. In what cases prefix might be a good idea??

- N
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: rewrite or return for simple redirection

[Maxim Dounin]

Hello!

On Fri, Nov 21, 2014 at 12:06:54PM -0800, neubyr wrote:

> On Fri, Nov 21, 2014 at 11:33 AM, Maxim Dounin  wrote:
> 
> > Hello!
> >
> > On Fri, Nov 21, 2014 at 11:21:40AM -0800, neubyr wrote:
> >
> > > I am trying to understand which option would result in more efficient
> > HTTP
> > > redirection. I am trying to redirect ^/address page to ^/contact page.
> > >
> > > Option 1:
> > > rewrite ^/address /contact permanent;
> > >
> > > Option 2:
> > > location ~ ^/address {
> > >   return 301 $scheme://$host/contact
> > > }
> > >
> > > Which option should be preferred? Both options involve regex and I am not
> > > sure which one will be faster. Are there any other better options?
> >
> > location = /address {
> > return 301 /contact;
> > }
> >
> >
> >
> Thank you Maxim!! That's helpful. I should have used precise location match
> and relative redirect path.
> 
> Also, can something with following rewrite be converted to 'location and
> return' combination?
> 
> rewrite ^/members/(.*) /users/$1
> 
> Or am I better with rewrite directive in this case? Appreciate any help.

For such cases rewrite is better, IMHO.  In some cases it may be a 
good idea to additionally isolate it with prefix location, like 
this:

location /members/ {
rewrite ^/members/(.*) /users/$1 redirect;
}

-- 
Maxim Dounin
http://nginx.org/

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: rewrite or return for simple redirection

[neubyr]

On Fri, Nov 21, 2014 at 11:33 AM, Maxim Dounin  wrote:

> Hello!
>
> On Fri, Nov 21, 2014 at 11:21:40AM -0800, neubyr wrote:
>
> > I am trying to understand which option would result in more efficient
> HTTP
> > redirection. I am trying to redirect ^/address page to ^/contact page.
> >
> > Option 1:
> > rewrite ^/address /contact permanent;
> >
> > Option 2:
> > location ~ ^/address {
> >   return 301 $scheme://$host/contact
> > }
> >
> > Which option should be preferred? Both options involve regex and I am not
> > sure which one will be faster. Are there any other better options?
>
> location = /address {
> return 301 /contact;
> }
>
>
>
Thank you Maxim!! That's helpful. I should have used precise location match
and relative redirect path.

Also, can something with following rewrite be converted to 'location and
return' combination?

rewrite ^/members/(.*) /users/$1

Or am I better with rewrite directive in this case? Appreciate any help.

-N
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: rewrite or return for simple redirection

[Maxim Dounin]

Hello!

On Fri, Nov 21, 2014 at 11:21:40AM -0800, neubyr wrote:

> I am trying to understand which option would result in more efficient HTTP
> redirection. I am trying to redirect ^/address page to ^/contact page.
> 
> Option 1:
> rewrite ^/address /contact permanent;
> 
> Option 2:
> location ~ ^/address {
>   return 301 $scheme://$host/contact
> }
> 
> Which option should be preferred? Both options involve regex and I am not
> sure which one will be faster. Are there any other better options?

location = /address {
return 301 /contact;
}

-- 
Maxim Dounin
http://nginx.org/

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

rewrite or return for simple redirection

[neubyr]

I am trying to understand which option would result in more efficient HTTP
redirection. I am trying to redirect ^/address page to ^/contact page.

Option 1:
rewrite ^/address /contact permanent;

Option 2:
location ~ ^/address {
  return 301 $scheme://$host/contact
}

Which option should be preferred? Both options involve regex and I am not
sure which one will be faster. Are there any other better options?

-N
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: double slashes redirection

[B.R.]

By default, nginx 'cleanse' URI by decoding/correcting specific cases
before matching it against a location. The multiple slashes are part of it.
Read how location
<http://nginx.org/en/docs/http/ngx_http_core_module.html#location> works.

I suppose the internal $uri
<http://nginx.org/en/docs/http/ngx_http_core_module.html#var_uri> variable
holds watch nginx uses for its logic, but in any case holds a
decoded/corrected version of the URI.

If you *do not* want nginx to automatically try to correct multiple
slashes, you can override the default configuration for the corresponding
merge_slashes
<http://nginx.org/en/docs/http/ngx_http_core_module.html#merge_slashes>
directive.
Be careful then: your locations won't match if they do not find any exact
stanza suitable for them. ;o)

You will be up for the pain you asked for...
---
*B. R.*

On Mon, Oct 6, 2014 at 11:17 AM, Benoit Vasseur 
wrote:

> Hi everybody,
>
> I am in trouble with my nginx configuration.
>
> my version of nginx is 1.1.19
>
> My goal is to redirect http://example.com//site to http://example/site
>
> My app is in Rails and I want to handle this redirect with Rack.
>
> However I am not able to detect this ‘//’ in the url.
>
> Nginx send to my app ‘/site’ and not ‘//site’.
>
> Seeing that my rails app had not the right info I tried to handle this
> redirection at the nginx level but I had the same issue ; I am not able to
> detect the ‘//’.
>
> I tried to desactivate the merge slashes option but it did not change
> anything
>
> $uri and $request_uri still contained ‘/site’ and not ‘//site’
>
> Do you have any idea why the first slash is skip ?
>
> I tried to follow some examples but nothing worked :/
>
>
> http://rosslawley.co.uk/archive/old/2010/01/10/nginx-how-to-url-cleaning-removing/
> http://bneijt.nl/blog/post/nginx-and-the-extra-slashes/
>
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

double slashes redirection

[Benoit Vasseur]

Hi everybody,

I am in trouble with my nginx configuration.

my version of nginx is 1.1.19

My goal is to redirect http://example.com//site to http://example/site

My app is in Rails and I want to handle this redirect with Rack.

However I am not able to detect this ‘//’ in the url.

Nginx send to my app ‘/site’ and not ‘//site’.

Seeing that my rails app had not the right info I tried to handle this
redirection at the nginx level but I had the same issue ; I am not able to
detect the ‘//’.

I tried to desactivate the merge slashes option but it did not change
anything

$uri and $request_uri still contained ‘/site’ and not ‘//site’

Do you have any idea why the first slash is skip ?

I tried to follow some examples but nothing worked :/

http://rosslawley.co.uk/archive/old/2010/01/10/nginx-how-to-url-cleaning-removing/
http://bneijt.nl/blog/post/nginx-and-the-extra-slashes/
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: redirection issue

[Kurogane]

Thats working thanks!!

I set default_server in localhost because i want to show default page when
you go to http://1.2.3.4

Posted at Nginx Forum: 
http://forum.nginx.org/read.php?2,253713,253719#msg-253719

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: redirection issue

[Adie Nurahmadie]

On Fri, Oct 3, 2014 at 12:39 AM, Adie Nurahmadie 
wrote:

>
> On Fri, Oct 3, 2014 at 12:33 AM, Kurogane  wrote:
>
>> No.
>>
>
> There is your problem, the config supposed to looks like this:
>
> server {
> listen 80 default_server;
> server_name localhost;
> root /home/nginx/default/public;
> }
>
>
> server {
> listen 80;
> server_name domain.com;
> return 301 $scheme://www.domain.com$request_uri;
> }
>
> server {
> listen 80;
> server_name www.domain.com;
> root  /home/user/public_html;
>
> # proceed with the rest of the config down here
> # ...
> }
>
> Also, it's not mandatory, but I think you should set the default_server on
> the www.domain.com server block
> instead of localhost.
>
> Posted at Nginx Forum:
>> http://forum.nginx.org/read.php?2,253713,253715#msg-253715
>>
>> ___
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
>
> --
> regards,
> Nurahmadie
> --
>

For reference, http://nginx.org/en/docs/http/converting_rewrite_rules.html

-- 
regards,
Nurahmadie
--
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx