Stop nginx from ignoring specific subdomain in server block - nginx-config

I've been using nginx on Ubuntu 20 for a few years now mostly without problems, but on a newly deployed server, I can't seem to get this right.
I have a serverblock in a file named alpha in /sites_available. The server block has server_name alpha.example.com set up with a document root = /var/www/alpha.
I have a serverblock in a file named beta in /sites_available. The server block has server_name beta.example.com set up with a document root = /var/www/beta.
DNS a records exist for both alpha.example.com and beta.example.com.
What happens:
URL http://beta.example.com displays http://beta.example.com in the browser address, but pulls content from /var/www/alpha.
By experimenting, I've found that nginx is consistently processing the file that comes first alphabetically in sites_available, regardless of the subdomain in the URL.
May questions are,
Why does it behave this way? and
How can I turn that off?
The behavior I want is for each server block to route a single subdomain to a specific document root and ignore everything else.
So... http://beta.example.com doesn't even try to go to /var/www/alpha
Here's an example of one of the server block file contents
server {
listen 80;
listen [::]:80;
server_name alpha.example.com;
root /var/www/alpha;
index index.php index.html index.htm index.nginx-debian.html;
access_log /var/log/nginx/alpha_access.log;
error_log /var/log/nginx/alpha_error.log;
location / {
try_files $uri $uri/ /index.php;
}
location ~ ^/(doc|sql|setup)/ {
deny all;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
}
location ~ /\.ht {
deny all;
}
}
So, to say it another way: What do I need to put in there to tell nginx "If the subdomain isn't alpha, ignore all this... this is only for alpha.example.com"?

Turned out my problem was a typo in the server name in one of the blocks. With my attention on the sobdomain piece, I failed to notice the domain name itself was wrong (e.g. alpha.exampple.com would do it).
The results of this are counterintuitive and can send you barking up all sorts of wrong trees trying to figure out what's wrong.
Part of the answer, too, though, is that nginx is apparently designed with a strong bias toward finding a server block that can respond to the request... even if the subdomain in the url doesn't match anything.
The key to tightening that up is probably writing a good default server block . . . which I'm still working on.
For example, I have http://example.com going to the default, but in the scenario I described above, with server blocks for alpha.example.com and beta.example.com, keying in http://x.example.com doesn't land at my default.
So some work to do there. Advice welcome.
(Edit: I'm pretty sure that a catch-all default server for anyrandomcharacters.example.com can't happen. There would have to be DNS routing the subdomain to your server before nginx can do anything with the subdomain. Maybe wild card DNS can serve that purpose.)

Related

Nginx/Django SSL Configuration for a specific sub page

I have an nginx/gunicorn/supervisor/posrgresql server with Django. I server two web pages from this server, with each with its own nginx conf file. I have purchased and downloaded SSL certificates and they are working in some circumstances.
My nginx conf file looks like this:
server {
listen 80;
server_name name.org;
return 301 https://www.name.org;
{
server {
listen 80;
listen 443 ssl;
server_name www.name.org;
ssl_certificate...
}
And so on. What I want to happen is this:
Either
1.) entire site with all pages https
or
2.) one particular sub-page with https, e.g. https://www.name.org/page, no matter how you get there, name.org/page, https://www.name.org/page, www.name.org/page, internal links, etc. The point is I need to serve THAT page over SSL.
Currently, name.org takes you to my home page https. www.name.org does not. I can go to any page on my site, and then enter that page name in the address bar, like https://www.name.org/anypage, and it will reload with the green lock.
I've been looking on stackoverflow, nginx documentation, godaddy (where I purchased my certificates) and everywhere else I can think to search for hours and cannot find anything, so any help will be quite welcome.
Change your first server block to include the www subdomain:
server {
listen 80;
server_name name.org www.name.org;
return 301 https://www.name.org;
}
This will redirect both http://name.org and http://www.name.org to https://www.name.org. After you've done that, you can remove the listen 80; from your second server block, as the first one covers that name / port combination, and you'll only be dealing with the ssl version from then on.

301 Redirect on nginx machine running non-standard port behind a proxy

I have an nginx server processing PHP requests, but it's configured to listen on a non-standard port (port 12345 or something). I can't change the listen port because corporate IT says, "No."
There is a proxy in the data center that forwards requests from www.domain.com:80 to the nginx box on port 12345.
I have some static 301 redirects that I need to put in place, but I'm getting unexpected behavior.
Sample redirects in site.conf "server { }" block:
rewrite ^/foo$ /bar/foo/ permanent;
When I attempt to go to www.domain.com/foo, the redirect happens, but it tries to forward the browser to www.domain.com:12345/bar/foo/
My question is, how can I get nginx to redirect the user to the correct port (www.domain.com/bar/foo/)?
Maybe a better question is, what is the correct way to do what I'm asking? There are 50+ redirects that need to go in, and I'd rather not create a "location" section for each of those redirects.
You can provide a more explicit rewrite. Try the following:
rewrite ^/foo/ $scheme://www.domain.com:80/bar$request_uri permanent;
I have assumed that you meant to use ^/foo/ instead of ^/foo$, since ^/foo$ is a very specific case. Just revise as needed.

nginx and catalyst configuration

I am having trouble deploying a Catalyst application using nginx and
fastcgi. I attempting to do this under ubuntu 12.04.
I have successfully configured nginx to serve static content from my
app's /root subdirectory. However, when I try to any of my dynamic
urls, I get a 404 error in my application's error log saying the
(unmapped) url is not found, which leads me to believe that nginx is
attempting to serve the request akin to a static page instead of
sending it to my Catalyst app.
To restate, hitting 'localhost:3001/root/static.html' results in the
static content being successfully displayed in the browser, but
hitting 'localhost:30001/expense/editor' results the following error:
"GET /expense/editor HTTP/1.1" 404
(where '/expense/editor' is a path in my app, one that I can
successfully access when running the built-in Catalyst development
server).
I am launching the Catalyst app as:
> perl script/budgetweb_fastcgi.pl -l localhost:3003
I also tried running /etc/init.d/fcgiwarp. I am unclear if I need to run a
separate fastcgi wrapper, or if the perl script above is my fastcgi
wrapper. I edited fcgiwrap to use TCP sockets (127.0.0.1:3003), which
then prevented me from running both /etc/init.d/fcgiwrap and
script/budgetweb_fastcgi.pl at the same time, since they both use the
same socket. So I'm guessing I'm only supposed to use the Catalyst
script? Also, when running fcgiwrap, I get 502 "bad gateway" errors
when attempting to access static content.
Any help, or pointers to help, will be much appreciated. So far I have looked at the following pages (among others; StackOverflow will only allow me to post two links):
Catalyst wiki
HOWTO: Deploy a Catalyst application using FastCGI and nginx
Here is my nginx config file for the server:
server {
listen 3001;
server_name budgetweb.com;
root /local/www/money/budgetweb;
location /root {
add_header Cache-control public;
root /local/www/money/budgetweb/;
}
location / {
access_log /local/www/money/budgetweb/logs/access.log;
error_log /local/www/money/budgetweb/logs/error.log;
index index.html index.htm index.pl;
try_files $uri =404;
gzip off;
fastcgi_pass localhost:3003;
fastcgi_index index.pl;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /local/www/money/budgetweb$fastcgi_script_name;
fastcgi_param SCRIPT_NAME /;
fastcgi_param PATH_INFO $fastcgi_script_name;
}
# Disable gzip (it makes scripts feel slower since they have to complete
# before getting gzipped)
gzip off;
# include /etc/nginx/fcgiwrap.conf;
}
The fastcgi.pl script included with Catalyst is your FastCGI wrapper. All you should have to do is start that on a socket, then point your webserver to that socket and everything should pass through. The only thing you'll want to do for a production system is create a start/stop script that will start and stop your application on startup and shutdown. The start command will look pretty much like what you ran above (you may want to add a '-d' flag to daemonize it.)
On your webserver configuration, configuring '/' to point to your application should be fine. You might try removing the 'index', 'try_files', and 'fastcgi_index' configuration lines, that might be causing nginx to try and statically serve the content instead of passing the request to your application.

NGinx Domain name redirects

Lets say I have a website named xyz.co, I also have other domain names with the same prefix like xyz.com, xyz.it, xyz.co.it
Right now nginx works fine with server_name xyz.co in nginx.conf in port 80 I would want all the other domains to redirect to xyz.co also I would want www.* versions of the above to redirect to xyz.co. How can I get this? Is this nginx webserver level changes? or I need to make this changes in DNS?
UPDATE: I tried this in nginx.conf but no use...
server
{
listen 80;
server_name xyz.co xyz.com, xyz.it, xyz.co.it;
rewrite ^/(.*) http://xyz.co permanent;
}
I first tried posting this question in ServerFault but no response there - https://serverfault.com/questions/453472/nginx-domain-name-redirects
add one server block for all the domain names that need to be redirected. like this:
server {
listen 80;
server_name xyz.com, xyz.it, xyz.co.it;
rewrite ^ http://xyz.co$request_uri permanent;
}
and another server block for the xyz.co domain:
server {
listen 80;
server_name xyz.co;
#other settings
}
this way when you go to one of the domain names that need to be redirected nginx will simply redirect to xyz.co and move into the other server block where you can add all your settings (rootfolder, location blocks, etc)

nginx + varnish redirect server IP to url

i have nginx on port 8080 sitting behind varnish running on port 80. there is only one website on my server. the problem is you can access it by server's IP address too, instead of just url. google indexed this ip and i am afraid of problems with duplicate content.
how do i redirect requests going to IP address to my URL? i tried this code, but it ended up with loop redirects error.
server {
listen 180.10.1.1:80;
server_name 180.10.1.1;
rewrite .* http://www.mysite.com$request_uri permanent;
}
thanks
edit:
rest of vcl
server {
listen 8080;
server_name site.com;
access_log /var/log/nginx/localhost.access.log;
error_page 502 /502.html;
## Default location
location / {
root /home/site.com/public_html;
index index.php;
...
There's a couple of ways to solve this. If Nginx is also serving site.com when you visit the server IP Address then you should adjust the Nginx config so any requests which are directed at the IP address redirect to site.com. Then restart both Nginx and Varnish.
ok the problem was "180.10.1.1:" in the listen directive. i kept there only "listen 80" and now it works fine :)