Nginx Reverse Proxy For Web App Hosted on Local Server - windows

I am hosting a web application via a home server. I have my Cloudflare DNS A record pointed to my public ip and my firewall is off. I am using cloud flare for SSL.
My app is running on local host (127.0.0.1) port 1624.
I am using nginx. My server name is my public ip and listen is port 80.
My reverse proxy is pointed at 127.0.0.1:1624.
I have port 80 open on my router as well.
For some reason I am not able to connect to my website. What could be causing this?
The developer of the web app has told me to use my domain name for the server name and keep the port as default 80 while pointing the reverse proxy to 127.0.0.1:1624.
My nginx conf:
server
{
server_name {mypublicip};
#server_name {mydomainname};
listen 80;
location / {
proxy_pass http://127.0.0.1:1624; # my web app proxy
proxy_http_version 1.1;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
Router Settings:
I've tried:
Nginx conf -
server_name > domain NAME
server_name > public ip
My app is working when I go to 127.0.0.1:1624 just not my domain.

You should configure port forwarding on your router - so that all packets coming on port 80 of the public IP on your router will be forwarded to port 80 of your local PC (which probably has an internal IP address in a 192.168.xx.yy range). Then your nginX should listen on port 80 at that 192.168.xx.yy address on your PC and proxy_pass to 127.0.0.1:1624 where your application is listening.
IF you don't do this - packets will end up on the router instead of at nginX in your local PC.

Related

Simple Nginx proxy pass not working with Laravel Valet installed

Quick backstory, I used Laravel Valet to setup a local development environment. I've since containerized the application and would like to just have Nginx proxy the main port 80 traffic to the localhost:8000 port the docker container is listening at. I've tried to remove (unpark/stop) Valet. I've commented out the lines from the nginx.conf that refer to the Valet config files. Nothing seems to work though
Here is my conf:
server {
listen 80;
server_name app.trucase.test paylaw.trucase.test;
location / {
proxy_pass http://127.0.0.0:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
I can go to app.trucase.test:8000 and it all works. But without the port, Nginx just isn't proxying the traffic. What am I missing?

Allow NGINX to send requests over http to another port

I have a React application running with NGINX which handles traffic on one port (www.domain.com - https) and I also have a back-end Spring Boot application which runs on a different port (www.domain.com:7080 - http).
Now NGINX serves 80, 443 ports and loads up my React application. My react application is hard-coded to send requests to www.domain.com:7080, however all requests fail. In the browser's console I can see the following error:
The page at 'https:// domain.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http:// domain.com:7080/auth/login'. This request has been blocked; the content must be served over HTTPS.
My NGINX configuration:
server {
listen 443 ssl; # managed by Certbot
root /var/www/ui;
server_name www.domain.com domain.com;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
index index.html;
}
}
server {
listen 80;
if ($host = domain.com) {
return 301 $host$request_uri;
} # managed by Certbot
server_name www.domain.com domain.com;
return 301 https://$host$request_uri; # managed by Certbot
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
My back-end application is served over http and I'd like to permit the front-end to talk to the back-end service.
I couldn't locate a similar question or tutorial on how I would go about solving this therefore I'm hoping to get some answers here :3
create api endpoint in your domain i.e. www.domain.com/api and configure nginx to pass traffic from that endpoint to your backend with proxy_pass directive. You'll have secure connection from your users and won't need to change anything in your backend server.

How to replicate session in memory on Oracle Weblogic?

I want to create a high availability with Oracle Weblogic. First, I create a cluster called MyCluster and add two servers (Server1 and Server2) to MyCluster. I use Nginx as a load balancer.
I follow the tutorial from https://www.oracle.com/webfolder/technetwork/tutorials/obe/fmw/wls/12c/12-ManageSessions--4478/session.htm#t1 to replicate session in memory.
Here is my nginx config:
upstream myweb {
server server1:38080 weight=1;
server server2:38080 weight=1;
server server3:38080 weight=1;
}
server {
listen 80;
server_name nginxHost;
access_log /var/log/nginx/nginxHost.access.log main;
error_log /var/log/nginx/nginxHost.error.log warn;
location / {
proxy_pass http://myweb/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
When I test session replication, I have a problem. If Server1 is running and Server2 is shutdown now, I connect my application which is on Server1. I power on Server2 and wait it complete startup. Then I shutdown Server1 and refresh browser. The session disappear.
Finally, I find I have to refresh browser after Server2 is running. Is there any way to replicate session when servers start?

Tell lighttpd used protocol (HTTPS) when Nginx reverse proxy is in front

I have a Nginx reverse proxy redirecting to a lighttpd server in the same machine. This reverse proxy works on HTTPS so I want to tell to lighttpd that HTTPS is being used as protocol instead of HTTP. Here is my Nginx confuguration.
server {
server_name mydomain.com;
merge_slashes off;
rewrite ^(.*?)//+(.*?)$ $1/$2 permanent;
location / {
proxy_pass http://localhost:8088/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
# SSL settings
}
server {
if ($host = mydomain.com) {
return 301 https://$host$request_uri;
}
listen 80;
listen [::]:80;
}
The lighttpd server is running a python application that uses web.py module but the returned value by web.ctx.protocol still is HTTP when it should be HTTPS. It looks like lighttpd ignores the X-Forwarded-Proto header sent by Nginx.
What am I doing wrong? Is there any additional configuration to be done?
Thanks.
You have to configure lighttpd to trust headers from upstream. Use mod_extforward in lighttpd. See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModExtForward
Better than your many headers above, both nginx and lighttpd (via mod_extforward) support RFC 7239 Forwarded header.
https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/
Use of the "Forwarded" header should be preferred.

Kibana 5 not working behind nginx

I have setup ELK using docker (https://github.com/deviantony/docker-elk).
Then I added a subdomain to nginx with this config:
location / {
auth_basic "closed site";
auth_basic_user_file /var/www/passwd;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
proxy_pass http://localhost:5601;
}
When I now visit this subdomain I see that Kibana loads but then fails.
This is what my browser console shows:
When I visit Kibana directly using the IP of my server and the port 5601 it runs flawlessly. This only happens when being proxy_passed through nginx.

Resources