How do I deny illegal host headers besides all subdomains (wildcard solution) and the main domain with nginx? When using this code below all of the subdomains stop working.
if ($host !~* ^(domain.com|*.domain.com)$ ) {
return 444;
}
My server name is:
server_name domain.com *.domain.com;
How can this be accomplished?
See if this works for you:
if ($host !~* ^(.+\.)?domain\.com$ ) {
return 444;
}
You need to escape the periods, otherwise they will be interpreted as "any character". You can also simplify the regex a bit by matching an optional subdomain prefix before "domain.com".
A cleaner solution would be to create a separate (default) server block for "other" server names:
server {
server_name .domain.com; # shorter form for "domain.com *.domain.com"
... # your main config here
}
server {
listen *:80 default_server;
server_name "";
return 444;
}
Related
I am trying to exclude some paths in my nginx proxypass and want everything else to go to my proxypass.
i.e I dont want to give proxy_pass to any url which starts with 'tiny' or 'static', but want everythign else to go to my proxypass location.
and I am using following regex to achieve this:
~ ^((?!tiny|static).)*$
But I always get 404 error.
If I navigate to following url in browser
localhost:8080/xyz
I want it to go to
localhost:8000/api/tiny/records/xyz
Can someone please help me in pointing out what is the issue ?
Here is my full nginx conf file:-
server {
listen 8080;
server_name localhost;
location ~ ^((?!tiny|static).)*$ {
proxy_pass http://localhost:8000/api/tiny/records/$1;
}
location / {
proxy_pass http://localhost:8000;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
Thanks a lot.
You are missing a / and have the * in the wrong place. The regular expression should be:
^(/(?!tiny|static).*)$
But you do not need to use a regular expression with a negative lookahead assertion. Instead, place a normal regular expression on the other location block.
For example:
location / {
proxy_pass http://localhost:8000/api/tiny/records/;
}
location ~ ^/(tiny|static) {
proxy_pass http://localhost:8000;
}
I want to forward all paths that start with /api/ (/api/* ??) to port 1000 but the actual configuration either forwards only the paths that contain "/api/" and nothing else after (/api/login is not forwarded)
location /api/ {
proxy_pass http://localhost:1000/;
}
or it doesn't work at all
location ~ ^/api/(.*)$ {
proxy_pass http://localhost:1000/;
}
. The server is cinfigured as fallows:
server {
listen 80;
keepalive_timeout 70;
server_name server_name;
location / {
root /var/www/html;
index index.html;
}
location /api/ {
proxy_pass http://localhost:1000/;
}
}
I would appreciate any help, Thank you!
Note that with:
location /api/ {
proxy_pass http://localhost:1000/;
}
If there is request /api/foo, then your API server will see /foo.
If, on the other hand (note there is no trailing slash in proxy_pass) you use:
location /api/ {
proxy_pass http://localhost:1000;
}
Then for the same request, your API server will receive request "as is": /api/foo.
So make sure you use the right approach (slash / no slash) which depends on how your API server handles URLs (if it is configured to handle /api/foo URLs then you should not use trailing slash in the proxy_pass.
I want the following.
http://some.site/person1/some/path should access /home/person1/some/path (and http://some.site/person1 accesses /home/person1/index.html) and http://some.site/person2/some/path should access /home/person2/some/path (and http://some.site/person2 accesses /home/person2/index.html). There will be many personXes. It's important to use a regular expression to tell nginx where to find everything.
I tried coming up with a set of location, root and rewrite directives that would work. The closest I came was this for my sites-available/website.
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /some/default/root;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri.html $uri $uri/ =404;
}
location /person1 {
root /home/person1;
rewrite ^/person1(.*)$ $1 break;
}
}
This does what I want with all paths except for ones of the form http://some.site/person1. In this case, nginx doesn't access /home/person1/index.html like I want. Instead, the regex returns an empty string which nginx doesn't like (I see complaints in the nginx/error.log).
when you have common start root dir in /home, you can try with:
location ~* /person\d+ {
root /home;
}
I'm having troubles setting up a reverse proxy for a sub-subdomain using nginx.
I'm trying to create a configuration which allows me to resolve:
a.b.example.com ==> a.local.host.lan
Currently i am able to resolve it as follows:
a.b.example.com ==> a.b.local.host.lan
with following configuration:
server {
listen 80;
server_name ~^(.*)\.b.example\.com$;
set $servername $1;
rewrite ^(.*)$ https://$servername.local.host.lan;
}
any idea how to tokenize the $servername variable so i can split a and b?
I am trying to run a domain and sub-domain in the same port using Nginx, and do not have success yet.
I have a domain named www.just4bettors.mobi which is for a mobile page, and the subdomain must be named www.desktop.just4bettors.mobi which is clearly for the desktop site.
If you enter www.just4bettors.mobi everything works, you reach the page, but if you enter www.desktop.just4bettors.mobi you get This web page is not available. This is the server block I have so far
server {
large_client_header_buffers 1 1K;
listen 80;
server_name ~^(?<subdomain>[^.]*)\.?just4bettors.mobi$ just4bettors.mobi;
root /home/c0pt/capilleira/capilleiraclickandgamblemobile/www;
location / {
if ($subdomain) {
root /home/c0pt/capilleira/capilleiraclickandgambleweb/dist;
}
if ($host = "just4bettors.mobi") {
root /home/c0pt/capilleira/capilleiraclickandgamblemobile/www;
}
index index.html index.htm;
...
}
}
once I try to access to desktop.just4bettors.mobi, the console returns this GET http://desktop.just4bettors.mobi/ net::ERR_NAME_NOT_RESOLVED
you have that the roots are different here, mobile and web lives in separate places.
so, what am I missing here ?
I've managed Nginx configurations where millions of different domains were in use. It's very complicated trying to work inside one server{} block directive. Here is what I would do:
server {
large_client_header_buffers 1 1K;
listen 80;
server_name www.just4bettors.mobi;
root /home/c0pt/capilleira/capilleiraclickandgamblemobile/www;
location / {
...
}
}
server {
large_client_header_buffers 1 1K;
listen 80;
server_name www.desktop.just4bettors.mob;
root /home/c0pt/capilleira/capilleiraclickandgambleweb/dist;
location / {
...
}
}
You can read more about this here: http://wiki.nginx.org/Pitfalls#Server_Name