I'm setting up a mail server using iRedMail and have everything installed and running. Now trying to change the self signed certificate for a Lets Encrypt using the certbot-auto client. I have added
location ~ /.well-known {
allow all;
}
into /etc/nginx/templates/misc.tmpl like this
location ~ /.well-known {
allow all;
}
# Deny all attempts to access hidden files such as .htaccess.
#location ~ /\. { deny all; }
# Handling noisy messages
location = ^/favicon.ico { access_log off; log_not_found off; }
location = ^/robots.txt { log_not_found off; access_log off; allow all; }
However when I restart nginx and browse to the URL, I get a 404, and certbot-auto also reports a 404.
I've placed it above the rule to restrict access to hidden files, so this should work.
Any ideas would be massively appreciated. Thanks in advance.
location /.well-known {
alias /opt/www/iredadmin/.well-known/;
}
Related
When I enable ssl on the website the pages won't load without index.php in the url. I have set Use Web Server Rewrites, Use Secure URLs in Frontend, and Use Secure URLs in Admin to Yes. Offloader header is set to SSL_OFFLOADED. I have cleared the cache on the website and my browser. I have checked phpinfo() and mod_rewrite is enabled. The secure and unsecure url both have https://. I have also replaced the .htaccess file with a fresh copy and it different make any difference.
That is what I have tried from various posts on Stackoverflow and I am unsure what to try next.
Are you using Apache or Nginx? Nginx does not read/use the .htaccess file. You need to use something like this in Nginx config:
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 14d;
log_not_found off;
}
location / {
index index.php;
try_files $uri $uri/ #handler;
}
location #handler {
rewrite / /index.php;
}
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
location /var/export/ {
auth_basic 'Restricted';
auth_basic_user_file htpasswd;
autoindex on;
}
location /. {
return 404;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
location /lib/minify/ {
allow all;
}
I have a setup where a server running nginx will be the front-end and also a load balancer that will upstream to a number of other servers which will be backend.
What I currently have is the webservers running nginx and reverse proxying to apache2 running on port 8000.
The idea is to have visitors first log in to the subdomain apps.xxxx.xxx which contains a list of all the companies applications. Upon clicking on one, then you get redirected to one of the apps which also has it's own login credentials that will be provided to potential customers to have a test run before purchasing.
All these apps are required to run from the one domain but from different paths.
Eg. apps.xxxx.xxx/app1 appps.xxxx.xxx/app2
Find attached my nginx config on the app servers
server {
listen 80 default_server;
root /home/MY_NAME/myapp/public;
index index.html index.htm index.php;
server_name _;
#location / {
# try_files $uri $uri/ /index.php$is_args$args;
#}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
}
location / {
proxy_pass http://SAME_SERVER:8000;
include proxy_params;
#try_files $uri $uri/ /index.php$is_args$args;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
sendfile off;
client_max_body_size 100m;
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
Server Setup:
VPS
Plesk 12.5
Centos 7
NGINX as reverse proxy to Apache 2.4
Path to NGINX config: /etc/nginx/nginx.conf
Plesk provides a GUI Apache & nginx Settings dialog box, but is unable to accept server{} blocks from there.
I've tried the following, and several variations thereof, without success:
server {
server_name xx.xx.xx.xx;
return 301 https://domain.com$request_uri
}
Here's another example of what we are trying to do and need to know where to place the code so NGINX reads and honors the instruction for execution.
server {
server_name newdomain.com www.newdomain.com;
# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;
# limit_conn limit_per_ip 16;
# ssi on;
access_log /home/nginx/domains/newdomain.com/log/access.log combined buffer=32k;
error_log /home/nginx/domains/newdomain.com/log/error.log;
root /home/nginx/domains/newdomain.com/public;
location / {
# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;
# Enables directory listings when index file not found
#autoindex on;
}
location /forums {
try_files $uri $uri/ /index.php;
}
location ~^(/forums/page/).*(\.php)$ {
try_files $uri $uri/ /index.php;
}
# Mask fake admin directory
location ~^/forums/admin/(.*)$ {
deny all;
}
# Secure real admin directory
location ~^(/forums/mynewadmin/).*(\.php) {
#allow 127.0.0.1;
#deny all;
#auth_basic "Restricted Area";
#auth_basic_user_file $document_root/forums/mynewadmin/.htpasswd;
include /usr/local/nginx/conf/php.conf;
}
# IP.Board PHP/CGI Protection
location ~^(/forums/uploads/).*(\.php)$ {
deny all;
}
location ~^(/forums/hooks/).*(\.php)$ {
deny all;
}
location ~^(/forums/cache/).*(\.php)$ {
deny all;
}
location ~^(/forums/screenshots/).*(\.php)$ {
deny all;
}
location ~^(/forums/downloads/).*(\.php)$ {
deny all;
}
location ~^(/forums/blog/).*(\.php)$ {
deny all;
}
location ~^(/forums/public/style_).*(\.php)$ {
deny all;
}
include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/drop.conf;
#include /usr/local/nginx/conf/errorpage.conf;
}
Where do I need to place this or similar directing in this scenario to direct all direct IP traffic to the domain name? I've tried placing the snippet in various NGINX config files so far without success.
Thanks.
You can try to add this into Nginx's "additional directives" in UI:
location /forums {
try_files $uri $uri/ /index.php;
}
location ~^(/forums/page/).*(\.php)$ {
try_files $uri $uri/ /index.php;
}
# Mask fake admin directory
location ~^/forums/admin/(.*)$ {
deny all;
}
# IP.Board PHP/CGI Protection
location ~^(/forums/uploads/).*(\.php)$ {
deny all;
}
location ~^(/forums/hooks/).*(\.php)$ {
deny all;
}
location ~^(/forums/cache/).*(\.php)$ {
deny all;
}
location ~^(/forums/screenshots/).*(\.php)$ {
deny all;
}
location ~^(/forums/downloads/).*(\.php)$ {
deny all;
}
location ~^(/forums/blog/).*(\.php)$ {
deny all;
}
location ~^(/forums/public/style_).*(\.php)$ {
deny all;
}
I've ignore all system-wide and commented settings. Also you can try to add content from
include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/drop.conf;
Pay attention that your web site root is placed into /httpdocs folder, according to this config I've see that you web root was in public directory.
Most easy way is to set default domain for IP xx.xx.xx.xx to domain.com in Tools & Settings > IP addreses > xx.xx.xx.xx
Also you can create .htaccess file in web root of domain.com with content:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^xx\.xx\.xx\.xx
RewriteRule (.*) http://domain.com/$1 [R=302,L]
Why it does not work via Additional directives?
plesk include custom directives inside of nginx domain's server{} - so server inside server is not possible. It's by design.
custom directives includinв at the end of nginx domain's server{} so if request was catch by some upper rule or location all other will be ignored for this request.
I have some mp3 files in different directories other than root directory.
When users click on the links to mp3, instead of downloading it starts streaming in most browsers (mostly in mobile browsers).
I have tried adding the below code in the .htaccess, but no luck
<FilesMatch "\.(?i:mp3)$">
ForceType application/octet-stream
Header set Content-Disposition attachment
</FilesMatch>
My server is build in apache and nginxcp (nginx admin). Can anyone help me out?
EDIT: Below is the edited file for my domain vhost file. But after i rebuild host and restart nginx, the file change to its original one and the code "location ~ .mp3$ { add_header Content-Disposition attachment; }" becomes disappears.
server {
error_log /var/log/nginx/vhost-error_log warn;
listen 198.xxx.xx.xxx:80;
listen [::]:80;
server_name dl.xxxx.com www.dl.xxxx.com;
access_log /usr/local/apache/domlogs/dl.xxxx.com-bytes_log bytes_log;
access_log /usr/local/apache/domlogs/dl.xxxx.com combined;
root /home/xxxx/public_html/download;
#location / {
location ~*.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso)$ {
expires 1M;
try_files $uri #backend;
}
location / {
error_page 405 = #backend;
add_header X-Cache "HIT from Backend";
proxy_pass 198.xxx.xx.xxx:8081;
include proxy.inc;
include microcache.inc;
}
location #backend {
internal;
proxy_pass http://198.xxx.xx.xxx:8081;
include proxy.inc;
include microcache.inc;
}
location ~ .*\.(php|jsp|cgi|pl|py)?$ {
proxy_pass http://198.xxx.xx.xxx:8081;
include proxy.inc;
include microcache.inc;
}
location ~ /\.ht {
deny all;
}
location ~ \.mp3$ { add_header Content-Disposition attachment; }
}
I need to make url rewrite rules (server blocks) in nginx server same like in my previous apache server.
This is code from .htaccess what I need to implement (convert) into my existing one:
RewriteRule ^([A-Za-z0-9-]+)/([A-Za-z0-9-/_]+)$ admin/index.php?hotelname=$1&do=$2 [QSA]
RewriteRule ^(([A-Za-z0-9-/]+)+)$ admin/index.php?hotelname=$1 [L]
This code is in my website because I need to hide in adress bar folder(/admin/) where is located files after login. And when somebody is already login, adress bar is like www.domain.com/username and when you click to menu adress is like www.domain.com/username/page1, www.domain.com/username/page2, www.domain.com/username/page3.
This is what I need to achive in nginx. Because now is complete backend without function. When I login to backend, I'm redirected to www.domain.com/username but on screen I can see only File not found. In backend working only when I manualy add www.domain.com/admin/index.php.
This is my actual config for nginx :
server_names_hash_bucket_size 64;
server {
listen 80;
server_name example.com;
return 301 $scheme://www.example.com$request_uri;
}
server {
listen 80;
root /usr/share/nginx/www;
index index.php;
server_name www.example.com;
error_page 404 http://www.example.com/404.php;
autoindex off;
location / {
rewrite ^([^\.]*)$ /$1.php;
}
location = / {
rewrite ^ /index.php;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
When I try to change my block to:
location / {
rewrite ^([^\.]*)$ /$1.php;
rewrite ^/([A-Za-z0-9-]+)/([A-Za-z0-9-/_]+)$ /admin/index.php?hotelname=$1&do=$2;
rewrite ^/(([A-Za-z0-9-/]+)+)$ /admin/index.php?hotelname=$1 break;
}
Each my css file have error 500...
I will be very grateful with any help!
Thanks a lot.
You are putting this in your / location, that means that all your requests not matched before you drop here. You have to create a location role specific for this entry before the location /
location ^/([A-Za-z0-9-]+)/([A-Za-z0-9-/_]+)$ {
rewrite ^/([A-Za-z0-9-]+)/([A-Za-z0-9-/_]+)$ /admin/index.php?hotelname=$1&do=$2;
}