I need to specify the CA certificate that signed
the client certificate.
So I will try that, that confused me.
Thank you
Le jeudi 13 mars 2025 à 01:54:04 UTC+1, Thomas Ward a écrit
:
On 2025-03-12 19:45, Mik J wrote:
> When I read your explanation, I understand that
icate signed
by the valid CA certificate (which requires them to have the private
key, which if you handle data right will never happen) to access the
site or its resources (and simply would get Bad Request or similar
because they didn't send a proper SSL cert).
---
Unless I'm misund
Hello,
I remember from Nginx that "if" can be evil.
I would like to validate that if can be used in the a context where I would
like to authenticate my clients with a certificate.
if ($ssl_client_s_dn !~ "O=MyCorp") { return 403; }
Do you have any recommendation ?
Thank you
__
Hello,
Someone pointed this out to me
Maxim D.: The try_files directive changes URI of a request to the one matched
on the file system, and subsequent attempt to split the URI into
$fastcgi_script_name and $fastcgi_path_info results in empty path info - as
there is no path info in the URI aft
Hello Maxim,Thank you for this detailed answer.I'll keep it in my personal
notes.I wish you a good year for 2023
Le vendredi 30 décembre 2022 à 01:17:11 UTC+1, Maxim Dounin
a écrit :
Hello!
On Wed, Dec 28, 2022 at 11:05:01PM +0000, Mik J via nginx wrote:
> What is the best
Hello,
What is the best practice for these two situations:
1. Compress text files, should I make the compression on the reverse proxy or
on the backend server ?
2. Deny access to specific files for example, files starting with a dot .file,
should I write the rule on the reverse proxy or on the ba
Hello,
I have a website hosted on a server using nginx behind a nginx reverse proxy
but things don't work properly.
https://mywebsite.org => workshttps://mywebsite.org/admin => doestn't work it
redirects to https://mywebsite.org
On my backend serverserver {
listen 80;
server_name
Thannk you Jeffrey for your help
Le dimanche 11 décembre 2022 à 09:31:10 UTC+1, Jeffrey 'jf' Lim
a écrit :
On Sun, Dec 11, 2022 at 8:03 AM Mik J via nginx wrote:
>
> Hello,
>
> My Nginx server sends syslogs to my remote syslog server with a host =
> myserver
Hello,
My Nginx server sends syslogs to my remote syslog server with a host =
myserver.mydomain.org
However I would like that the host to be the IP a specific IP of the server
(which exists)
On my Nginx server
server {
...
access_log syslog:server=1.2.3.4;
error_log syslog:server=1.2.3.4;
Is i
p code is
not being processed.
Does anyone has a idea ?
Le mardi 19 juillet 2022 à 16:32:05 UTC+2, Mik J via nginx
a écrit :
Hello Ian,
Thank you for your answer. I did what you told me
Now I have on my reverse proxy
location / {
proxy_pass h
access to anypage inside the /log directory.
Thank you
Le samedi 23 juillet 2022 à 12:04:56 UTC+2, Mik J via nginx
a écrit :
Hello,
I use an application named Cacti and everything works well except the
logout.php page
So when I try to
accesshttps://example.org/index.phphttps://example.org
Hello,
I use an application named Cacti and everything works well except the
logout.php page
So when I try to
accesshttps://example.org/index.phphttps://example.org/graph_view.phpIt works,
code http is 200
But when I access the logout.php page a page 404 is returnedGET /logout.php
HTTP/2.0
For
ally, you need to protect against sneaks who try to execute code, by
adding a try_files thus...
location ~ \.php$ {
try_files $uri =450;
include /etc/nginx/fastcgi.conf;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
etc.
Hope this helps.
Ian
On 18/07/2022 05:08, Mik J via nginx wro
Hello,
I don't manage to make my thing works although it's probably a classic for
Nginx users.
I have a domain https://example.org
What I want is thishttps://example.org goes on reverse proxy => server1
(10.10.10.10) to the application /var/www/htdocs/app1https://example.org/app2
goes on reverse
,
You need to set the reverse proxy ip in the www server:
https://nginx.org/r/set_real_ip_from
Also note this will replace $remote_addr with the value from X-Real-IP header
(the original value is in $realip_remote_addr).
On Thu, Jun 30, 2022, at 21:56, Mik J via nginx wrote:
> Hello,
>
Hello,
I have a real server placed behing my reverse proxywww server 192.168.1.10
<---> 192.168.1.20 reverse proxy <---> NAT Firewall <---> Interrnet <--->
Client on Internet
My configuration on my reverse proxy (192.168.1.20) looks like that
location ^~ / {
proxy_pass h
Thank you for your answer Stuart.
I'm on an Openbsd platform and it's not available for it.
It seems to me a bit complicated because I'll have to insert it between the
Nginx reverse proxy and the end server. Have you used it ?
Le dimanche 5 mai 2019 à 04:01:54 UTC+2, Andrew Stuart
a écr
Hello,
I'm sucessfully accessing a server/site behind my reverse proxy with the
following URL
https://app.mydomain.org/screens/dashboard.html#/MainDashboard
But the following URL gives a 502 Bad Gateway
https://app.mydomain.org/screens/webui/resource/swccopolldata.json
I don't understand why bey
Hello,
I often try to solve problems between Nginx and the server communicating in
https
client <= https => Nginx <= https => server
And I don't have access to the server or it's a source code that is closed so
it's not possible to troubleshoot there.
Is there a way to see in clear text what i
the `return 301 ...` inside a location block too.
Otherwise, it overrides all the location blocks.
I'm on my phone now, but I'll try to share a sample file from one of my servers
(that works as you want it) when I get back to my computer.
Moshe
On Sun, Dec 2, 2018, 5:03 PM Mik J via
Hello,
I'd like to be able to offer let's encrypt in port 80 only and redirect
everything else to port 443
server {
listen 80;
listen [::]:80;
listen 443;
listen [::]:443;
server_name http://www.mydomain.org blog.mydomain.org;
location ^~ /.well-kn
param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
Le mercredi 30 août 2017 à 19:57:40 UTC+2, Francis Daly
a écrit :
On Sun, Aug 27, 2017 at 11:27:05AM +0000, Mik J via nginx wrote:
Hi there,
> > Thats because the pages are called by the reverse p
if nginx treats it differently
Le vendredi 5 janvier 2018 à 12:26:20 UTC+1, Francis Daly
a écrit :
On Fri, Jan 05, 2018 at 01:04:52AM +, Mik J via nginx wrote:
Hi there,
> I'm trying to finish to configure nginx for ipv6
> listen [::]:443 ssl;doesn't workbutlist
Hello,
I'm trying to finish to configure nginx for ipv6
listen [::]:443 ssl;doesn't workbutlisten [fc00:1:1::13]:443 ssl;works
I need to explicitly specify the ipv6 address whereas in ipv4 I don't need to
# nginx -V
nginx version: nginx/1.12.1
server {
listen 443 ssl;
# listen [::]:443 ssl;
fine
http://application1.org/wp-content/themes/Avada/images/divider-02.gifSo there's
just a problem with the previous URL
Another question, if I want to set expires header, would it be better to do it
on the reverse proxy or on the backend server ?
Regards
Le Dimanche 20 août 2017 22h08,
y application would be accessible by www.application1.org than
www.application1.org/app/application1 like right now
Le Jeudi 17 août 2017 21h35, Francis Daly a écrit :
On Thu, Aug 10, 2017 at 09:17:14PM +, Mik J via nginx wrote:
Hi there,
> I have application1.org and applicat
Nginx: 1.10.2
Hello,
I'm tryging to get reverse proxy working with multiple domains
I have application1.org and application2.org.
The client requesting these URLs, arrives one the reverse proxy.
On this reverse proxy I have a virtual host which looks like that
server {
listen 80;
server_
ither from downstream
or upstream if you think it is related to your problem.
If you got a question on the nginx configuration this ML is here to help.
Otherwise, you'll need to rereoute your question where appropriate.
---
B. R.
On Mon, Mar 6, 2017 at 10:35 PM, Mik J via nginx wrote:
Hel
Hello,
I have run an application behind a nginx reverse proxy and I can't make it to
work
a) if I access this application using https://1.1.1.1:443 it works (certificate
warning)b) if I access this application using https://myapp.mydomain.org, I get
access to the login page location ^~ / {
Hello Francis,Thank you very much.Everything works fine. Have a nice week
Le Mardi 22 novembre 2016 21h55, Francis Daly a écrit :
On Tue, Nov 22, 2016 at 06:51:28PM +, Mik J via nginx wrote:
Hi there,
> location ^~ / {
> proxy_pass http://10.1.1.1/service1;
Hello,
I don't know how to finalise my reverse proxy setup.
Client <--Internet-->Reverse_Proxy<--LAN-->Web_ServerWhen a client connects to
FQDN, the request is followed to the IP address of the webserver such
aslocation ^~ / {
proxy_pass http://10.1.1.1/service1;And it works but t
n a écrit :
Hello!
On Wed, Aug 17, 2016 at 12:05:24PM +0000, Mik J wrote:
> nginx version: 1.6.2
> Hello,
> The client and Nginx server seem to have problem to establish a SSL
> connection. In the logs I have this[crit] 18386#0: *1 SSL_do_handshake()
> failed
nginx version: 1.6.2
Hello,
The client and Nginx server seem to have problem to establish a SSL connection.
In the logs I have this[crit] 18386#0: *1 SSL_do_handshake() failed (SSL:
error:14094456:SSL routines:SSL3_READ_BYTES:tlsv1 unsupported extension:SSL
alert number 110) whle SSL handshaking
log level "main" in /etc/nginx/sites-enabled/default:13
The documentation only talks about access_log. Do you think it's normal ?
Le Mardi 2 août 2016 10h00, Francis Daly a écrit :
On Mon, Aug 01, 2016 at 11:25:46PM +, Mik J wrote:
Hi there,
> nginx: [emerg] unknow
nginx version: nginx/1.9.10
Hello,I'm trying to log the client IP within the x-forwarded-for field.
http://nginx.org/en/docs/http/ngx_http_log_module.html
The only problem is that I think I followed the instructions correctly but
nginx won't start# nginx
nginx: [emerg] unknown log format "main" i
only write this it works
Thank you
Le Mercredi 11 novembre 2015 20h45, Francis Daly a
écrit :
On Wed, Nov 11, 2015 at 06:50:54PM +, Mik J wrote:
Hi there,
> I tried both methods but none of them worked. I'm going to look at it more in
> details (and display the php
a
écrit :
On Wed, Nov 11, 2015 at 02:29:37PM +, Mik J wrote:
Hi there,
> > I want that a user who accessesnginx.org/informationwill be redirected in
> > the background tonginx/index.php?x=informationSo that my index.php page is
> > dymanic
>
> What does &quo
Hi there,
> I have checked many ways to implement what I want (including if is evil) and
> I've been able to reach what I wanted to do (something simple)
> I want that a user who accessesnginx.org/informationwill be redirected in the
> background tonginx/index.php?x=informationSo that my index.p
Hello,
I have checked many ways to implement what I want (including if is evil) and
I've been able to reach what I wanted to do (something simple)
I want that a user who accessesnginx.org/informationwill be redirected in the
background tonginx/index.php?x=informationSo that my index.php page is d
_
> De : wishmaster
>À : nginx@nginx.org
>Cc : "nginx@nginx.org"
>Envoyé le : Mardi 6 août 2013 10h10
>Objet : Re: Avice for my vhost configuration
>
>
>--- Original message ---
>From: "Mik J"
>Date: 6 August 2013, 00:44:37
>
>&
Hello,
I plan to configure my nginx server with a couple of vhosts.
For each of them I want:
- to use php
- deny access begining by a dot
- not logging access to favicon
So my configuration would look like that
server {
...
location ~ \.php$ {
root /var/www/htdocs/s
41 matches
Mail list logo
