Re: Trouble setting up SSL

Here are a few things you can check (all of these need to be run as root or using `sudo`): Is nginx actually listening on port 443? There are lots of different commands you can use to check this, but I like to use `netstat -lptn | grep nginx`. Is there an error in your config? Check this with `ng

Re: Is nginx still vulnerable to CVE-2009-4487 ?

I can't speak for the nginx team, but as noted by "Severity: none", I assume they agree with many other vendors that this is not actually a vulnerability in nginx itself. For example, here is what the authors of Varnish said in response to this CVE: > This is not a security problem in Varnish or

Re: Strategies for large-file upload?

Our "large" files are usually closer to 1 GB than 10-100 GB, but the general idea should be the same. We tried using https://github.com/vkholodkov/nginx-upload-module (docs at https://www.nginx.com/resources/wiki/modules/upload/), but we had a hard time getting it to work properly, and it might no

Re: gmer3.itd.sterling.com/home.htm in the access log

oming from. It is not my proxy_pass value. > > It is not part of the POST request or part of the nginx proxy_pass or any > thing I can find in my configuration. > > > > Is my post being sent to both my proxy_pass value and this site in the > log? Do I have a hacked n

Re: gmer3.itd.sterling.com/home.htm in the access log

Benn, That part of the log is not the request URL, it is the referrer header. The path that was requested on your server is before that - a POST request to "/cr-bin/mp.exe". The referrer (which the HTTP standard actually misspells as "referer") is the web page that is making this request to your s

Re: in search of the complete 444

et a 400 with 'curl http://localhost:443'. I believe you should > get the same if you were to send http to the https server? > > -jf > > On Tue, Jun 9, 2020 at 9:15 AM Moshe Katz wrote: > > > > Sorry, I wasn't actually in front of a server where I could che

Re: in search of the complete 444

es on the idea of the intelligent man as a static entity > only shows himself to be a fool. > > On Tue, Jun 9, 2020 at 4:54 AM Moshe Katz wrote: > > > > I found the same question asked on StackOverflow a few years ago: > https://stackoverflow.com/questions/4142/http-444

Re: in search of the complete 444

I found the same question asked on StackOverflow a few years ago: https://stackoverflow.com/questions/4142/http-444-no-response-instead-of-404-403-error-pages The accepted answer says to do it this way: ``` error_page 400 =444 @blackhole; location @blackhole { return 444; } ``` They ke

Re: PHP handling where URI contains a path, index is in root

Your problem is that you are adding an extra question mark. >From the docs: > $is_args > “?” if a request line has arguments, or an empty string otherwise Take the extra question mark out of your try_files line. It should look like this: try_files $uri $uri/ /index.php$is_args$args; Moshe O

Re: nginx 1.18.0 does not reload on ubuntu 18.04

I installed nginx on Ubuntu 18.04 from the nginx official repository, and the provided systemd service file is much simpler than yours. It looks like this: ``` [Unit] Description=nginx - high performance web server Documentation=http://nginx.org/en/docs/ After=network-online.target remote-fs.targe

Re: Issue with NGINX and proxy: HTTP/1.1 505 HTTP Version not supported

It looks like HP has decided to only support HTTP 1.0 or HTTP 1.1 on this printer, though it is not clear which one they are using since you didn't show the headers of your request direct to the printer. If you do `curl -v http://192.168.1.XX` it will show you the headers, which include the HTTP v

Re: RD Gateway thru Reverse Proxy

RD Gateway isn't a real HTTP(S) connection, so you need to use a `stream` block. This has been discussed on this email list several years ago: https://forum.nginx.org/read.php?11,266872 Moshe On Tue, Dec 10, 2019, 4:11 PM jriker1 wrote: > I have multiple servers internal that need to use port

Re: Client Certificate subject information

If your application is using fastcgi or proxy configuration in nginx, you need to have nginx put the information from the certificate into a FastCGI parameter or an http header that your application can read. Use something like `fastcgi_param DN $ssl_client_s_dn;` for FastCGI or `proxy_set_header

Re: avoid redirect

much simpler. Moshe -- Moshe Katz -- kohenk...@gmail.com -- +1(301)867-3732 On Sun, Dec 2, 2018 at 5:09 PM Moshe Katz wrote: > I believe you need to put the `return 301 ...` inside a location block > too. Otherwise, it overrides all the location blocks. > > I'm on my phone now

Re: avoid redirect

I believe you need to put the `return 301 ...` inside a location block too. Otherwise, it overrides all the location blocks. I'm on my phone now, but I'll try to share a sample file from one of my servers (that works as you want it) when I get back to my computer. Moshe On Sun, Dec 2, 2018, 5:0

Re: Nginx only serves 1 App

Here's how you would do it: First, run this command (substituting your example of `new.page.com` for any other new domain): certbot certonly --webroot -w /usr/share/nginx/html -d new.page.com *Note that the "webroot" directory is the same for ALL sites here, because of these lines: https://gist

Re: Nginx only serves 1 App

`/etc/letsencrypt/renewal/*` and add the following line in the `[renewalparams]` section: deploy_hook = /bin/systemctl reload nginx Of course, that means you need to modify the renewal file for each domain separately. Moshe -- Moshe Katz -- kohenk...@gmail.com -- +1(301)867-3732 On Wed, May 16, 20

Re: Nginx only serves 1 App

changed the path for `.well-known` in the config files in my Gist, you will also need to change it here.) Let me know how this works for you. Moshe -- Moshe Katz -- kohenk...@gmail.com -- +1(301)867-3732 On Tue, May 15, 2018 at 4:32 PM Nginx-Chris wrote: > Dear Moshe > > I did swi

Re: Nginx only serves 1 App

HTTPS configuration for Mattermost and see if that helps. -- Moshe Katz -- kohenk...@gmail.com -- +1(301)867-3732 On Tue, May 15, 2018 at 4:35 AM Nginx-Chris wrote: > Root Server with Ubuntu 16.04. > Nginx Version: 1.10.3 > > I have an Nginx server that serves 1 Application: An open source Cl

Re: Packages for Ubuntu 18.04 "Bionic"?

Great. thanks! On Tue, May 8, 2018 at 10:28 AM Konstantin Pavlov wrote: > Hello, > > 07.05.2018 19:12, Moshe Katz wrote: > > Hello, > > > > I see that the new Ubuntu 18.04 release has Nginx 1.14.0 > > <https://packages.ubuntu.com/bionic/web/nginx> as i

Packages for Ubuntu 18.04 "Bionic"?

Hello, I see that the new Ubuntu 18.04 release has Nginx 1.14.0 as its install version. However, as new development progresses, I will want to be on the `mainline` version on my servers. Right now, there is no official Nginx package support for 18.04,