Nevermind, I got it all figured out.
Patrick J. Collins
https://collinatorstudios.com
On Thu, 15 Feb 2024, Patrick J. Collins wrote:
> I have a rails app that is purely an api server, with an angular frontend
> living under a subfolder in the public directory.. So the server&
/api/ {
passenger_app_root /home/my-app/;
passenger_enabled on;
}
location ^/api/ {
index angular-app/index.html;
passenger_enabled off;
}
...
}
```
And I still end up with 500s going anywhere other than api endpoints... Does
anyone one know what I can d
rg/iptables-extensions.man.html#lbDU
or ipf `dup-to' for FreeBSD:
https://www.freebsd.org/cgi/man.cgi?query=ipf&sektion=5&apropos=0&manpath=FreeBSD+12.1-RELEASE+and+Ports
Mirroring the inside interfaces will yield the un-TLS'd traffic.
Patrick
rces/wiki/start/topics/examples/imapauthenticatewithapacheperlscript/
Users need to login with "usern...@foo.com" or "usern...@bar.com"
otherwise name collisions will occur...
`Auth-User' will have the username, so match on the domain part to route
the use
d app also be changed to log an attack, and throw a
444 when it gets an `id' set to 2?
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On 2019-10-18 13:17, P.V.Anthony wrote:
> Tried the following and it works but is it safe?
>
> if ( $request_uri = "/test/place?id=2" ) {
> rewrite ^ http://new.example.com${uri}?${args}? last;
> }
Awesome. By `safe' do you mean netsec, o
tinues turn that `if' test into a regexp
that will match the migrated components.
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
st;
}
...
# all the locations go here
}
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
m of commit /
rollback, e.g. something like nginx-graceful[0] which automates the
recommended zero-downtime restart[1].
Patrick
[0] https://github.com/patrickhaller/nginx-graceful
[1] https://www.nginx.com/resources/wiki/start/topics/tutorials/commandline/
__
Forgot to update the second map; it should be:
map $is_admin$request_method $admin_required {
"0GET" 0;
"0HEAD" 0;
"0OPTIONS" 0;
"~1.*" 0;
default 1;
}
Patrick
On 2019-06-19 11:02, Patrick wrote:
> On 2019-06-18 16:41, Matthias M
On 2019-06-18 16:41, Matthias Müller wrote:
> 1) Permit POST, PUT if the request matches a trusted IP address OR
> Basic auth credentials (either-or)
Something like this will work:
map $remote_addr $is_admin {
1.2.3.4 1;
default 0;
}
map $is_admin$request_method $admin_required {
"GET"
cure Link should work -- however it's not great because unless the m3u8
playlist is generated on the fly, the media assets will not be protected
by the Secure Link setup.
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
#x27; instead of 'last' as per
https://nginx.org/en/docs/http/ngx_http_rewrite_module.html#rewrite
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
end
is written in another language, consider porting the cookie decryption
code to that language as ONAP uses the SunJCE flavor of AES/CBC/NoPadding
Note that to decrypt the cookie, the ONAP crypto config needs to be ported to
the nginx-clojure app as well.
Patrick
ure code.
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
decrypt the cookie using same Java library.
Hi!
A) Which java library? (have a url for it?)
B) is the setup going to be: browser -> nginx -> portal or browser ->
portal -> nginx ? When you say you receive requests from Portal, it
makes it seem lik
ultant is
probably the way to go.
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
t you need the browsers to see.
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
the cache.
The nginx config is just:
proxy_pass $upstream;
proxy_cache STATIC;
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
ll content can be served to the clients.
As you note, If-Modified-Since has a smallest time resolution of 1 second.
Can the upstream publish ETags and handle If-None-Match request headers
so that nginx can get 304s in response?
Patrick
___
nginx m
nce nginx is the front-end to a series
of mail servers that you control. Can you provide a little detail as to
what your mail architecture looks like?
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
, slices are read incrementally only as quickly as the client can
> consume them.
Hi,
Can you post illustrative tshark captures from the client-side?
tshark -n -Y http port 80 and host $SERVER_IP
tshark -n -Y ssl port 443 and host $SERVER_IP
rect all mail to nginx.org -- i.e. do not use the
email-od.com smart host to relay.
Patrick
> dig +short txt ruhnke.cloud
"v=spf1 mx a a:mout.ruhnke.cloud a:mxv6.ruhnke.cloud include:email-od.com ?all"
___
nginx mailing list
nginx@nginx
On 2019-05-09 08:48, Duke Dougal wrote:
> Is there any way to get autoindex to return a recursive list of
> files/directories?
What modules do you have available to work with?
Just using default built modules, there doesn't seem to be a way.
Using non-default modules, you could use:
1) ngx_http
On 2019-05-08 15:22, Brendan Doyle wrote:
> I switched to using iperf, and it all seems to be working fin now.
^
Ha! I see what you did there |
___
nginx mailing
hy would
nginx connect to the upstream?
Perhaps try your setup with a realistic load generator such as Tsung
or TRex.
https://en.wikipedia.org/wiki/Tsung
https://trex-tgn.cisco.com/
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/ma
aging they should have just used http://stage.aaa.com in the
first place.
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On 2019-05-06 16:18, ender ulusoy wrote:
> @Patrick Thanks, here is the config I have (short version)
Ok, now you need to know the IPs that the main office uses for outbound
HTTP requests.
However, it seems unlikely that *everyone* at the main office wants to
be on staging. You're
need more information about your architecture to be able to show you ways to
do this.
It might be more cost-effective to just chat with an engineer for hire.
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On 2019-05-03 09:33, Duke Dougal wrote:
> > The secret, expiry, and uri are the same from md5 generation to the
> > cURL request?
>
> Could you please explain the question further? - I’m not sure how to check
> this thanks.
Sure. Use shell variables -- e.g.
#!/bin/bash
secret="w00w00"
uri="/html
On 2019-05-01 10:06, Duke Dougal wrote:
> Any further ideas?
1) The URL returns 200 when the secure-link config is disabled?
url="http://127.0.0.1/html/index.html";
curl -sI $url
2) The secret, expiry, and uri are the same from md5 generation to the
cURL reque
/127.0.0.1/html/index.html?md5=${md5}&expires=${expiry}";
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
(other than in exceptional situations).
Maybe this can help:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Network-Bound_Disk_Encryption.html
Cheers,
Patrick
___
nginx mailing list
nginx
helloData wrote on 05/31/2018 04:10 PM:
> Hi Patrick,
>
> Thanks. Actually, I meant "signal", by mistake I wrote "start".
> I got the error "nginx: invalid option: "-s signal"
The problem is you shouldn't actually say "-s signal". T
t (d), I could do "sudo nginx -s stop"
> without any error.
>
> Any way to solve the error problem?
I looked in the man page, and "start" is not a valid option for -s. The
recognized options are stop, quit, reopen, reload.
To start nginx, just use:
sudo nginx
-- P
an bypass nginx and
keep-alive works fine. I do this by visiting http://127.0.0.1:9351
directly. Every time I refresh, I get the same PID.
So, is there ANY way to instruct nginx to keep using the same connection
every time, instead of tearing down and reconnecting on every request?
Tha
On Thu, Dec 3, 2015 at 1:44 PM, Valentin V. Bartenev wrote:
> On Thursday 03 December 2015 11:41:51 Patrick O'Brien wrote:
>> Hello,
>>
>> We're currently using nginx for SSL/TLS termination, which then
>> proxies the request to a pair of internal pai
Hello,
We're currently using nginx for SSL/TLS termination, which then
proxies the request to a pair of internal pair of load balancers.
Since the TLS handshake is performed before nginx is able to figure
out what hostname is being requested, except in cases where SNI is
used, it will accept any r
On Thu, Oct 22, 2015 at 2:08 PM, Maxim Dounin wrote:
> Hello!
>
> On Thu, Oct 22, 2015 at 02:02:09PM -0400, Jeff Kaufman wrote:
>
> > I remember hearing rumors that loadable module support was coming; is
> > there anything planned here?
> >
> > (ngx_pagespeed would love to distribute as a loadabl
ed an insecure script '
http://api.recaptcha.net/challenge?k=6LeSfwUAAN_HeFPkLBlDvM8PstRDO__CMTTx'.
This request has been blocked; the content must be served over HTTPS.
--
> Jim Ohlstein
>
>
> "Never argue with a fool, onlookers may not be able to tell the
&g
On Tue, Oct 13, 2015 at 6:09 AM, Andrew Hutchings
wrote:
> Hi!
>
> On Tuesday 13 October 2015 08:59:02 steve wrote:
> > Hi folks,
> >
> > I have a requirement from a customer that the terminal slash be
> > rewritten when accessing the homepage - eg example.com/ is a 301 to
> > example.com
> >
> >
-alpha-patch-http2/
http://nginx.org/patches/http2/
-Patrick
>
> rr
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
___
nginx
influence how we communicate who we are and what we do.
Please take a moment to complete the survey. It will remain open until March
30, 2015.
[1] http://survey.newkind.com/r/pXmteacd <http://survey.newkind.com/r/pXmteacd>
Patrick
(On behalf of the NGINX team globally.)
--
Patrick Nommense
#mainline
Patrick Nommensen
@pnommensen
> On Feb 5, 2015, at 7:29 AM, Daniël Mostertman wrote:
>
> Hi!
>
> We're using Debian 7.x (Wheezy), and because I rather have the latest version
> of nginx than the stock or backports version, I decided to add your
> repository.
Hi Simone,
When it's about the company [1] use “Nginx" and when it’s about the software
use “NGINX".
We’ll look to resolve present inconsistencies.
[1] http://nginx.com/company/
--
Patrick Nommensen
http://nginx.com
> On Dec 30, 2014, at 5:17 AM, hpatoio wrote:
>
08 Jul 2014
*) Feature: weak entity tags are now preserved on response
modifications, and strong ones are changed to weak.
HTH,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
vulnerability discovered by
Chris Boulton (CVE-2014-3556).
About your issue: maybe read
http://nginx.org/en/docs/http/configuring_https_servers.html and try
some of the setups described on that page and see if you can get them to
work (with a client that supports SNI).
HTH,
Patrick
utilize ldap, what could be wrong here?
I have never seen that error before. The revision that compiles and
works fine for me with nginx 1.4.7 and openldap-2.4.39 is this one:
https://github.com/kvspb/nginx-auth-ldap/tree/ee45bc4898d70770e06af9fe0a8c0088b4cb9f26
HTH,
Patrick
On 17-01-14 06:06, jamesandrewyoung wrote:
How to configure NGINX daemon so that blog.xxx.com becomes xxx.com/blog
Can anyone help me?
http://lmgtfy.com/?q=nginx+rewrite
Regards,
Patrick
___
nginx mailing list
nginx@nginx.org
http
On 10-01-14 09:16, Igor Sysoev wrote:
On Jan 10, 2014, at 12:13 , Andreas S. wrote:
Patrick Lists wrote in post #1132735:
On 09-01-14 22:48, Styopa Semenukha wrote:
Patrick,
It's not possible, because SSL works on lower level (session layer) than HTTP
(application layer).
Thank yo
Hi Styopa,
On 09-01-14 22:48, Styopa Semenukha wrote:
Patrick,
It's not possible, because SSL works on lower level (session layer) than HTTP
(application layer).
Thank you for your feedback. That's unfortunate. I hope to see flexible
SSL config one day as an enhancement (if poss
much
appreciated.
Thanks,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
tly 2.5.16) to
plug all the root exploits.
Regards,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
erver from other attacks?
Have a look at fail2ban.
Regards,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
7;s because CentOS 6 does not have the newer openssl
version 1.0.1 which is required for SPDY.
Regards,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Hi Francis,
On 05/30/2013 12:37 AM, Francis Daly wrote:
On Wed, May 29, 2013 at 04:35:03PM +0200, Patrick Lists wrote:
Hi there,
[snip]
What does
curl -I https:///doc/postfix-2.6.6/README_FILES/AAAREADME
show as the Content-Type?
If it is "text/plain", your nginx is doin
ation /images/ {
root /data/w3;
}
Thanks for the tip. Changed my config to:
# docs
location /doc/ {
#alias /usr/share/doc/;
root /usr/share;
autoindex on;
types { }
default_type text/plain;
}
I still have the same issue in the postfix subdir though.
Regards,
Pa
AAAREADME: ASCII text, with overstriking
Anyone have a hint what I am doing wrong?
Thanks!
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
module. See for example the ssl_stapling config option:
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling
Regards,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
command to know where that file is?
Wy doesn't the above entry work?
Have you checked the nginx init file in /etc/rc.d/init.d/ ?
Regards,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
gone now. Sorry for the noise.
Nginx 1.3.14 seems to work fine for me (light testing). Thanks for one
great piece of software!
Regards,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
(22:
Invalid argument)
No idea what it means. Maybe it is helpful for the developers.
Regards,
Patrick
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
62 matches
Mail list logo
