Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 
920 posts

Ultimate Geek
+1 received by user: 281

Trusted

  Reply # 1575152 16-Jun-2016 16:43
Send private message

So you will have a main file which would be

 

/etc/nginx/nginx.conf 

 

This could have a default server in it, Im not sure. 

Then in the sites available there will possibly be a file called default. But inside the nginx.conf it only includes the symlink folder which will be /etc/nginx/sites-enabled/* 

 

So if you have removed the symlink for the default then it wont get included.

 

See the config page here on how to set it up the default (second code block on that page)

 

https://www.nginx.com/resources/wiki/start/topics/examples/server_blocks/?highlight=default%20server

 

 








2391 posts

Uber Geek
+1 received by user: 690


  Reply # 1575167 16-Jun-2016 16:56
Send private message

timmmay:

 

Paul1977:

 

That's what I've been trying but it is not working. do i put this in the "default" file under /etc/nginx/sites-available?

 

 

Yeah that would typically work. Doesn't matter which file it goes in. Make sure "default" isn't in any of the other files.

 

 

Default is now working for port 80, but when I do a similar rule for 443 it stops legitimate https requests to valid servers as well.





 Home:                                                           Work:
Home Work


920 posts

Ultimate Geek
+1 received by user: 281

Trusted

  Reply # 1575171 16-Jun-2016 17:02
Send private message

The default server should be a "Catch All".

 

So either the incoming requests do no match what you have specified in your server_name section but you can specify multiple. The default will get used after all the others are not found to match.

 

What I am saying is you might need something like... 

 


server {

 

server_name www.domain1.com domain1.com; # notice how i got no www and a www here?

 

; access_log logs/domain1.access.log main; root /var/www/domain1.com/htdocs; }

 

# a default for port 80
server {

 

listen 80 default_server;

 

server_name _;

 

access_log logs/default.access.log main;

 

 

server_name_in_redirect off;

 

root /var/www/default/htdocs;
location { #tralalalala la

 

    }
}
# and a default for 443.

 

server {

 

listen 443 default_server;

 

server_name _;

 

access_log logs/default.access.log main;

 

 

server_name_in_redirect off;

 

root /var/www/default/htdocs;
location { #tralalalala la

 

    }
}

 

 

 





14216 posts

Uber Geek
+1 received by user: 2572

Trusted
Subscriber

  Reply # 1575182 16-Jun-2016 17:16
Send private message

I've never done a default server for https. My sites are behind CloudFlare with IP deny set up so I can't even try it to see what happens.

 

Do you need to set up certificates and such for a SSL default server? Could you even?





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




2391 posts

Uber Geek
+1 received by user: 690


  Reply # 1575185 16-Jun-2016 17:25
Send private message

Thanks guys,

 

I think I've found the problem. Looks like I need a certificate setup in the default_server bit for SSL, even though I just want it to drop the connection. I guess that makes sense when I think about it as it needs the certificate before it can determine what url was requested.

 

I'll test a bit more tomorrow, and once it all looks good I'll post my config if anyone is interested.

 

Thanks again.




2391 posts

Uber Geek
+1 received by user: 690


  Reply # 1575187 16-Jun-2016 17:29
Send private message

timmmay: Do you need to set up certificates and such for a SSL default server? Could you even?

 

Just saw this after my last post. Yes, that's exactly what I needed to do.

 

It results in the standard untrusted certificate warning, and if you choose to proceed it just drops the connection. I tested pointing at my proper certificate and it works, but I'll change this to a self-signed one for the default server.





 Home:                                                           Work:
Home Work


1 | 2 | 3 | 4 
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.