Join Log in
Score:0
Cebrayil avatar Server

Nginx reverse proxy doesn't work

ng flag
Cebrayil

After configured TheHive incident response platform,I am trying to configure redirection domain to ip adress but not working.when I write ip adress on browser,I can access web page.It is not possible with domain.I checked with "nslookup thehive.example.com" ,it shows me ip adress correctly.

Note:I redirected domain name to ip adress in our DNS server

server {
  listen 443 ssl;
  server_name thehive.example.com;

#  ssl on;
  ssl_certificate       /etc/nginx/ssl/thehive_cert.pem;
  ssl_certificate_key   /etc/nginx/ssl/thehive_key.pem;

  proxy_connect_timeout   600;
  proxy_send_timeout      600;
  proxy_read_timeout      600;
  send_timeout            600;
  client_max_body_size    2G;
  proxy_buffering off;
  client_header_buffer_size 8k;

  location / {
    add_header              Strict-Transport-Security "max-age=31536000; includeSubDomains";
    proxy_pass              http://127.0.0.1:9000/;
    proxy_http_version      1.1;
    proxy_set_header Connection "" ;
  }
}

Here curl result

curl -v http://thehive.example.com

* Could not resolve host: thehive.example.com
* Closing connection 0
curl: (6) Could not resolve host: thehive.example.com

It works when I do curl with ip address

 curl -v http://192.168.42.11:9000/index.html
*   Trying 192.168.42.11:9000...
* TCP_NODELAY set
* Connected to 192.168.42.11 (192.168.42.11) port 9000 (#0)
> GET /index.html HTTP/1.1
> Host: 192.168.42.11:9000
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Request-Time: 1
< Accept-Ranges: bytes
< Cache-Control: public, max-age=3600
< Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
< Date: Tue, 21 Dec 2021 05:34:12 GMT
< Content-Type: text/html; charset=UTF-8
< Content-Length: 1191
<
<!doctype html> <html ng-app="thehive"> <head> <meta charset="utf-8"> <title ng-bind="'TheHive' + (title ? ' - ' + title : '')"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <!-- <link rel="icon" type="image/png" href="images/favicon.png" /> --> <link rel="icon" type="image/png" href="images/favicons/favicon-196x196.png" sizes="196x196"> <link rel="icon" type="image/png" href="images/favicons/favicon-96x96.png" sizes="96x96"> <link rel="icon" type="image/png" href="images/favicons/favicon-32x32.png" sizes="32x32"> <link rel="icon" type="image/png" href="images/favicons/favicon-16x16.png" sizes="16x16"> <link rel="icon" type="image/png" href="images/favicons/favicon-128.png" sizes="128x128"> <link rel="stylesheet" href="styles/vendor.7dd02a27.css"> <link rel="stylesheet" href="styles/app.0688c7a8.css"> <style> app-container { display: block } </style> </head> <body ng-cloak class="hold-transition skin-blue layout-top-nav"> <page-loader flag="isLoading" bg-col* Connection #0 to host 192.168.42.11 left intact
or="#ecf0f5"></page-loader> <div ui-view></div> <script src="scripts/vendor.78eed977.js"></script> <script src="scripts/scripts.dcfd7451.js"></script> </body> </html>
208
0 + 0
cn flag
shearn89
If it works by IP but not DNS name, the problem is almost certainly with DNS. DNS can take a while to propagate - when did you make the changes?
0
Reply
Cebrayil avatar
ng flag
Cebrayil
@shearn89 1 week passed.when I write nslookup blabla.example.com ,it works
0
Reply
cn flag
Bob
Nice that `nslookup blabla.example.com` works, but the server_name is set to `thehive.example.com`
0
Reply
Cebrayil avatar
ng flag
Cebrayil
@Bob sorry. I mean nslookup thehive.example.com is working correctly
0
Reply
djdomi avatar
za flag
djdomi
you have 2 options either show us the logs and tell us what is not working, or tell us the correct name and let us see what is wrong
2
Reply
Cebrayil avatar
ng flag
Cebrayil
@djdomi which logs should I show you? I can do it.This is local system.even you know the domain ,I think it is not possible to troublehoot it
0
Reply
djdomi avatar
za flag
djdomi
please update the question, as it does not reflect the output you gave, please be detailed as possible
0
Reply
us flag
Tero Kilkanen
What exactly happens when you access it with domain name? Have you configured the domain name in the app configuration?
0
Reply
in flag
Gerald Schneider
Please use a text based tool to test the request (wget, curl) and share the complete output. Most probably the problem isn't nginx but the backend server.
0
Reply
Cebrayil avatar
ng flag
Cebrayil
@GeraldSchneider I edited question.I'm adding the result when I do curl
0
Reply
Score:1
avatar Server
us flag
Tero Kilkanen

The thehive.example.com does not have a DNS entry. Therefore your browser / curl cannot resolve its IP address.

You need to add a DNS entry, or add an entry to the hosts file on the system where you are making the request.

0 + 0
Cebrayil avatar
ng flag
Cebrayil
when I write in browser "thehive.example.com:9000" I can access service without ssl.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.