Score:0

Server

Ubuntu server not allowing domain to access laravel project [405]

Rose Riyadh

9/30/23, 11:35 AM

I have a problem where my laravel project is accessed by my static IP on Azure but not from the domain that I linked it with:

I use nginx and ufw

This is the error.log for my Nginx:

nginx configuration 
server {
    listen 80;
    listen [::]:80;
    server_name domain;
    root /var/www/app/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    index index.php;

    charset utf-8;

    location / {
        try_files $uri /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }
}

What should I do? what rule should I add?

2022/05/19 11:25:42 [error] 586486#586486: *1562 access forbidden by rule, client: 51.79.29.48, server: domain, request: "GET /.env HTTP/1.1", host: "ip"
2022/05/19 11:32:22 [error] 586486#586486: *1563 access forbidden by rule, client: 69.162.243.124, server: domain, request: "GET /.env HTTP/1.1", host: "ip"
2022/05/19 11:45:07 [error] 586486#586486: *1604 access forbidden by rule, client: 185.254.196.223, server: domain, request: "GET /.env HTTP/1.1", host: "ip"
2022/05/19 12:38:43 [notice] 600838#600838: signal process started```

To                         Action      From
--                         ------      ----
22/tcp (OpenSSH)           ALLOW IN    Anywhere                  
80/tcp (Nginx HTTP)        ALLOW IN    Anywhere                  
80                         ALLOW IN    Anywhere                  
443                        ALLOW IN    Anywhere                  
22/tcp (OpenSSH (v6))      ALLOW IN    Anywhere (v6)             
80/tcp (Nginx HTTP (v6))   ALLOW IN    Anywhere (v6)             
80 (v6)                    ALLOW IN    Anywhere (v6)             
443 (v6)                   ALLOW IN    Anywhere (v6)

0 + 0

ubuntu

nginx

domain

ufw

azure

Rose Riyadh

9/30/23, 8:00 AM

@IvanShatsky I removed it and restarted nginx and still the same problem

Ivan Shatsky

9/30/23, 12:25 PM

This isn't related to firewall, looks like some location denying access to hidden files, e.g. `location /. { deny all; }`

Gerald Schneider

10/1/23, 8:49 AM

Please provide your nginx configuration. We can't guess.

Rose Riyadh

10/1/23, 9:02 AM

@GeraldSchneider done

Gerald Schneider

10/1/23, 9:20 AM

I just noticed: The log entries only mention `/.env`. Are you sure you want to make your .env file publicly available? This seems like a pretty good precaution to prevent leaks of your configuration.

Rose Riyadh

10/1/23, 9:49 AM

@GeraldSchneider how can I make it private if you can help me?

Gerald Schneider

10/1/23, 10:11 AM

I don't understand what you mean by that. I'm just wondering if you actually have a problem with your server configuration or if you only think you do.

Rose Riyadh

10/1/23, 10:45 AM

I don't want to make it public and that's why I need help because I don't know why it's not hitting the routes themselves while it works fine when I access it by its IP @GeraldSchneider

Score:0

Server

Ajith Redrigo

10/1/23, 10:59 AM

You should add all the index files in your configuration,

sudo nano etc/nginx/sites-enabled

index index.php index.html index.hml;

And the configuration should be like this:

server {
listen 80;
server_name server_domain_or_IP;
root /var/www/app/public;

add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";

index index.html index.htm index.php;

charset utf-8;

location / {
    try_files $uri $uri/ /index.php?$query_string;
}

location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt  { access_log off; log_not_found off; }

error_page 404 /index.php;

location ~ \.php$ {
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
    include fastcgi_params;
}

location ~ /\.(?!well-known).* {
    deny all;
}
}

To confirm that your configuration doesn’t contain any syntax errors, use

sudo nginx -t

Note: If you are maintaining a firewall from your console then don't use ufw to allow port.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Ubuntu server not allowing domain to access laravel project [405]

TH: เซิร์ฟเวอร์ Ubuntu ไม่อนุญาตให้โดเมนเข้าถึงโครงการ laravel [405]

RO: Serverul Ubuntu nu permite domeniului să acceseze proiectul laravel [405]

RU: Сервер Ubuntu не разрешает домену доступ к проекту laravel [405]

VI: Máy chủ Ubuntu không cho phép tên miền truy cập dự án laravel [405]

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.