Score:1

Server

When I declare multiple NGINX server blocks why do they affect each other?

Jackie

5/18/24, 2:13 AM

I have the following server blocks...

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /run/nginx.pid;
events {
    worker_connections 1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    server {
        listen       443 ssl http2;
        listen       [::]:443 ssl http2;
        include      snippets/self-signed.conf;
        include      snippets/ssl-params.conf;
        server_name  secondave.net www.secondave.net;
        location / {
          proxy_pass http://localhost:3000;
        }
    }
    server {
        listen 80;
        listen       [::]:80;
        server_name  _;
        location / {
          proxy_pass http://localhost:3000;
        }
    }
}

However I would expect this to work...

    server {
        listen       443 ssl http2;
        listen       [::]:443 ssl http2;
        include      snippets/self-signed.conf;
        include      snippets/ssl-params.conf;
        server_name  secondave.net www.secondave.net;
        location / {
          proxy_pass http://localhost:3000;
        }
    }
    server {
        listen 80;
        listen       [::]:80;
        server_name  _;
    }

But if I try to do it this way the reverse proxy doesn't work anymore. Why is it requiring the proxy_pass both places?

Here is me trying to call the endpoint without the proxy_pass in the port 80 block as well...

[ec2-user@... nginx]$ curl --insecure https://secondave.net
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>

Notice the Welcome to nginx!, this is not what the proxied site says. When I add it back again I see the expected site again...

[ec2-user@... nginx]$ sudo vi nginx.conf 
[ec2-user@... nginx]$ sudo systemctl restart nginx
[ec2-user@... nginx]$ curl --insecure https://secondave.net
<!DOCTYPE html><html><head><meta charSet="utf-8"/><title>THEJa

This is using AWSLinux2023 which I believe is part of selinux and nginx is installed using yum.

Additional Info

[ec2-user@... ~]$ cat /etc/nginx/nginx.conf 
...
http {
    ...
    server {
        ...
    }
    server {
        listen 80;
        listen       [::]:80;
        server_name  secondave.net www.secondave.net;
        return 404;
    }
        
}
[ec2-user@... ~]$ sudo systemctl restart nginx
[ec2-user@... ~]$ curl --insecure https://secondave.net
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

1 + 5

nginx

Jaromanda X

5/18/24, 4:23 AM

perhaps you're using `http`, therefore you need the proxy on `http`, since a proxy on `https` doesn't proxy any incoming `http`

Tero Kilkanen

5/18/24, 11:56 AM

Please elaborate "reverse proxy doesn't work anymore". What is the exact request you make, from where and what is the exact result and what is the expected result?

Jackie

5/18/24, 12:24 PM

@TeroKilkanen the expected result would be that 443 proxies but 80 does not. The result is that neither render the proxied endpoint. I will get a curl response for it in a bit.

Jackie

5/18/24, 12:24 PM

@JaromandaX I can confirm I am using https and port 443

Jackie

5/18/24, 12:37 PM

More details added including the curl command showing the https and the response received when the port 80 proxy is commented out

Score:0

Server

Tero Kilkanen

5/18/24, 3:38 PM

Your server block for HTTP doesn't have a server_name. Therefore it does not process the request, but the request is passed to nginx default_server, which typically shows the page you see.

You should have at least this for port 80:

server {
    listen 80;
    listen [::]:80;
    server_name <hostname>;

    return 404;
}

This configuration returns HTTP Not found error code for all failing requests.

+ 3

Jackie

5/18/24, 5:58 PM

Not sure what you mean the underscore in server name is fine "In catch-all server examples the strange name “_” can be seen: " http://nginx.org/en/docs/http/server_names.html

Jackie

5/18/24, 6:30 PM

Test is added to the post. As expected it isn't working

Tero Kilkanen

5/18/24, 8:39 PM

The underscore can be used when the `server` block is a catch-all server. However, your configuration does not have the `default_server` attribute in the `server` block, therefore it is not a catch-all server. I don't see how my example is not working - it does not proxy anything, and that is the requirement you have given in your question.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: When I declare multiple NGINX server blocks why do they affect each other?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.