Reverse proxy for multiple domains

Mik J mikydevel at yahoo.fr
Sun Aug 27 11:27:05 UTC 2017 

Hello Francis,
Thank you for your answer.I've done many tests since then and yes indeed the problem came from the application => wordpress

It's necessary to define these two variables WP_HOME and WP_SITEURL or $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'] in wp-config.php
>From that question> Thats because the pages are called by the reverse proxy server
> like http://10.1.1.10:80/app/application1/;and it can't use a FQDN
> because it's in a private adressing
Francis: I don't follow that last part.=> I mean that the reverse proxy uses an IP to connect to the backend web server. If it used a fqdn, it has to resolve it, through a dns request

I still have problems, the site doesn't diplay properly because it can't load a javascript
On the reverse proxyserver {
    listen 80;
    listen 443 ssl;
    server_name application1.org;
...
    location / {
        location ~ /\.ht { deny  all; }
        proxy_pass        http://10.1.1.10/app1/;
        proxy_http_version 1.1;
        proxy_set_header  X-Real-IP        $remote_addr;
        proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_pass_header Set-Cookie;
    }


 On the backend serverserver {
        listen 80 default_server;
        server_name _;
        index index.php;
        root /var/www/htdocs;
...
        location /app1 {
          root /var/www/htdocs/;
          access_log /var/log/nginx/app1.access.log xforwardedLog;
          error_log /var/log/nginx/app1.error.log;
          index index.php;
          try_files $uri $uri/ /app1/index.php$is_args$args;          location ~ /\. { deny  all; }
          gzip off;
          location ~ \.php$ {
              root           /var/www/htdocs;
              try_files $uri =404;
              fastcgi_pass   unix:/run/php-fpm.app1.sock;
              fastcgi_split_path_info ^(.+\.php)(/.+)$;
              fastcgi_index  index.php;
              fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
              include        fastcgi_params;
          }


The request for the javascript looks like thathttp://application1.org/?wooslider-javascript=load&t=1503832510&ver=1.0.0 HTTP/1.1It arrives on the backend server I see it in the logs (file specified in the stanza location)
10.1.1.10 forwarded for IP_CLIENT - - [27/Aug/2017:13:15:12 +0200] "GET /app1/?wooslider-javascript=load&t=1503832510&ver=1.0.0 HTTP/1.1" 404 5 "http://application1.org/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0"
If I access a file from the internet, it works fine
http://application1.org/wp-content/themes/Avada/images/divider-02.gifSo there's just a problem with the previous URL
Another question, if I want to set expires header, would it be better to do it on the reverse proxy or on the backend server ?
Regards


    Le Dimanche 20 août 2017 22h08, Francis Daly <francis at daoine.org> a écrit :
 

 On Fri, Aug 18, 2017 at 07:01:26AM +0000, Mik J via nginx wrote:

Hi there,

> What would you do if you had ?
> CLIENT <-> INTERNET <->Reverse_Proxy<->Web_Server

That is the normal case, is it not? So just "use nginx as normal".

> On de web server I just use one default virtual host with multiple
> sections.

I think that if you configure your "back-end" server that way, you are
more likely to have problems reverse proxying than if you configure
"one virtual host = one application".

If you want to reverse-proxy an application installed at one part of its
local url hierarchy, so that it looks like it is installed at another
part of the url hierarchy, then it is your job to make sure that any
part of the content returned that the client browser might interpret as
a url on this server, is correctly relative to the "another part". (It
presumably is by default relative to the "one part".)

Unless the application was written with a config option to make that
job trivial, I think it is easier to have the "public" url and "private"
url be the same.

On your system, you can configure it however you want to.

> Thats because the pages are called by the reverse proxy server
> like http://10.1.1.10:80/app/application1/; and it can't use a FQDN
> because it's in a private adressing

I don't follow that last part.

It can use a hostname if you want it to use a hostname.

I expect that it will be easier for you if you use a hostname, or if
you use two services listening on different ports.

> Is there a way that the reverse proxy connects to 10.1.1.10 but pretend
> the GET/POST queries use application1.org ?

If you can describe the http request that you want the client to make
to nginx; and describe the matching http request that you want nginx to
make to the back-end, it may be clearer what you mean.

> I'd prefer my application would be accessible by www.application1.org than
> www.application1.org/app/application1 like right now

>From the config you have shown, nginx makes the application available
at www.application1.org. It looks to me like it is the back-end which
causes it to appear at www.application1.org/app/application1.

Possibly you should remove "proxy_redirect off;", and remove the
"proxy_set_header Host $http_host;" line.

Good luck with it,

    f
-- 
Francis Daly        francis at daoine.org
_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx


   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170827/fe701f71/attachment.html>

More information about the nginx mailing list