Problem using nginx as reverse proxy server on Windows Server 2016
Victor Oppenheimer
victor at camb.com
Sat Feb 3 18:50:39 UTC 2024
I am trying to run nginx as a reverse proxy server on my Microsoft Windows
Server 2016 Standard computer.
I previously have used Microsoft IIS and Apache Tomcat on this computer to
serve webpages on port 80 and port 8080 respectively.
However, I want to have some of my websites use SSL and be accessed
using HTTPS.
So, I decided to install the nginx web server software on
the computer. I planned to using it as a reverse proxy server which
would receive both insecure HTML and secure HTTPS webpage requests and
then proxy them to the appropriate software webservers on the same
computer.
I changed all the IIS sites that had been using port 80 to use port 81
instead.
I then wrote the nginx.conf configuration file which listens on port 80
for each of
my server_names and then proxy the page requests to the appropriate
software webserver.
Once that works, I plan to install the SSL certificates in nginx and
process secure
HTMLS requests as well.
But nginx fails to start on the computer. It produces the following
error message.
bind() to 0.0.0.0:80 failed (10013: An attempt was made to access
a socket in a way
forbidden by its access permissions)
Because the message appears to indicate that there is a conflict using
port 80 decided
to see which tasks were using port 80. To do so, I opened a command
window with
administrative privileges and ran the following command:
netstat -ano | findstr :80
I then examined the output for entries with a state of "LISTENING" and a
local address
of "0.0.0.0:80" or ":::80" (IPv6). The output's "PID" column provided
the process ID
(PID) of the process using port 80.
I then used Task Manager to find the process names associated with that
PIDs.
I found that port 80 is being used by both task "System" by user
"SYSTEM" for "NT Kernel and System"
with a PID of 4 and also for task "System Idle Process" by user "SYSTEM"
for
"Percentage of time the processor is idle" with a PID of 0.
I then tried to open nginx on my Windows 11 pro home desktop computer.
It opened successfully
and functioned doing reverse proxying as I desired. For comparison
sake, I looked at the
tasks using port 80 as I had on my windows server. On the desktop, the
only task using port
80 is nginx.
I then changed the nginx listening directives on the Windows Server
computer to listen on
port 90 rather than port 80. After this change on the MS Windows Server
2016 nginx
succeeded in starting and performed reverse proxying successfully.
This seems to indicate that the problem is with a conflict in the use of
port 80 rather than in my
nginx configuration.
However, remote website users browse to my website pages using the
default port of 80 rather than port 90.
How can I make the system work?
For completeness I am copying the nginx.conf file listening on port 80
below.
# directives in the 'main' context
worker_processes 1;
events { # events context/block
# configuration of connection processing
}
http { # http context specific to HTTP affecting all virtual servers
server_names_hash_bucket_size 64; # avoids error message for
multiple server_Name entries
server { # configuration of yogisource HTTP virtual port 80 server
listen 80;
server_name yogisource.com www.yogisource.com;
location / {
proxy_pass http://yogisource.com:81/;
} # end of location block
} # end of yogisource server block
server { # configuration of clearwaterescapes HTTP virtual port 80
server
listen 80;
server_name clearwaterescapes.com www.clearwaterescapes.com;
location / {
# send local host requests of the form
http://clearwaterescapes.com to
# http://clearwaterescapes.com:8080/vo/Clearwater
proxy_pass http://clearwaterescapes.com:8080/vo/Clearwater/;
} # end of location block
location /camp/ {
proxy_pass
http://clearwaterescapes.com:8080/vo/Clearwater/Camp/?Prop=2;
} # end of location block
# // http://clearwaterescapes.com:81/Clearwater/Camp/camprental.pdf
works ...
# The following Nginx location directives sends clearwaterescapes.com
urls
# containing case insensitive "camp" or "house" to ClearwaterEscapes on
# port 81 where to be served by the Microsoft IIS server
location ~* ^/camp/ {
set $proxy_pass_url http://ClearwaterEscapes.com:81/camp/;
proxy_pass $proxy_pass_url;
# proxy_pass http://ClearwaterEscapes.com:81/camp/ ;
} # end of location block
location ~* ^/House/ {
set $proxy_pass_url http://ClearwaterEscapes.com:81/house/;
proxy_pass $proxy_pass_url;
} # end of location block
} # end of ClearwaterEscapes server block
server { # configuration of freshpondrentals HTTP virtual port 80
server
listen 80;
server_name freshpondrentals.com www.freshpondrentals.com;
location / {
# send local host requests of the form
http://freshpondrentals.com to
# http://freshpondrentals.com:8080/vo/camb
proxy_pass http://freshpondrentals.com:8080/vo/camb/;
} # end of location block
location /StudioApartment/ {
# send local host requests of the form
# http://freshpondrentals.com/camb/StudioApartment
# to
# http://freshpondrentals.com:8080/vo/camb/StudioApartment
proxy_pass
http://freshpondrentals.com:8080/vo/camb/StudioApartment/index.jsp/;
} # end of location block
} # end of freshpondrentals server block
server { # configuration of oppsprops HTTP virtual port 80 server
listen 80;
server_name oppsprops.com www.oppsprops.com;
# listen 443 ssl;
# ssl_certificate "C:/nginx/conf/ssl/certs/oppsprops.com.crt";
# ssl_certificate_key "C:/nginx/conf/ssl/keys/oppsprops.com.key";
#
# location / {
# proxy_pass http://oppsprops.com:81/;
# } # end of location block
location ~ /.jsp$ {
set $proxy_pass_url http://oppsprops.com:8080;
proxy_pass $proxy_pass_url;
} # end of location block
location / {
proxy_pass http://oppsprops.com:8080/;
} # end of location block
} # end of oppsprops server block
} # end of http block
More information about the nginx
mailing list