Problem using nginx as reverse proxy server on Windows Server 2016

Victor Oppenheimer victor at camb.com
Sun Feb 4 01:02:34 UTC 2024


Jeremy,

Thank you.  I tried to stopping the Web Deployment Agency Service and 
ran a test that seemed to work!  I will test it more extensively 
tomorrow. and let you know

Do you know if there are adverse consequences to changing it's start up 
type to "Manual".

Best,

    Victor

On 2/3/2024 5:27 PM, Jeremy Cocks via nginx wrote:
>
> Hello!
>
> > I found that port 80 is being used by both task "System" by user
> "SYSTEM" for "NT Kernel and System"
> with a PID of 4 and also for task "System Idle Process" by user "SYSTEM"
> for
> "Percentage of time the processor is idle" with a PID of 0.
>
> This is typically the Web Deployment Agent Service (MsDepSvc) (this 
> often uses PID4) or Host Network Service - both stoppable from from 
> services.msc
>
> Let us know how you get on!
>
>
> On Sat, 3 Feb 2024 at 18:51, Victor Oppenheimer <victor at camb.com> wrote:
>
>     I am trying to run nginx as a reverse proxy server on my Microsoft
>     Windows
>     Server 2016 Standard computer.
>
>     I previously have used Microsoft IIS and Apache Tomcat on this
>     computer to
>     serve webpages on port 80 and port 8080 respectively.
>
>     However, I want to have some of my websites use SSL and be accessed
>     using HTTPS.
>
>     So, I decided to install the nginx web server software on
>     the computer.  I planned to using it as a reverse proxy server which
>     would receive both insecure HTML and secure HTTPS webpage requests and
>     then proxy them to the appropriate software webservers on the same
>     computer.
>
>     I changed all the IIS sites that had been using port 80 to use
>     port 81
>     instead.
>     I then wrote the nginx.conf configuration file which listens on
>     port 80
>     for each of
>     my server_names and then proxy the page requests to the appropriate
>     software webserver.
>
>     Once that works, I plan to install the SSL certificates in nginx and
>     process secure
>     HTMLS requests as well.
>
>     But nginx fails to start on the computer.  It produces the following
>     error message.
>           bind() to 0.0.0.0:80 <http://0.0.0.0:80> failed (10013: An
>     attempt was made to access
>     a socket in a way
>           forbidden by its access permissions)
>
>     Because the message appears to indicate that there is a conflict
>     using
>     port 80 decided
>     to see which tasks were using port 80.  To do so, I opened a command
>     window with
>     administrative privileges and ran the following command:
>          netstat -ano | findstr :80
>
>     I then examined the output for entries with a state of "LISTENING"
>     and a
>     local address
>     of "0.0.0.0:80 <http://0.0.0.0:80>" or ":::80" (IPv6). The
>     output's "PID" column provided
>     the process ID
>     (PID) of the process using port 80.
>
>     I then used Task Manager to find the process names associated with
>     that
>     PIDs.
>
>     I found that port 80 is being used by both task "System" by user
>     "SYSTEM" for "NT Kernel and System"
>     with a PID of 4 and also for task "System Idle Process" by user
>     "SYSTEM"
>     for
>     "Percentage of time the processor is idle" with a PID of 0.
>
>     I then tried to open nginx on my Windows 11 pro home desktop
>     computer.
>     It opened successfully
>     and functioned doing reverse proxying as I desired.  For comparison
>     sake, I looked at the
>     tasks using port 80 as I had on my windows server.  On the
>     desktop, the
>     only task using port
>     80 is nginx.
>
>     I then changed the nginx listening directives on the Windows Server
>     computer to listen on
>     port 90 rather than port 80.  After this change on the MS Windows
>     Server
>     2016 nginx
>     succeeded in starting and performed reverse proxying successfully.
>
>     This seems to indicate that the problem is with a conflict in the
>     use of
>     port 80 rather than in my
>     nginx configuration.
>
>     However, remote website users browse to my website pages using the
>     default port of 80 rather than port 90.
>
>     How can I make the system work?
>
>     For completeness I am copying the nginx.conf file listening on
>     port 80
>     below.
>
>     # directives in the 'main' context
>     worker_processes 1;
>     events {    # events context/block
>           # configuration of connection processing
>                  }
>
>       http {    # http context specific to HTTP affecting all virtual
>     servers
>        server_names_hash_bucket_size 64;  # avoids error message for
>     multiple server_Name entries
>
>        server { # configuration of yogisource HTTP virtual port 80 server
>          listen 80;
>          server_name yogisource.com <http://yogisource.com>
>     www.yogisource.com <http://www.yogisource.com>;
>
>          location / {
>            proxy_pass http://yogisource.com:81/;
>            } # end of location block
>        } # end of yogisource server block
>
>        server {    # configuration of clearwaterescapes HTTP virtual
>     port 80
>     server
>          listen 80;
>          server_name clearwaterescapes.com
>     <http://clearwaterescapes.com> www.clearwaterescapes.com
>     <http://www.clearwaterescapes.com>;
>
>          location / {
>            # send local host requests of the form
>     http://clearwaterescapes.com to
>            # http://clearwaterescapes.com:8080/vo/Clearwater
>            proxy_pass http://clearwaterescapes.com:8080/vo/Clearwater/;
>            } # end of location block
>
>          location /camp/ {
>            proxy_pass
>     http://clearwaterescapes.com:8080/vo/Clearwater/Camp/?Prop=2;
>            } # end of location block
>
>     #     //
>     http://clearwaterescapes.com:81/Clearwater/Camp/camprental.pdf
>     works ...
>
>     #    The following Nginx location directives sends
>     clearwaterescapes.com <http://clearwaterescapes.com>
>     urls
>     #    containing case insensitive "camp" or "house" to
>     ClearwaterEscapes on
>     #     port 81 where to be served by the Microsoft IIS server
>
>          location ~* ^/camp/ {
>            set $proxy_pass_url http://ClearwaterEscapes.com:81/camp/
>     <http://ClearwaterEscapes.com:81/camp/>;
>            proxy_pass $proxy_pass_url;
>     #      proxy_pass http://ClearwaterEscapes.com:81/camp/
>     <http://ClearwaterEscapes.com:81/camp/> ;
>            }    # end of location block
>
>         location ~* ^/House/ {
>            set $proxy_pass_url http://ClearwaterEscapes.com:81/house/
>     <http://ClearwaterEscapes.com:81/house/>;
>            proxy_pass $proxy_pass_url;
>            }    # end of location block
>
>          }    # end of ClearwaterEscapes server block
>
>         server {    # configuration of freshpondrentals HTTP virtual
>     port 80
>     server
>              listen 80;
>              server_name freshpondrentals.com
>     <http://freshpondrentals.com> www.freshpondrentals.com
>     <http://www.freshpondrentals.com>;
>
>           location / {
>              # send local host requests of the form
>     http://freshpondrentals.com to
>              # http://freshpondrentals.com:8080/vo/camb
>
>              proxy_pass http://freshpondrentals.com:8080/vo/camb/;
>           }  # end of location block
>
>            location /StudioApartment/ {
>                 # send local host requests of the form
>                 # http://freshpondrentals.com/camb/StudioApartment
>                 # to
>                 # http://freshpondrentals.com:8080/vo/camb/StudioApartment
>              proxy_pass
>     http://freshpondrentals.com:8080/vo/camb/StudioApartment/index.jsp/;
>              } # end of location block
>
>            }    # end of freshpondrentals server block
>
>        server {  # configuration of oppsprops HTTP virtual port 80 server
>         listen 80;
>          server_name oppsprops.com <http://oppsprops.com>
>     www.oppsprops.com <http://www.oppsprops.com>;
>
>     #     listen 443 ssl;
>     #     ssl_certificate "C:/nginx/conf/ssl/certs/oppsprops.com.crt";
>     #     ssl_certificate_key "C:/nginx/conf/ssl/keys/oppsprops.com.key";
>     #
>     #    location / {
>     #        proxy_pass http://oppsprops.com:81/;
>     #    }  # end of location block
>
>        location ~ /.jsp$ {
>          set $proxy_pass_url http://oppsprops.com:8080;
>          proxy_pass $proxy_pass_url;
>          } # end of location block
>
>          location / {
>            proxy_pass http://oppsprops.com:8080/;
>            } # end of location block
>        } # end of oppsprops server block
>
>           } # end of http block
>
>
>
>
>
>     _______________________________________________
>     nginx mailing list
>     nginx at nginx.org
>     https://mailman.nginx.org/mailman/listinfo/nginx
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20240203/f0525f6c/attachment-0001.htm>


More information about the nginx mailing list