Problem using nginx as reverse proxy server on Windows Server 2016
Victor Oppenheimer
victor at camb.com
Sun Feb 4 01:02:34 UTC 2024
Jeremy,
Thank you. I tried to stopping the Web Deployment Agency Service and
ran a test that seemed to work! I will test it more extensively
tomorrow. and let you know
Do you know if there are adverse consequences to changing it's start up
type to "Manual".
Best,
Victor
On 2/3/2024 5:27 PM, Jeremy Cocks via nginx wrote:
>
> Hello!
>
> > I found that port 80 is being used by both task "System" by user
> "SYSTEM" for "NT Kernel and System"
> with a PID of 4 and also for task "System Idle Process" by user "SYSTEM"
> for
> "Percentage of time the processor is idle" with a PID of 0.
>
> This is typically the Web Deployment Agent Service (MsDepSvc) (this
> often uses PID4) or Host Network Service - both stoppable from from
> services.msc
>
> Let us know how you get on!
>
>
> On Sat, 3 Feb 2024 at 18:51, Victor Oppenheimer <victor at camb.com> wrote:
>
> I am trying to run nginx as a reverse proxy server on my Microsoft
> Windows
> Server 2016 Standard computer.
>
> I previously have used Microsoft IIS and Apache Tomcat on this
> computer to
> serve webpages on port 80 and port 8080 respectively.
>
> However, I want to have some of my websites use SSL and be accessed
> using HTTPS.
>
> So, I decided to install the nginx web server software on
> the computer. I planned to using it as a reverse proxy server which
> would receive both insecure HTML and secure HTTPS webpage requests and
> then proxy them to the appropriate software webservers on the same
> computer.
>
> I changed all the IIS sites that had been using port 80 to use
> port 81
> instead.
> I then wrote the nginx.conf configuration file which listens on
> port 80
> for each of
> my server_names and then proxy the page requests to the appropriate
> software webserver.
>
> Once that works, I plan to install the SSL certificates in nginx and
> process secure
> HTMLS requests as well.
>
> But nginx fails to start on the computer. It produces the following
> error message.
> bind() to 0.0.0.0:80 <http://0.0.0.0:80> failed (10013: An
> attempt was made to access
> a socket in a way
> forbidden by its access permissions)
>
> Because the message appears to indicate that there is a conflict
> using
> port 80 decided
> to see which tasks were using port 80. To do so, I opened a command
> window with
> administrative privileges and ran the following command:
> netstat -ano | findstr :80
>
> I then examined the output for entries with a state of "LISTENING"
> and a
> local address
> of "0.0.0.0:80 <http://0.0.0.0:80>" or ":::80" (IPv6). The
> output's "PID" column provided
> the process ID
> (PID) of the process using port 80.
>
> I then used Task Manager to find the process names associated with
> that
> PIDs.
>
> I found that port 80 is being used by both task "System" by user
> "SYSTEM" for "NT Kernel and System"
> with a PID of 4 and also for task "System Idle Process" by user
> "SYSTEM"
> for
> "Percentage of time the processor is idle" with a PID of 0.
>
> I then tried to open nginx on my Windows 11 pro home desktop
> computer.
> It opened successfully
> and functioned doing reverse proxying as I desired. For comparison
> sake, I looked at the
> tasks using port 80 as I had on my windows server. On the
> desktop, the
> only task using port
> 80 is nginx.
>
> I then changed the nginx listening directives on the Windows Server
> computer to listen on
> port 90 rather than port 80. After this change on the MS Windows
> Server
> 2016 nginx
> succeeded in starting and performed reverse proxying successfully.
>
> This seems to indicate that the problem is with a conflict in the
> use of
> port 80 rather than in my
> nginx configuration.
>
> However, remote website users browse to my website pages using the
> default port of 80 rather than port 90.
>
> How can I make the system work?
>
> For completeness I am copying the nginx.conf file listening on
> port 80
> below.
>
> # directives in the 'main' context
> worker_processes 1;
> events { # events context/block
> # configuration of connection processing
> }
>
> http { # http context specific to HTTP affecting all virtual
> servers
> server_names_hash_bucket_size 64; # avoids error message for
> multiple server_Name entries
>
> server { # configuration of yogisource HTTP virtual port 80 server
> listen 80;
> server_name yogisource.com <http://yogisource.com>
> www.yogisource.com <http://www.yogisource.com>;
>
> location / {
> proxy_pass http://yogisource.com:81/;
> } # end of location block
> } # end of yogisource server block
>
> server { # configuration of clearwaterescapes HTTP virtual
> port 80
> server
> listen 80;
> server_name clearwaterescapes.com
> <http://clearwaterescapes.com> www.clearwaterescapes.com
> <http://www.clearwaterescapes.com>;
>
> location / {
> # send local host requests of the form
> http://clearwaterescapes.com to
> # http://clearwaterescapes.com:8080/vo/Clearwater
> proxy_pass http://clearwaterescapes.com:8080/vo/Clearwater/;
> } # end of location block
>
> location /camp/ {
> proxy_pass
> http://clearwaterescapes.com:8080/vo/Clearwater/Camp/?Prop=2;
> } # end of location block
>
> # //
> http://clearwaterescapes.com:81/Clearwater/Camp/camprental.pdf
> works ...
>
> # The following Nginx location directives sends
> clearwaterescapes.com <http://clearwaterescapes.com>
> urls
> # containing case insensitive "camp" or "house" to
> ClearwaterEscapes on
> # port 81 where to be served by the Microsoft IIS server
>
> location ~* ^/camp/ {
> set $proxy_pass_url http://ClearwaterEscapes.com:81/camp/
> <http://ClearwaterEscapes.com:81/camp/>;
> proxy_pass $proxy_pass_url;
> # proxy_pass http://ClearwaterEscapes.com:81/camp/
> <http://ClearwaterEscapes.com:81/camp/> ;
> } # end of location block
>
> location ~* ^/House/ {
> set $proxy_pass_url http://ClearwaterEscapes.com:81/house/
> <http://ClearwaterEscapes.com:81/house/>;
> proxy_pass $proxy_pass_url;
> } # end of location block
>
> } # end of ClearwaterEscapes server block
>
> server { # configuration of freshpondrentals HTTP virtual
> port 80
> server
> listen 80;
> server_name freshpondrentals.com
> <http://freshpondrentals.com> www.freshpondrentals.com
> <http://www.freshpondrentals.com>;
>
> location / {
> # send local host requests of the form
> http://freshpondrentals.com to
> # http://freshpondrentals.com:8080/vo/camb
>
> proxy_pass http://freshpondrentals.com:8080/vo/camb/;
> } # end of location block
>
> location /StudioApartment/ {
> # send local host requests of the form
> # http://freshpondrentals.com/camb/StudioApartment
> # to
> # http://freshpondrentals.com:8080/vo/camb/StudioApartment
> proxy_pass
> http://freshpondrentals.com:8080/vo/camb/StudioApartment/index.jsp/;
> } # end of location block
>
> } # end of freshpondrentals server block
>
> server { # configuration of oppsprops HTTP virtual port 80 server
> listen 80;
> server_name oppsprops.com <http://oppsprops.com>
> www.oppsprops.com <http://www.oppsprops.com>;
>
> # listen 443 ssl;
> # ssl_certificate "C:/nginx/conf/ssl/certs/oppsprops.com.crt";
> # ssl_certificate_key "C:/nginx/conf/ssl/keys/oppsprops.com.key";
> #
> # location / {
> # proxy_pass http://oppsprops.com:81/;
> # } # end of location block
>
> location ~ /.jsp$ {
> set $proxy_pass_url http://oppsprops.com:8080;
> proxy_pass $proxy_pass_url;
> } # end of location block
>
> location / {
> proxy_pass http://oppsprops.com:8080/;
> } # end of location block
> } # end of oppsprops server block
>
> } # end of http block
>
>
>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20240203/f0525f6c/attachment-0001.htm>
More information about the nginx
mailing list