Nginx Reverse Proxy w/ SSL - 403 Error
Ok, everything looks like it's running smoothly. Basically, I changed my Nginx server block to forward SSL requests to port 445
, which Apache runs SSL on.
Nginx Server Block
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / {
proxy_pass https://127.0.0.1:445;
Apache Virtual Host File
<VirtualHost *:445>
(Apache Config options w/ SSL)
</VirtualHost>
This post sent me on the right track. Multisite Nginx reverse proxy routing to Apache
Related videos on Youtube
Marc Woodyard
System Admin by day, developer by night. Web dev somewhere in between.
Updated on September 18, 2022Comments
-
Marc Woodyard over 1 year
I've been trying to install Nginx as a reverse proxy for the past couple of days, but I can't get it to work. Everytime I load a page on my site, or even a file on my server, it returns a 403 forbidden error.
I've been following a tutorial I found on DigitalOcean, which I've completed. (At the end of the article, there's a picture of a phpinfo page says it was loaded with an Apache Handler. My phpinfo page said the same thing.
But what ever I do, I can't get the 403 error to go away.
Server Specs:
OS: Unbutu
RAM: 512 MB
Nginx Config File
server { ### server port and name ### listen *:443; ssl on; server_name --Server Name--; #include global/common.conf; #include global/wordpress.conf; #include global/multisite.conf; ### SSL log files ### access_log --Log Location--; error_log --Log Location--; ### SSL cert files ### ssl_certificate --Certificate File--; ssl_certificate_key --Certificate Key File--; root /var/www/; allow 127.0.0.1; deny all; index index.php index.html index.htm; server_name --Server Name--; location / { try_files $uri $uri/ /index.php; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_pass 127.0.0.1:9000; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://127.0.0.1:8080; } location ~ /\.ht { deny all; } }
Apache Ports.conf File
# If you just change the port or add more ports here, you will likely also # have to change the VirtualHost statement in # /etc/apache2/sites-enabled/000-default.conf #Listen 127.0.0.1:8080 Listen *:8080 #Listen 80 <IfModule ssl_module> Listen 444 #Didn't work on 443 with Nginx as a reverse proxy </IfModule> <IfModule mod_gnutls.c> Listen 444 #Didn't work on 443 with Nginx as a reverse proxy </IfModule> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Apache Config File
<VirtualHost *:8080> DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride All </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory>
-
xeon about 9 yearsWhats the logs say?
-
Marc Woodyard about 9 yearsIt says
2015/04/09 17:49:27 [error] 12042#0: *1 directory index of "/var/www/" is forbidden, client: [IP Address], server: [URL], request: "GET / HTTP/1.1", host: "[URL]"
-
Droopy4096 about 9 yearslooks like our phpinfo would be served through fastcgi interface (port 9000) thus unrelated to apache config. there's quire a mix of fastcgi_pass and proxy_pass which to me looks like it is the most likely culprit. Shouldn't you split them by location?
-
Marc Woodyard about 9 yearsI created a test file I can access without
403 Forbidden
error. But, when I try to access the WordPress Multisite network in/var/www/
, it still displays a 403 error withindex.php
added to the URL in the address bar. -
Marc Woodyard about 9 yearsI finally got my homepage to show up. But, when I navigate to a page, it displays a
404 Not Found
error. Also, when I login to the admin area/wp-admin/
, it redirects me to:8080/wp-admin/
-
-
Marc Woodyard about 9 yearsWhen I try to access the admin dashboard, sometimes it redirects
/wp-admin/
to:445/wp-admin/
. But when I delete the:445
, it loads the login page and I'm able to login. Is this normal?