I need to redirect http port 80 to port with specific page, which running on port 9090/somepage.
So in short:
Need redirect x.x.x.x:80 -> x.x.x.x:9090/page
I tried to do by command iptable, but I not be able to redirect port to specific port and page (only port to another port).
Please how I can realize this?
You probably need an proxypass in the virtualhost to redirect it. For Apache:
https://httpd.apache.org/docs/current/mod/mod_proxy.html
Related
I have an IPFS services running on port 8080 and can currently access it when I include port 8080 in the url:
http://www.mywebsite.com:8080/ipfs/{IpfsHash}
I also have 2 rules that deal with redirecting non http requests to https and another one redirecting non-www to www. How can I add another rule that will redirect request above to
https://www.mywebsite.com/ipfs/{IpfsHash}
Any help is appreciated. Thanks
I have an nginx inside a docker container which I want to force SSL on all request. Because I need to expose the webserver port in a different port outside the container, I'm not using standar ports when accesing the server.
I mapped the SSL port 443 inside my container to 8888 outside, so when I write the URL https://myserver:8888 the HTTPS works fine.
What happens when I don't use the https prefix? The port 443 is still listening but since I'm not using https schema I get the following error:
400 Bad Request
The plain HTTP request was sent to HTTPS port
If I redirect request to port 80 to 443 it is not enough, since because I'm accesign by the port 8888 the all requests are incoming by port 443, but I can not guarantee the schema used is HTTP.
I mean, the following block has not effect because I'm not exposing port 80 outside, only 8888 which maps direcly to 443
server {
server_name myserver;
listen 80;
return 301 https://$host:$server_port$request_uri;
}
How can I force it to work even when the user puts http on the URL?
Thank you
You have to use two different ports : for example 8888 and 8889.
Bind the first port to the container's 80, and the second to 443.
If a client want to contact your container on http it will have to use 8888 (-> 80). If the vhost is well configured nginx will serve a 301 or 302 HTTP return code (a redirect) to the https port (8889 -> 443).
So your return might look like
return 301 https://$host:8889$request_uri;
And the client will start a TLS connection on the right port.
Due to technical limitation it's pretty hard to use the same port for both clear traffic and TLS-encrypted one, so most of the webservers will listen on two distinct ports : 80 for plain-text and 443 for TLS.
I've been able to map www.xyz.com sub domain name to some ip port where port is not the default http port 80 but e.g. 1234
Entering www.xyz.com in browser works but resolves to www.xyz.com:1234
Please bear with me if my question sounds silly as am no expert of the networking domain.
Is that possible to keep port to non-default without it appearing with sub domain name in browser address bar?
Browser will show non-standard ports. However there are some workarounds depending on your tech stack:
You can have a redirect from port 80 (or 443) to port 1234.
For example in AWS you can have a Load Balancer that redirects traffic
from port 80 to 1234. The user in his browser will see no port.
You can have a Reverse Proxy with a rewrite rule.
Check here:
Rewrite rule to hide port from URL of Rails server?
No, this is not possible. Browsers always show non-default port numbers.
No, it's not possible to hide "1234" port number from your url.
Because:
For "http" url, browser only hides "80" port number.
For "https" url, browser only hides "443" port number.
In IIS, I noticed when you use the default ports (80 for http and 443 for https) the port number doesn't display at the end of the URL in your browser. However, if you use a different port it will display.
Example:
Default port generates link: http://www.example.com
Custom port generates link: http://www.example.com:8301
Is there a setting you can change to make the port (in this case, :8301) not display without using the defaults?
80 is a default port for HTTP connections.
http://example.com = http://example.com:80
443 is a default port for HTTPS connections.
https://example.com = https://example.com:443
If you are hosting on an other port, you have to include it in the URL.
It's not a IIS rule - it's about HTTP in general. You cannot configure the server in such way that http://example.com will work with port 8301 and I can't imagine any situation when it can be useful. I strongly believe that 80 port is chosen by default on a browser-side but not assigned on a server-side.
If you want users to reach this website by http://example.com URL and it must be a main page then swap your 8301 and 80 ports WebSites' bindings.
I have a Rails app that is running on port 8080 that I need to trick to think it's running on port 80.
I am running Varnish on port 80 and forwarding requests to nginx on port 8080, but when the user tries to login with OmniAuth and the Devise gem generates a url to redirect back to the server, it thinks its on port 8080 which then the user will see.
Is there any way to trick the Rails app to hard code the port as 80 (I would think it's a bad practice), or have nginx forward the request as if it's running on port 80?
Since I am not running a nginx proxy to the Rails app I can't think of a way to trick the port.
Has anyone ran into this issue before, if so what sort of configuration is needed to fix it?
Thanks in advance!
EDIT:
Both nginx and Varnish are running on the same server.
I have the same setup with Varnish on port 80 and nginx on port 8080 and OmniAuth (no Devise) was doing exactly the same thing. I tried setting X-Forwarded-Port etc in Varnish and fastcgi_param SERVER_PORT 80; in nginx, both without success. The other piece in my setup is Passenger (which you didn't mention) but if you are indeed using Passenger then you can use:
passenger_set_cgi_param SERVER_PORT 80;
(The docs say you can set this in an http block but that didn't work for me and I had to add it to the server block.)
http://modrails.com/documentation/Users%20guide%20Nginx.html#passenger_set_cgi_param
Set up X-Forwarded-Port in Varnish. See this example and the other results from a Google search for "varnish x-forwarded-port".
You must also, of course, set up X-Forwarded-For and X-Forwarded-Proto.
The headers X-Forwarded-For, X-Forwarded-Proto, and X-Forwarded-Port are a way for HTTP reverse proxies such as Nginx, Squid, or Varnish to communicate to the "back-end" HTTP application server, your Rails application running in Thin or Unicorn, who the user actually is and how the user actually connected.
For example, suppose you have Nginx in front of your Rails application. Your Rails application was booted with Thin and is listening on 127.0.0.1:8080, while Nginx is listening on 0.0.0.0:80 for HTTP and 0.0.0.0:443 for HTTPS. Nginx is configured to proxy all connections to the Rails app. Then your Rails app will think that any user's IP address is 127.0.0.1, the port is 8080, and the scheme is http, even if the actual user connected from 1.2.3.4 and requested the page via https on port 443. The solution is to configure Nginx to set the headers:
X-Forwarded-For: 1.2.3.4
X-Forwarded-Scheme: https
X-Forwarded-Port: 443
and the Rails app should use these parameters instead of the default ones.
The same applies for whatever reverse proxy you use, such as Varnish in your case.
You can make a proxy and server it as whatever port you want.
Maybe with apache on top and passenger stand alone...
<VirtualHost *:80>
ServerName <name>
DocumentRoot /home/deploy/<name>
PassengerEnabled off
ProxyPass / http://127.0.0.1:<port>/
ProxyPassReverse / http://127.0.0.1:<port>/
</VirtualHost>
In shell:
passenger start -e staging -p 3003 -d
Your problem seems you're getting redirects to port 8080. The best solution would be to configure Rails (or the OmniAuth/Devise gem) to treat the requests as if they were fired on port 80 (but I have no idea how or if it is possible).
Like ablemike said; Apache has a great module for this (mod_proxy), with ProxyPassReverse it rewrites the redirects back to port-80 redirects. Better even, with mod_proxy_html it will replace port-8080 links in HTML pages with port-80 links.
If you only need to rewrite redirects, you can rewrite redirects in Varnish VCL with something like:
sub vcl_fetch {
...
#Rewrite redirect from port 8080 to port 80
if ( obj.http.Location ~ "^http://[^:]+:8080/.*" ) {
set obj.http.Location = regsub(obj.http.Location, ""^(http://[^:]+):8080(/.*)","\1\2");
}
}
(I think you have to replace obj with beresp if you use varnish >= 2.1)
If you have to rewrite HTML pages, this will be a lot harder to do completely correct with varnish.