proxy_pass Not Working on Port 80

Francis Daly francis at daoine.org
Wed Sep 9 08:57:12 UTC 2020 

On Wed, Sep 09, 2020 at 01:58:42AM -0400, figshta wrote:

Hi there,

> I have two servers behind on IP address.

What does that mean, in terms of "traffic to the IP address gets sent
to server#1 or to server'2"?

> Server1 is hosting several websites
> all using TLS exclusively.

That suggests that all incoming traffic to your IP on port 443 gets sent
to server#1.

>  Recently I set up Server2 and setup one website using reverse proxy from
> Server1 and finally successfully deployed TLS on it as well. 
> During that setup I had to use port 80 to use Certbot with Let's Encrypt. 
> Now I'm trying to do it again the same way with another domain. 
> The proxy_pass directive works on port 8080, but when I switch it to port 80
> I get a 404 error.

What request do you make that returns the 404 error?

What response do you want for that request? (Probably something like
"http 200 and the contents of *this* file".)

(And: what does the nginx log file say about the 404 error? Is it trying
to read a different file from what you expect?)

> Here is setup in question: (again, Port 8080 works, but port 80 does not)
> 
> ----------------------------------
> #Proxy server (Server1)
> 
> # threedaystubble.com server
> server {
>         listen 80;
>         server_name www.threedaystubble.com threedaystubble.com;
>         location / {
>                 proxy_pass http://192.168.3.5:80;

With that config, your server#2 will not see a Host: header that includes
threedaystubble.com.

If your server#2 needs that Host header, things will probably break.

> #Proxied Server (Server2)
> 
> server {
>         listen 80;
> 
>         server_name threedaystubble.com www.threedaystubble.com;
> 
>         root /var/www/threedaystubble.com;
> 
>         location / {
>         }
> 
> }

If that is the entire config on server#2, it should probably work. But
if you have more server{} blocks, such that the "default" port-80 server
is something else, then that extra config might be causing this not to
act in the way that you want.

> Any help would be greatly appreciated.

Depending on what else is wanted, I'd suggest one of the methods to
make sure that the Host: header that you want, is sent to server#2 in
the proxy_pass request from server#1.

That can be proxy_set_header; or proxy_pass with the hostname and either
an upstream of the hostname, or the system resolver to refer to the
server#2 address.

(Or: just use port 8080 on server#2 for this site; and port 8081 on
server#2 for the next site.)

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org

More information about the nginx mailing list