<div>It works now. </div>
<div>thanks for your help. </div>
<div> </div>
<div>Nexthop<br><br> </div>
<div><span class="gmail_quote">On 10/12/09, <b class="gmail_sendername">Igor Sysoev</b> <<a href="mailto:is@rambler-co.ru">is@rambler-co.ru</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">On Mon, Oct 12, 2009 at 02:43:47AM +0800, quan nexthop wrote:<br><br>> HI:<br>><br>> Let me give a summary for my question, it is a long descrption.<br>
><br>><br>> 1) My question is :<br>> I try to setup the NGINX as a reverse-proxy to protect a WebServer. The<br>> topology is a VirtualHost.<br>> <a href="http://abc.com">abc.com</a> |-----------[nginx reverse proxy] ------- |virtualhost] ----/abc<br>
> directory<br>> <a href="http://123.com">123.com</a>|<br>> |--/123<br>> directory<br><br>I still do not understand why you mention /123 directory, however,<br>according sniffed packets, you need something like this:<br>
<br> server {<br> server_name <a href="http://abc.com">abc.com</a>;<br> location / {<br> proxy_pass <a href="http://123.com">http://123.com</a>;<br> proxy_set_header $host;<br> }<br>
}<br> server {<br> server_name <a href="http://def.com">def.com</a>;<br> location / {<br> proxy_pass <a href="http://123.com">http://123.com</a>;<br> proxy_set_header $host;<br>
}<br> }<br><br><br>> [note] the virtualhost port is 80<br>><br>> 2) I got a configuration as the following:<br>> Add these in NGINX.conf<br>> server {<br>> server_name <a href="http://abc.com">abc.com</a>;<br>
> location / {<br>> proxy_pass <a href="http://123.com/abc/">http://123.com/abc/</a>;<br>> }<br>> }<br>> server {<br>> server_name <a href="http://def.com">def.com</a>;<br>
> location / {<br>> proxy_pass <a href="http://123.com/def/">http://123.com/def/</a>;<br>> }<br>> }<br>><br>> 3) When I do according to the above the configuration, I can not access the<br>
> VirtualHost.<br>> I sniff and get the following packet(in Server's side)<br>><br>> GET /<a href="http://abc.com">abc.com</a> HTTP/1.0<br>> Host: <a href="http://abc.com">abc.com</a><br>> X-Real-IP: 192.168.2.169<br>
> X-Forwarded-For: 192.168.2.169<br>> Connection: close<br>> Accept: */*<br>> Accept-Language: zh-cn<br>> Pragma: no-cache<br>> If-Modified-Since: Sun, 11 Oct 2009 08:53:36 GMT<br>> If-None-Match: "c8752c52504aca1:2b3"<br>
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)<br>> Proxy-Connection: Keep-Alive<br>><br>> HTTP/1.1 404 Not Found<br>> Content-Length: 1308<br>> Content-Type: text/html<br>> Server: Microsoft-IIS/6.0<br>
> X-Powered-By: <a href="http://ASP.NET">ASP.NET</a><br>> Date: Sun, 11 Oct 2009 09:19:44 GMT<br>> Connection: close<br>> ----------------------------------------------------------------------------------------------------------<br>
> Case 2. Access from 192.168.2.169->192.168.10.169(web server) *BYPASS* the<br>> NGINX revers proxy<br>><br>> GET / HTTP/1.1<br>> Accept: */*<br>> Accept-Language: zh-cn<br>> Accept-Encoding: gzip, deflate<br>
> If-Modified-Since: Sun, 11 Oct 2009 08:53:36 GMT<br>> If-None-Match: "c8752c52504aca1:2b3"<br>> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)<br>> Host: <a href="http://abc.com">abc.com</a><br>
> Connection: Keep-Alive<br>> HTTP/1.1 200 OK<br>> Content-Length: 248<br>> Content-Type: text/html<br>> Content-Location: <a href="http://abc.com/index.htm">http://abc.com/index.htm</a><br>> Last-Modified: Sun, 11 Oct 2009 08:53:36 GMT<br>
> Accept-Ranges: bytes<br>> ETag: "c8752c52504aca1:2c1"<br>> Server: Microsoft-IIS/6.0<br>> X-Powered-By: <a href="http://ASP.NET">ASP.NET</a><br>> Date: Sun, 11 Oct 2009 09:19:34 GMT<br>> --------------------------------------------------------------------------------------------<br>
> At present, I still don't know how to configure Reverse-Proxy for<br>> VirtualHost.<br>><br>> please give me a help.<br>><br>> thanks<br>> NextHop<br>><br>><br>><br>> On 10/11/09, Igor Sysoev <<a href="mailto:is@rambler-co.ru">is@rambler-co.ru</a>> wrote:<br>
> ><br>> > On Sun, Oct 11, 2009 at 05:55:35PM +0800, quan nexthop wrote:<br>> ><br>> > > Sorry later feedback because of the bussiness trip.<br>> > ><br>> > > I configured it according to Igor Sysoev's advice, but it failed.<br>
> > > I sniff in the webserver's side, I found the request message is stranger.<br>> > > ----------------------------------------------------------------<br>> > > Case1: Access from 192.168.2.169->192.168.10.169(web server) *VIA* NGINX<br>
> > > reverse proxy.<br>> > ><br>> > > GET /<a href="http://abc.com">abc.com</a> HTTP/1.0<br>> > > Host: <a href="http://abc.com">abc.com</a><br>> > > X-Real-IP: 192.168.2.169<br>
> > > X-Forwarded-For: 192.168.2.169<br>> > > Connection: close<br>> > > Accept: */*<br>> > > Accept-Language: zh-cn<br>> > > Pragma: no-cache<br>> > > If-Modified-Since: Sun, 11 Oct 2009 08:53:36 GMT<br>
> > > If-None-Match: "c8752c52504aca1:2b3"<br>> > > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)<br>> > > Proxy-Connection: Keep-Alive<br>> > ><br>> > > HTTP/1.1 404 Not Found<br>
> > > Content-Length: 1308<br>> > > Content-Type: text/html<br>> > > Server: Microsoft-IIS/6.0<br>> > > X-Powered-By: <a href="http://ASP.NET">ASP.NET</a><br>> > > Date: Sun, 11 Oct 2009 09:19:44 GMT<br>
> > > Connection: close<br>> > ><br>> > ----------------------------------------------------------------------------------------------------------<br>> > > Case 2. Access from 192.168.2.169->192.168.10.169(web server) *BYPASS*<br>
> > the<br>> > > NGINX revers proxy<br>> > ><br>> > > GET / HTTP/1.1<br>> > > Accept: */*<br>> > > Accept-Language: zh-cn<br>> > > Accept-Encoding: gzip, deflate<br>
> > > If-Modified-Since: Sun, 11 Oct 2009 08:53:36 GMT<br>> > > If-None-Match: "c8752c52504aca1:2b3"<br>> > > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)<br>> > > Host: <a href="http://abc.com">abc.com</a><br>
> > > Connection: Keep-Alive<br>> > ><br>> > > HTTP/1.1 200 OK<br>> > > Content-Length: 248<br>> > > Content-Type: text/html<br>> > > Content-Location: <a href="http://abc.com/index.htm">http://abc.com/index.htm</a><br>
> > > Last-Modified: Sun, 11 Oct 2009 08:53:36 GMT<br>> > > Accept-Ranges: bytes<br>> > > ETag: "c8752c52504aca1:2c1"<br>> > > Server: Microsoft-IIS/6.0<br>> > > X-Powered-By: <a href="http://ASP.NET">ASP.NET</a><br>
> > > Date: Sun, 11 Oct 2009 09:19:34 GMT<br>> > ><br>> > -----------------------------------------------------------------------------------------------------<br>> > > The case 1 is failed. If I bypass the NGINX revers-proxy, it success.<br>
> > > I marked with RED, there are some difference. I can not dig into deep.<br>> > > please help me for the issue.<br>> ><br>> > Then I do not understand, what you meant by this:<br>> ><br>
> > <a href="http://abc.com">abc.com</a> |----[nginx reverse proxy] -- |virtualhost] --/abc directory<br>> > <a href="http://123.com">123.com</a>|<br>> > |--/123 directory<br>> ><br>> > > I pasted the configuration as following:<br>
> > ><br>> > -------------------------------------------------------------------------------<br>> > > 47 server {<br>> > > 48 listen 8080;<br>> > > 49 server_name <a href="http://abc.com">abc.com</a>;<br>
> > > 50 access_log /var/log/nginx/access.log;<br>> > > 51<br>> > > 52 location / {<br>> > > 53 proxy_pass <a href="http://192.168.10.169/abc.com">http://192.168.10.169/abc.com</a>;<br>
> > > 54 proxy_redirect default;<br>> > > 55 proxy_set_header Host $host;<br>> > > 56 proxy_set_header X-Real-IP $remote_addr;<br>> > > 57 proxy_set_header X-Forwarded-For<br>
> > $proxy_add_x_forwarded_for;<br>> > > 58 client_max_body_size 50m;<br>> > > 59 client_body_buffer_size 256k;<br>> > > 60 }<br>> > > 61 }<br>> > > 62 server {<br>
> > > 63 listen 8080;<br>> > > 64 server_name <a href="http://def.com">def.com</a>;<br>> > > 65 access_log /var/log/nginx/access.log;<br>> > > 66<br>> > > 67 location / {<br>
> > > 68 proxy_pass <a href="http://192.168.10.169/def.com">http://192.168.10.169/def.com</a>;<br>> > > 69 proxy_redirect default;<br>> > > 70 proxy_set_header Host $host;<br>
> > > 71 proxy_set_header X-Real-IP $remote_addr;<br>> > > 72 proxy_set_header X-Forwarded-For<br>> > $proxy_add_x_forwarded_for;<br>> > > 73 client_max_body_size 50m;<br>
> > > 74 client_body_buffer_size 256k;<br>> > > 75 }<br>> > > 76 }<br>> > ><br>> > ><br>> > > thanks<br>> > > NextHop<br>> > ><br>> > ><br>
> > ><br>> > ><br>> > > On 10/6/09, Igor Sysoev <<a href="mailto:is@rambler-co.ru">is@rambler-co.ru</a>> wrote:<br>> > ><br>> > > > On Mon, Oct 05, 2009 at 04:00:23PM +0800, quan nexthop wrote:<br>
> > > ><br>> > > > > Hi all:<br>> > > > ><br>> > > > > I try to setup the NGINX as a reverse-proxy to protect several<br>> > > > webservers,<br>> > > > > which lots of websites are running on. Yes, it is a virtual host :)<br>
> > > > ><br>> > > > > <a href="http://abc.com">abc.com</a> |-----------[nginx reverse proxy] ------- |virtualhost]<br>> > ----/abc<br>> > > > > directory<br>> > > > > <a href="http://123.com">123.com</a>|<br>
> > > > > |--/123 directory<br>> > > > ><br>> > > > > [note] the virtualhost port is 80.<br>> > > > ><br>> > > > > I go through the <a href="http://wiki.nginx.net">wiki.nginx.net</a> and can not find any configuration<br>
> > > > related<br>> > > > > with the topology.<br>> > > > ><br>> > > > > Any one can paste a configuration for such case?<br>> > > > > how can I distinguish the different server in one listening port?<br>
> > > ><br>> > > > Probably you need<br>> > > ><br>> > > > server {<br>> > > > server_name <a href="http://abc.com">abc.com</a>;<br>> > > > location / {<br>
> > > > proxy_pass <a href="http://123.com/abc/">http://123.com/abc/</a>;<br>> > > > }<br>> > > > }<br>> > > ><br>> > > > server {<br>> > > > server_name <a href="http://def.com">def.com</a>;<br>
> > > > location / {<br>> > > > proxy_pass <a href="http://123.com/def/">http://123.com/def/</a>;<br>> > > > }<br>> > > > }<br>> > > ><br>
> > > ><br>> > > > --<br>> > > > Igor Sysoev<br>> > > > <a href="http://sysoev.ru/en/">http://sysoev.ru/en/</a><br>> > > ><br>> > > ><br>> ><br>
> > --<br>> > Igor Sysoev<br>> > <a href="http://sysoev.ru/en/">http://sysoev.ru/en/</a><br>> ><br>> ><br><br>--<br>Igor Sysoev<br><a href="http://sysoev.ru/en/">http://sysoev.ru/en/</a><br><br>
</blockquote></div><br>