• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Wrong server nginx config with plesk11.5

Azurel

Azurel

Silver Pleskian
Hello. I have plesk11.5 and found a big security bug in my script because plesk11 do a strange behavior:

[REMOTE_ADDR] => 95.*.*.*
[SERVER_PORT] => 80
[SERVER_ADDR] => 91.*.*.*
[SERVER_NAME] => domain.com
[SERVER_SOFTWARE] => Apache

[REMOTE_ADDR] => 2003:67:4b4b:*
[SERVER_PORT] => 80
[SERVER_ADDR] => 127.0.0.1
[SERVER_NAME] => domain.com
[SERVER_SOFTWARE] => Apache
Click to expand...

You can see... visitors with IPv4 get the correct Server-IPv4, BUT visitors with IPv6 get localhost 127.0.0.1
Thats fatal for me. I check in php ($_SERVER['SERVER_ADDR']=='127.0.0.1' for Offline development. Now all IPv6 users get critical outputs since months! :(

I have take a look and found this in /etc/nginx/plesk.config.d/server.conf
server {
listen 91.*.*.*:80 default_server ;

location / {
proxy_pass http://91.*.*.*:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

server {
listen [2a01:*:0:1]:80 default_server ipv6only=on;

location / {
proxy_pass http://127.0.0.1:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Click to expand...

Why is this 127.0.0.1 and not "proxy_pass http://91.*.*.*:7080;" or better "proxy_pass http://[2a01:*:0:1]:7080;"!?
 
Last edited:
I have report this "bug" to hosteurope and they have make changed for me
wir haben die Änderung in

"/usr/local/psa/admin/conf/templates/custom/nginx.php"

vorgenommen und die Nginx-Konfiguration mit

"plesk sbin nginxmng -d && plesk sbin nginxmng -e"

neu geschrieben.

Die Änderungen sind nun permanent.
Click to expand...
 
Can anybody tell me, that bug is in plesk12 for /etc/nginx/plesk.config.d/server.conf too? (see start posting) Thanks!
 
You must log in or register to reply here.

Similar threads

itexpertnow
Issue Appwrite Websocket not working
Replies
0
Views
655
itexpertnow
itexpertnow
L
Question Plesk with Mailman3 and Hyperkitty / nginx
Replies
0
Views
144
Larian
L
L. Hagen
Question How to overwrite existing nginxs configurations?
Replies
1
Views
2K
Kaspar
K
J
Question How to hide port in Nginx forwarding / change listening port
Replies
0
Views
1K
jasmines
J
T
Question Plesk Odoo Nginx Reverse Proxy
Replies
4
Views
6K
Edinson
E
Back
Top