• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question How is the server.conf file generated?

B

budiantoip

New Pleskian
Server operating system version
CentOS 7.9
Plesk version and microupdate number
18.0.65_build1800241122.08
Hello,

I have Plesk Obsidian installed on CentOS 7.9 and have the following Nginx configuration file:
Bash: 
/etc/nginx/plesk.conf.d/server.conf
The file content is as follows:
NGINX: 
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.

include "/etc/nginx/plesk.conf.d/ip_default/*.conf";

server {
    listen 1.2.3.4:443 ssl;

    ssl_certificate             "/usr/local/psa/var/certificates/xxxxxxxxx";
    ssl_certificate_key         "/usr/local/psa/var/certificates/xxxxxxxxx";
    client_max_body_size 2048m;

    proxy_read_timeout 600;
    proxy_send_timeout 600;

    proxy_max_temp_file_size 0;
    proxy_buffers 16 16k;
    proxy_buffer_size 32k;
    proxy_busy_buffers_size 32k;

    server_name _;

    location / {
        proxy_pass http://127.0.0.1:8880;
        proxy_redirect http://$host:8880 $scheme://$host;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Http-Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        access_log off;

        gzip on;
        gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
    }

    location ~ /ws$ {
        proxy_pass http://127.0.0.1:8880;
        proxy_redirect off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Http-Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        access_log off;
    }

    underscores_in_headers on;
}

server {
    listen 1.2.3.4:80;

    location ^~ /plesk-site-preview/ {
        proxy_pass http://127.0.0.1:8880;
        proxy_set_header Host               plesk-site-preview.local;
        proxy_set_header X-Real-IP          $remote_addr;
        proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto  $scheme;
        proxy_cookie_domain plesk-site-preview.local $host;
        access_log off;
    }

    location / {
        proxy_pass http://1.2.3.4:7080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

server {
    listen 1.2.3.4:443 ssl;

    server_name lists.*;

    ssl_certificate             /usr/local/psa/var/certificates/xxxxxxxxx;
    ssl_certificate_key         /usr/local/psa/var/certificates/xxxxxxxxx;

    location / {
        proxy_pass https://1.2.3.4:7081;
        proxy_hide_header upgrade;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

As noted in the first few lines, this file is auto-generated, and manual changes will be overwritten. I would like to implement a rate-limiting rule.

I have tried searching on Google, but I haven’t had any luck so far.

Does anyone know the recommended way to achieve this without directly modifying the auto-generated file?

Thank you!

Regards,

Budianto IP
 
scsa20 said:
First off, don't touch the server.conf configuration, that is managed for the main plesk panel server itself. You'll want to edit the default templates instead by copying the default template to a custom's template location. Refer to Changing Virtual Hosts Settings Using Configuration Templates for information how.
Click to expand...
If you review the configuration file, the server.conf file I shared earlier is not related to virtual hosts. The virtual host files are stored under
Code: 
/etc/nginx/plesk.conf.d/vhosts/

Is there a custom template available to modify the server.conf file?
 
You can also use the WebServer Hook to dynamically add directives to Nginx/Apache virtual hosts when they are generated by Plesk.

I think you can also use the Additional Nginx directives sections to load rate-limit zones.
 
Thank you, @AYamshanov. That article was the final piece of the puzzle for me.

I also want to thank everyone who contributed to this thread.

I’ve successfully modified the custom templates for server.conf.

Here's what I did:
Code: 
# Modify this file to define the rate limit zone
vim /etc/nginx/nginx.conf

cd /usr/local/psa/admin/conf/templates

# Customize template files for server.conf
mkdir -p custom/server/
cp -p default/server/nginxPleskAccess.php custom/server/
# Modify the "location / {" block to add the limit_req rule
vim custom/server/nginxPleskAccess.php
/opt/plesk/php/7.4/bin/php -l custom/domain/service/proxy.php

mkdir -p custom/server/
cp -p default/server/nginxVhosts.php custom/server/
# Modify the "location / {" block to add the limit_req rule
vim custom/server/nginxVhosts.php
/opt/plesk/php/7.4/bin/php -l custom/server/nginxVhosts.php

# Regenerate server.conf
/usr/local/psa/admin/sbin/httpdmng --reconfigure-server

# Confirm the result by checking the server.conf file
cat /etc/nginx/plesk.conf.d/server.conf

# Validate all of nginx configurations
# Ensure there's no warning or error messages
nginx -t

# Reload the nginx service
service nginx reload

I've stored a nginx snippet for this rate-limiting rule here:
gist.github.com

Nginx snippets

Nginx snippets. GitHub Gist: instantly share code, notes, and snippets.
gist.github.com gist.github.com

Hope it helps anyone who has the same problem as I did.
 
Keep in mind that you should compare the default and custom templates every few Plesk upgrades because new features might be introduced and not be available with your custom templates.
 
You must log in or register to reply here.

Similar threads

C
Question Pesk Docker running collabora online for nextcloud
Replies
1
Views
1K
UnixDrive
U
itexpertnow
Issue Appwrite Websocket not working
Replies
0
Views
706
itexpertnow
itexpertnow
D
Issue Adding /location to domain.conf
Replies
1
Views
1K
Kaspar@Plesk
Kaspar@Plesk
C
Question nginx reverse proxy and password protected directory
Replies
2
Views
388
Raul A.
R
L
Question Plesk with Mailman3 and Hyperkitty / nginx
Replies
0
Views
232
Larian
L
Back
Top