Resolved Nginx and Securi

[Nadeem Aslam]

Hi

I'm running a server with plesk nginx, apache, mysql the standard stuff, in front of the server sits a web based firewall called Securi

In order to stop the firewall being bypassed they offer some information on how to do it on apache as well as nginx

There suggested information is this

location / {
allow 192.88.134.0/23;
allow 185.93.228.0/22;
allow 2a02:fe80::/29;
allow 66.248.200.0/22;
deny all;
# Existing NGINX rules
}


But when i put that into the Additional nginx directives within the pelsk interface i get the following error

Invalid nginx configuration: nginx: [emerg] duplicate location "/" in /var/www/vhosts/system/domain.org.uk/conf/vhost_nginx.conf:13 nginx: configuration file /etc/nginx/nginx.conf test failed

My question is the fix i did think about editing nginx.conf for the domain and trying it in there but i know plesk / nginx sort of works different - this setting only need to apply to one domain and it's sub domains so not a global setting

Since i'm not a nginx expert - should i edit nginx.conf for the domain or does the rule need a rewrite - also i think there is a command to run to rebuild nginx or something

Thanks

Nadeem

 

[UFHH01]

Hi Nadeem Aslam,

Since i'm not a nginx expert - should i edit nginx.conf for the domain or does the rule need a rewrite

Sorry, but you posted in a "Plesk - related" - forum. Even that you are able to insert "additional nginx directives" over the Plesk Control Panel, this doesn't mean, that your issue is "Plesk - related" ( which it isn't ). Pls. consider to open such a thread/discussion at => Home > Forum > General Discussion > Open Topics


Additional informations:
Pls. note, that NGINX rewrite - questions should be asked at for example at: => Nginx Forum

this setting only need to apply to one domain and it's sub domains so not a global setting

"location" - definitions are never global settings, they are always (sub)domain - specific, which need to be placed inside the (sub)domain - specific configuration files, or inside the "vhosts_nginx.conf".

There suggested information is this

If "they" suggest a basic solution for their product, they should be aware about issues/errors/problems, in case that templates are used and already defined directives as within Plesk templates as:

    location / {
        proxy_pass https://207.38.89.43:7081;
        proxy_set_header Host             $host;
        proxy_set_header X-Real-IP        $remote_addr;
        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header X-Accel-Internal /internal-nginx-static-location;
        access_log off;
    }

... are already existent. Consider to ask "them" to rewrite their suggestions for that cases.