• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Please beaware of a breaking change in the REST API on the next Plesk release (18.0.62).
    Starting from Plesk Obsidian 18.0.62, requests to REST API containing the Content-Type header with a media-type directive other than “application/json” will result in the HTTP “415 Unsupported Media Type” client error response code. Read more here

Resolved nginx as reverse proxy, just to clarify

Giorgio1

Giorgio1

New Pleskian
In the past I used only Apache so this is the first time I use nginx (as reverse proxy). Of course I started to study nginx and Apache + nginx but i would like to have some clarification / confirm. For example:

1) What to do about jails of fail2ban in general? I have for instance a jail for Wordpress login monitoring the apache log. If I use nginx as reverse proxy should I have to look into the nginx log files too?

2) If I understood correctly, all the .htaccess rules have to be translated for nginx and inserted in the page Apache & nginx Settings. Is it right? Or the .htaccess rules are still processed?

3) For a Wordpress websites, is better to use FPM or FastCGI served by Apache?

Thanks a lot for any help to understand the general situation! :)
 
Hi,

I'm not 100% sure about my responses, but I'm sure someone will comment if I'm wrong. However, my understanding is as follows:

1. PHP is still processed by Apache (by default, Nginx only handles static files), so a WordPress Fail2Ban rule only needs to monitor Apache logs. For example, the 'plesk-wordpress' jail monitors logs: /var/www/vhosts/system/*/logs/*access*log. All the "plesk-" prefixed Jails should be set up by default to monitor the appropriate logs.

2. .htaccess files are still used, even when Nginx is reverse proxy.

3. My understanding is that FPM performs better than FAST-CGI

I hope that helps!
 
gbotica said:
but I'm sure someone will comment if I'm wrong.
Click to expand...

Only to add that the answers are true if "PHP Apache FPM" is used. When you set it to "PHP Nginx FPM", PHP will run through Nginx, and in that case indeed the fail2ban rules won't work correctly, neither will .htaccess. But for most applications, it is best to just keep PHP Apache FPM.
 
Peter Debik said:
Only to add that the answers are true if "PHP Apache FPM" is used. When you set it to "PHP Nginx FPM", PHP will run through Nginx, and in that case indeed the fail2ban rules won't work correctly, neither will .htaccess. But for most applications, it is best to just keep PHP Apache FPM.
Click to expand...
There is anyway a possible configuration that defies my logic:
  • Proxy Mode
  • Smart static files processing
  • Serve static files directly by nginx
  • PHP FPM served by nginx
  • ... and maybe "Enable caching" too!!
What is Apache doing in above setup?
 
As far as I remember it simply does not work correctly with a contradictive configuration.
 
You must log in or register to reply here.

Similar threads

X-HTTG
Question Apache With Nginx Reverse Proxy Question
Replies
0
Views
886
X-HTTG
X-HTTG
X-HTTG
Resolved Apache + Nginx As Reverse Proxy Imunify360 Question
Replies
5
Views
1K
Peter Debik
P
WhiteTiger
Question "Your server is neither Nginx nor Apache"
Replies
2
Views
1K
WhiteTiger
WhiteTiger
D
Question NGINX Unit on server under plesk
Replies
4
Views
490
trialotto
T
T
Question Plesk Odoo Nginx Reverse Proxy
Replies
4
Views
5K
Edinson
E
Back
Top