• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Nginx Connection Time-Outs

C

CyberEdge_Alan

Basic Pleskian
Hello,

This might not be the right place for it but maybe someone has more experience with Nginx than me and since its a different version I didn't want to go modifying it for specifics.

I run vbulletin and when logging in it hangs and eventually times out after a few seconds. When timing out it lists my URL as http://site.com:7080/login.php I have also tried to get the the admincp or modcp and during the same steps it times out. It's like its not passing through the port. It still logs me in but doesn't do the redirect I guess. I don't know if you guys can help me but I've been searching google with no luck with this issue I'm having.

EDIT: Seems to not load sub directory's say for instance http://site.com/forums/includes/ it will time out. It will read up to the forums part but nothing else after that. I've searched and searched and can't find any reasonable fix for this.

This problems seems to show when saving settings, logging in to vbulletin. If anyone has experience with this sort of thing please let me know!


Regards,
Alan
 
Last edited:
Could you be having or running a firewall that blocks ALL connections to port 7080
 
Yes, its blocking connections however if I were to open that port wouldn't that take the point out of running Nginx as a front-end? I mean all pages load except certain scripts, if it should be unblocked how should it? I use APF, I can unblock it with TCP but then people could just get to the site using 7080 bypassing Nginx. Reason for me wanting Nginx is because my site was being attacked by dos methods that don't exist for Nginx. Someone finding that port would just be bad.
 
Allan,

For APF do the following:

vi /etc/apf/conf.apf

Go to the line with

IG_TCP_CPORTS="21,25,....." then you add to the end of ports "7080"
Eg. IG_TCP_CPORTS="21,25,7080";

About DOS-Attacks, these kind of attacks can be directed to about anything on the server..Even Nginx can fall culprit of these attacks ..

Running away from apache because of dos-attacks is not a strong a reason to switch to Nginx..The strongest reason is server resource usage, Nginx is a light webserver compared to apache.

Have you installed BFD (Brute Force Detection) its a pretty good tool that can be used to fight and stop DOS attacks on your server.

I use ConfigServer for a firewall, I recommend it highly.
 
The types of attacks have been Slowloris, HTTP GET/POST floods, Layer 7 types of attacks, and others. There are tools out there to mitigate like mod_security, mod_qos, mod_antiloris/mod_evasive which I have installed them all and still do not stop the attacks. I've gone everywhere and everyone's told me using Nginx as a front-end would be the solution to all my problems. As the attacks they are using are not vulnerable to Nginx if you have other ways of securing the environment please let me know, you seem extremely smart. I'm not a linux genius I just know the basics to get me by with maintaining my own dedicated used only to host my computer repair site and a few friends websites for a small price. If you have ideas or can help me please let me know.


I do have BFD installed with ddos deflate. Using Nginx seems to have solved my problems except for the few exceptions I'm encountering. When I did forward the port everything loads however when going to those areas it seems to change my url to http://site.com:7080/forums/ and then it uses straight apache.
 
One smart way to kill such attacks is to go down deep to the packets hitting your server, analysing them and throwing useless "DOS" packets to a "Black-Hole". (and fighting back :))

About the port redirects, I used the instructions below to help my customers who had port 8443 blocked in there network still access Plesk control panel minus touching any of plesk port settings.

In many cases esp. in Africa, you find port 8443 by most ISPs blocked.

Firstly,

We create a domain in plesk which acts as access point, eg: host1234.theg7.com

Secondly:

vim /var/www/vhosts/host1234.theg7.com/conf/vhost.conf
and add the following contents:

SSLProxyEngine on
ProxyRequests off
ProxyPass / http://host1234.theg7.com:8443/
ProxyPassReverse / http://host1234.theg7.com:8443/

then finely:

For Plesk 9.*
/usr/local/psa/admin/sbin/websrvmng -a -v

For Plesk 10.*
/usr/local/psa/admin/sbin/httpdmng --reconfigure-all

Now when you open:

http://host1234.theg7.com

You would be welcomed by the plesk login page and all throughout the process. Never will they ever see a port 8443 anywhere. Even when the redirections occur they just end on the server but NOT on the client browser.

Using the same principle, you can redirect ALL port 7080 through Nginx ..Kinda complex but yes its possible :)
 
I get it but it seems very complex for someone like me. I had trouble setting up Nginx with Plesk 10.x and ended up having to reinstall in the end. I just wanted a site that would stay up and run. I even had it running through cloudflare. On the upside I found cloudflare is great to host DNS Records keeps mail up and running when the site was down 24/7 due to someone using some random attack method.

Some of there attacks left SSH inaccessible. I'm used to just running IIS in Windows and perfer it more but I wanted to try using something different. I'm using this to all learn a little bit.
 
You must log in or register to reply here.

Similar threads

J
Resolved Propably WP-Toolkit or server problem
Replies
2
Views
420
jakubeq420
J
Z
Issue Prestashop 8 : very slow and error "504 Gateway Time-out - Nginx"
Replies
1
Views
2K
1nghi
1
E
Issue (104)Connection reset by peer: AH01075: Error dispatching request to :
Replies
8
Views
2K
igmltd
I
A
Question Increase 504 Gateway Time-out
Replies
3
Views
1K
Kaspar@Plesk
Kaspar@Plesk
J
Issue Error 500 Plesk\Exception\Database (DB query failed: SQLSTATE[HY000] [2002] Connection refused)
Replies
5
Views
440
Raul A.
R
Back
Top