Resolved NGINX IP to Domain Redirect

[Gregory Matthews]

Server Setup:

1. VPS
2. Plesk 12.5
3. Centos 7
4. NGINX as reverse proxy to Apache 2.4
5. Path to NGINX config: /etc/nginx/nginx.conf

Plesk provides a GUI Apache & nginx Settings dialog box, but is unable to accept server{} blocks from there.

I've tried the following within /etc/nginx/nginx.conf, and several variations thereof, without success:

server {
server_name xx.xx.xx.xx;
return 301 https://domain.com$request_uri
}

I've also tried the following within the Plesk GUI without success:

if ($http_host ~ "^xx\.xxx\.xxx\.xx"){
set $rule_0 1$rule_0;
}
if ($rule_0 = "1"){
rewrite /(.*)$ https://domain.com/$1 permanent;
}

Where do I need to place this or similar directing in this scenario to direct all direct IP traffic to the domain name? I've tried placing the snippet in various NGINX config files so far without success.

Thanks.

 

[IgorG]

What about setting up default site for specific IP address in Tools&Settings?

Also

server {
server_name xx.xx.xx.xx;
return 301 https://domain.com$request_uri
}

Your "server" will be included to vhost's server{} - it doesn't work and it is expected behaviour from Plesk point of view.

if ($http_host ~ "^xx\.xxx\.xxx\.xx"){
set $rule_0 1$rule_0;
}
if ($rule_0 = "1"){
rewrite /(.*)$ https://domain.com/$1 permanent;
}

This rule doesn't work because we made "include nginx.conf" at the end of server {}. In case when request will be processed in some kind of "location" (for instance location /) all the rest will be ignored.

Check this solution too - http://stackoverflow.com/questions/...another-website-url-godaddy/38844582#38844582

 

[Pascal_Netenvie]

Also there is a Plesk Extension that made automatic translation from .htaccess to Nginx config ...
Test it.

 

[Gregory Matthews]

What about setting up default site for specific IP address in Tools&Settings?

Also

Your "server" will be included to vhost's server{} - it doesn't work and it is expected behaviour from Plesk point of view.


This rule doesn't work because we made "include nginx.conf" at the end of server {}. In case when request will be processed in some kind of "location" (for instance location /) all the rest will be ignored.

Check this solution too - http://stackoverflow.com/questions/...another-website-url-godaddy/38844582#38844582

Our default site is already configured to use a static IP.

We've tried everything we can think of in terms of NGINX rules and placing them in a variety of locations, including the Plesk GUI. The GUI snippet above was in fact generated through the Plesk .htaccess to NGINX converter.

That said, I'm reaching out here to determine why it is not working, and what we need to do to get it working, i.e., where do we need to place the the rewrite snippet to achieve our desired result? We've also tried switch the PHP handlers as well from PHP-FPM as Apache, and PHP-FPM as NGINX. No luck there either.

What do we need to do?

 

[Gregory Matthews]

Any update and or assistance? To further clarify our needs, here is an example of the type of rule we want to insert into our NGINX configuration. Where do we need to place this type of instruction/rule so that NGINX reads and honors it for proper execution:

server {
server_name newdomain.com www.newdomain.com;

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

# limit_conn limit_per_ip 16;
# ssi on;

access_log /home/nginx/domains/newdomain.com/log/access.log combined buffer=32k;
error_log /home/nginx/domains/newdomain.com/log/error.log;

root /home/nginx/domains/newdomain.com/public;

location / {

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

# Enables directory listings when index file not found
#autoindex on;

}

location /forums {
try_files $uri $uri/ /index.php;
}

location ~^(/forums/page/).*(\.php)$ {
try_files $uri $uri/ /index.php;
}

# Mask fake admin directory
location ~^/forums/admin/(.*)$ {
deny all;
}

# Secure real admin directory
location ~^(/forums/mynewadmin/).*(\.php) {
#allow 127.0.0.1;
#deny all;
#auth_basic "Restricted Area";
#auth_basic_user_file $document_root/forums/mynewadmin/.htpasswd;
include /usr/local/nginx/conf/php.conf;
}

# IP.Board PHP/CGI Protection
location ~^(/forums/uploads/).*(\.php)$ {
deny all;
}
location ~^(/forums/hooks/).*(\.php)$ {
deny all;
}
location ~^(/forums/cache/).*(\.php)$ {
deny all;
}
location ~^(/forums/screenshots/).*(\.php)$ {
deny all;
}
location ~^(/forums/downloads/).*(\.php)$ {
deny all;
}
location ~^(/forums/blog/).*(\.php)$ {
deny all;
}
location ~^(/forums/public/style_).*(\.php)$ {
deny all;
}

include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/drop.conf;
#include /usr/local/nginx/conf/errorpage.conf;
}

 

[UFHH01]

Hi Gregory Matthews,

server {
server_name newdomain.com www.newdomain.com;

...

access_log /home/nginx/domains/newdomain.com/log/access.log combined buffer=32k;
error_log /home/nginx/domains/newdomain.com/log/error.log;

root /home/nginx/domains/newdomain.com/public;

...

So basically, you want to add an additional domain, with a different vhosts - location on your server... correct?

Could you pls. explain why? Could you pls. explain, why you don't add the "newdomain.com" over Plesk, using the standard, existing vhosts - configuration and move the stuff from "/home/nginx/domains/newdomain.com" to "/var/www/vhosts/newdomain.com/httpdocs"?

 

[Gregory Matthews]

The above snippet was just an example, not necessarily something I am trying to execute on my box. The point of my question is, where should I be placing a rule such as that, i.e., server { ... } with locations, etc., so that NGINX operating in the manner I described above, i.e., reverse proxy to Apache on Centos 7 on Plesk 12.5, etc., honors the rules and executes accordingly? The Plesk GUI will not work in this case, so I need to know which conf/custom conf files I need to edit that won't be overridden during Plesk updates, etc..

 

[UFHH01]

Hi Gregory Matthews,

it is NOT RECOMMENDED, you use several vhosts - structures on one server, when you use Plesk. The security of your server can't be guaranteed anymore, issues/problems with PHP, apache/nginx will arise and therefore you should stick to ONE vhosts - structure. If you would like to CHANGE the existing vhosts - structure in Plesk, consider to use the suggestions from:

How to change Virtual Hosts location in Plesk for Unix ( KB - article 1186 )​

 

[Gregory Matthews]

Understood. That being said, where should I be placing custom NGINX rewrite rules of a more complex nature that the GUI may allow. Some location rules are causing the GUI to error, and I'm not sure that the GUI is placing the GUI rules in a priority order for execution. Is there a custom conf file options whereby we can build complex rewrite rules for NGINX, or is the GUI the expected place?

 

[UFHH01]

Hi Gregory Matthews,

Is there a custom conf file options whereby we can build complex rewrite rules for NGINX, or is the GUI the expected place?

Sure, there is... but not for "server directives"... nginx will moan, if you use TWO of them.

Each of the domain - configuration - files are located at: /var/www/vhosts/system/DOMAIN.COM-OR-SUB.DOMAIN.COM/conf/* and for nginx, there is either "nginx.conf" or "nginx_ip_default.conf" defined, with the option at the end:

include "/var/www/vhosts/system/DOMAIN.COM-OR-SUB.DOMAIN.COM/conf/vhost_nginx.conf

This specific "vhost_nginx.conf" is not existent, if you didn't add "additional directives" over the Plesk Control Panel, but you are still able to create it manually and add your "additional directives" inside, so that nginx will read them as well as additional configuration for your domain/subdomain. Plesk itself will never touch "vhost_nginx.conf" in case of Plesk updates/upgrades/patches! You will still notice, that nginx won't accept misconfigurations, double settings, ..., because nginx has as well a built-in "configuration checker".

Pls. be as well informed, that if you use for example PHP and manually modify the "nginx.conf" or "nginx_ip_default.conf", without modifying the depending PHP configuration, then you will notice issues/problems/errors and Plesk updates/upgrades/patches could as well override your manual modifications.​

 

[Gregory Matthews]

Thanks. I think you answered it. We will add all custom NGINX rewrites within vhost.nginx.conf which our server should interpret and execute accordingly given our above referenced LEMP Stack. I assume then that all Apache rewrite rules do not apply due to NGINX reverse proxy?

 

[UFHH01]

Hi Gregory Matthews,

well, if the goal was "to switch off apache-usage completely", you should WAIT a couple of days, because Plesk Onyx already comes with the ability to TURN OFF apache usage for your domain(s) and will be released in october 2016 ( currently in preview state available and working on some of my servers, without barely discernible issues/problems for over 2500 domains! => Plesk Onyx Preview and FeedBack <= ):

Quoted from: https://plesk.uservoice.com/forums/...s/suggestions/4123981-add-nginx-only-hostings

...
Update:

The ability to turn off Apache and have content served by nginx only on a per-website basis is now available in the latest Plesk Onyx 17.0.14 preview. We encourage you to check the implementation and let us know what you think. Please visit the following forum thread to learn how to access the preview:https://talk.plesk.com/threads/plesk-onyx-preview-and-feedback.337172

How to try this feature:

Go to any website, click Apache & nginx Settings and deselect the “Proxy mode” checkbox under nginx settings. The feature is also available in Service Plans.
...

Screenshot:
​

 

[Gregory Matthews]

Actually, we like having NGINX as a reverse proxy sitting in front of Apache. Our only challenge is getting rewrites to work properly, especially when they are more complex and cause problems with the Plesk GUI. Is there a way to have our server process HTACCESS files natively while NGINX sits in front like this?

 

[UFHH01]

Hi Gregory Matthews,

Is there a way to have our server process HTACCESS files natively while NGINX sits in front like this?

Yes. Just use correct nginx additional directives ( sorry... I'm not making fun of you! ).

Nginx doesn't care about your HTACCESS - file(s) at all... it ignores them, because they are only for apache. Your only issue here might be, that you use false/incomplete ( additional ) nginx directives, depending to your content, or use non-standard-paths, which need additional configuration(s).


Your last question is quite theoretical and any answer which I give are based on the correct configuration. If you would like a more specific/technical answer, you really have to provide MORE information(s). Pls. keep in mind, that the more information(s)/facts you provide, the better will be answers/suggestions/work-arounds/solutions.

 

[Gregory Matthews]

Thanks for your help. So is the Plesk GUI for NGINX additional directives designed to accommodate anything we would need related to NGINX rewrite rules providing the formatting, etc. is correct per your comments above? Does the server process the GUI rules first (before others that may be in NGINX conf files) to help ensure they actually execute?

Also, if we have NGINX setup as a reverse proxy to Apache like we do, why does the Plesk GUI allow for Apache rewrite rules if they won't work?

 

[UFHH01]

Hi Gregory Matthews,

why does the Plesk GUI allow for Apache rewrite rules if they won't work?

Why should additional rewrite rules for apache not work? With Plesk 12.5, you have TWO choices, either apache/nginx, or apache-only usage. Additional apache directives are similar to ".htaccess" - files, with the difference, that you save your rules in the configuration file, instead of at the ".htaccess" - files. Just like with nginx, the additional directives are placed in an additional "*.conf" - file, which is already included with the basic apache - configuration:

Include "/var/www/vhosts/system/DOMAIN.COM-OR-SUB.DOMAIN.COM/conf/vhost.conf"
and
Include "/var/www/vhosts/system/DOMAIN.COM-OR-SUB.DOMAIN.COM/conf/vhost_ssl.conf"​

So is the Plesk GUI for NGINX additional directives designed to accommodate anything we would need related to NGINX rewrite rules providing the formatting, etc. is correct per your comments above?

Again, the Plesk Control Panel is just a HELP here. Due to the fact that the possible additional configuration is already included with

include "/var/www/vhosts/system/DOMAIN.COM-OR-SUB.DOMAIN.COM/conf/vhost_nginx.conf​

the existing boxes over the Plesk Control Panel for additional directives makes it just easier for you insert additional directives - nothing more. Plesk itself doesn't care about "correct" inserts, the webserver ( apache/nginx ) itself checks, if the additional directives are usable. Plesk will only show the possible error - messages from your webserver, when you inserted incorrect/double/misconfigured directives.

If you need further answers to your webservers, pls consider to read the official documents:

http://httpd.apache.org/docs/
and
http://nginx.org/en/docs/​

 

[Gregory Matthews]

... thanks again for your help. I'm also going to update to Onyx as soon as it becomes available. Have a good day.