• We value your experience with Plesk during 2025
    Plesk strives to perform even better in 2026. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2025.
    Please take this short survey:
    https://survey.webpros.com/

Wrong server nginx config with plesk11.5

Azurel

Azurel

Silver Pleskian
Hello. I have plesk11.5 and found a big security bug in my script because plesk11 do a strange behavior:

[REMOTE_ADDR] => 95.*.*.*
[SERVER_PORT] => 80
[SERVER_ADDR] => 91.*.*.*
[SERVER_NAME] => domain.com
[SERVER_SOFTWARE] => Apache

[REMOTE_ADDR] => 2003:67:4b4b:*
[SERVER_PORT] => 80
[SERVER_ADDR] => 127.0.0.1
[SERVER_NAME] => domain.com
[SERVER_SOFTWARE] => Apache
Click to expand...

You can see... visitors with IPv4 get the correct Server-IPv4, BUT visitors with IPv6 get localhost 127.0.0.1
Thats fatal for me. I check in php ($_SERVER['SERVER_ADDR']=='127.0.0.1' for Offline development. Now all IPv6 users get critical outputs since months! :(

I have take a look and found this in /etc/nginx/plesk.config.d/server.conf
server {
listen 91.*.*.*:80 default_server ;

location / {
proxy_pass http://91.*.*.*:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

server {
listen [2a01:*:0:1]:80 default_server ipv6only=on;

location / {
proxy_pass http://127.0.0.1:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Click to expand...

Why is this 127.0.0.1 and not "proxy_pass http://91.*.*.*:7080;" or better "proxy_pass http://[2a01:*:0:1]:7080;"!?
 
Last edited:
I have report this "bug" to hosteurope and they have make changed for me
wir haben die Änderung in

"/usr/local/psa/admin/conf/templates/custom/nginx.php"

vorgenommen und die Nginx-Konfiguration mit

"plesk sbin nginxmng -d && plesk sbin nginxmng -e"

neu geschrieben.

Die Änderungen sind nun permanent.
Click to expand...
 
Can anybody tell me, that bug is in plesk12 for /etc/nginx/plesk.config.d/server.conf too? (see start posting) Thanks!
 
You must log in or register to reply here.

Similar threads

S
Resolved N8N in docker : ERR_ERL_UNEXPECTED_X_FORWARDED_FOR
Replies
2
Views
3K
soft009
S
B
Question How is the server.conf file generated?
Replies
6
Views
2K
Raul A.
R
D
Question Making a reverse proxy to a domain hosted in Plesk or cpanel with nginx
Replies
0
Views
2K
davibigi
D
itexpertnow
Issue Appwrite Websocket not working
Replies
0
Views
2K
itexpertnow
itexpertnow
propz
Question Best way to include persistent Docker data in Plesk Backups?
Replies
6
Views
5K
hardbrasil
hardbrasil
Back
Top