• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Wrong server nginx config with plesk11.5

Azurel

Azurel

Silver Pleskian
Hello. I have plesk11.5 and found a big security bug in my script because plesk11 do a strange behavior:

[REMOTE_ADDR] => 95.*.*.*
[SERVER_PORT] => 80
[SERVER_ADDR] => 91.*.*.*
[SERVER_NAME] => domain.com
[SERVER_SOFTWARE] => Apache

[REMOTE_ADDR] => 2003:67:4b4b:*
[SERVER_PORT] => 80
[SERVER_ADDR] => 127.0.0.1
[SERVER_NAME] => domain.com
[SERVER_SOFTWARE] => Apache
Click to expand...

You can see... visitors with IPv4 get the correct Server-IPv4, BUT visitors with IPv6 get localhost 127.0.0.1
Thats fatal for me. I check in php ($_SERVER['SERVER_ADDR']=='127.0.0.1' for Offline development. Now all IPv6 users get critical outputs since months! :(

I have take a look and found this in /etc/nginx/plesk.config.d/server.conf
server {
listen 91.*.*.*:80 default_server ;

location / {
proxy_pass http://91.*.*.*:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

server {
listen [2a01:*:0:1]:80 default_server ipv6only=on;

location / {
proxy_pass http://127.0.0.1:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Click to expand...

Why is this 127.0.0.1 and not "proxy_pass http://91.*.*.*:7080;" or better "proxy_pass http://[2a01:*:0:1]:7080;"!?
 
Last edited:
I have report this "bug" to hosteurope and they have make changed for me
wir haben die Änderung in

"/usr/local/psa/admin/conf/templates/custom/nginx.php"

vorgenommen und die Nginx-Konfiguration mit

"plesk sbin nginxmng -d && plesk sbin nginxmng -e"

neu geschrieben.

Die Änderungen sind nun permanent.
Click to expand...
 
Can anybody tell me, that bug is in plesk12 for /etc/nginx/plesk.config.d/server.conf too? (see start posting) Thanks!
 
You must log in or register to reply here.

Similar threads

S
Resolved N8N in docker : ERR_ERL_UNEXPECTED_X_FORWARDED_FOR
Replies
6
Views
12K
max2334
M
B
Question How is the server.conf file generated?
Replies
6
Views
4K
Raul A.
R
D
Question Making a reverse proxy to a domain hosted in Plesk or cpanel with nginx
Replies
0
Views
2K
davibigi
D
itexpertnow
Issue Appwrite Websocket not working
Replies
0
Views
2K
itexpertnow
itexpertnow
propz
Question Best way to include persistent Docker data in Plesk Backups?
Replies
6
Views
6K
hardbrasil
hardbrasil
Back
Top