• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Wrong server nginx config with plesk11.5

Azurel

Azurel

Silver Pleskian
Hello. I have plesk11.5 and found a big security bug in my script because plesk11 do a strange behavior:

[REMOTE_ADDR] => 95.*.*.*
[SERVER_PORT] => 80
[SERVER_ADDR] => 91.*.*.*
[SERVER_NAME] => domain.com
[SERVER_SOFTWARE] => Apache

[REMOTE_ADDR] => 2003:67:4b4b:*
[SERVER_PORT] => 80
[SERVER_ADDR] => 127.0.0.1
[SERVER_NAME] => domain.com
[SERVER_SOFTWARE] => Apache
Click to expand...

You can see... visitors with IPv4 get the correct Server-IPv4, BUT visitors with IPv6 get localhost 127.0.0.1
Thats fatal for me. I check in php ($_SERVER['SERVER_ADDR']=='127.0.0.1' for Offline development. Now all IPv6 users get critical outputs since months! :(

I have take a look and found this in /etc/nginx/plesk.config.d/server.conf
server {
listen 91.*.*.*:80 default_server ;

location / {
proxy_pass http://91.*.*.*:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

server {
listen [2a01:*:0:1]:80 default_server ipv6only=on;

location / {
proxy_pass http://127.0.0.1:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Click to expand...

Why is this 127.0.0.1 and not "proxy_pass http://91.*.*.*:7080;" or better "proxy_pass http://[2a01:*:0:1]:7080;"!?
 
Last edited:
I have report this "bug" to hosteurope and they have make changed for me
wir haben die Änderung in

"/usr/local/psa/admin/conf/templates/custom/nginx.php"

vorgenommen und die Nginx-Konfiguration mit

"plesk sbin nginxmng -d && plesk sbin nginxmng -e"

neu geschrieben.

Die Änderungen sind nun permanent.
Click to expand...
 
Can anybody tell me, that bug is in plesk12 for /etc/nginx/plesk.config.d/server.conf too? (see start posting) Thanks!
 
You must log in or register to reply here.

Similar threads

B
Question How is the server.conf file generated?
Replies
6
Views
2K
Raul A.
R
D
Question Making a reverse proxy to a domain hosted in Plesk or cpanel with nginx
Replies
0
Views
1K
davibigi
D
itexpertnow
Issue Appwrite Websocket not working
Replies
0
Views
1K
itexpertnow
itexpertnow
propz
Question Best way to include persistent Docker data in Plesk Backups?
Replies
2
Views
3K
propz
propz
C
Question nginx reverse proxy and password protected directory
Replies
2
Views
1K
Raul A.
R
Back
Top