nginx expose port and not redirect












0














server 1 - 192.168.0.1 has nginx and apache installed. apache listen port 8000, nginx listen port 80. nginx acting as TLS termination point, and load balancer.



server 2 - 192.168.0.1 apache listen port 80



HTTPS is working perfectly.



problem is when traffic point to server 1 :



web page show as http://test.net:8000 and did not redirect to HTTPS
and also expose port on address http://test.net:8000



im new to nginx, how do i improve my configuration blow:



upstream testpool {

    least_conn;

    server 192.168.0.1:8000;

    server 192.168.0.2:80;

    }



server {



    server_name test.com test.net;



    listen 80 default_server;

    listen [::]:80 default_server;



    #redirect non http to https

    #return 404; # managed by Certbot

    #not recomended rewrite ^ https://$host$request_uri;

    return 301 https://$host$request_uri;





}



server {



    server_name test.com test.net;

    listen 443 ssl default_server;



    #ssl section, listen 443 is new way of ssl on;

    ssl_certificate /etc/letsencrypt/live/test.net/fullchain.pem; # managed by Certbot

    ssl_certificate_key /etc/letsencrypt/live/test.net/privkey.pem; # managed by Certbot

    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



    location / {

    resolver 8.8.8.8;



    proxy_pass http://testpool;

    include /etc/nginx/proxy_params;

    #return 301 https://$server_name$request_uri;



    }

}





nginx







share|improve this question
























  • your two servers can't both listen on the same IP address... it'll cause conflicts. What's your goal here?
    – Thomas Ward
    Dec 18 '18 at 19:57










  • my bad, my typo of repeat the same IP address, but the configuration is correct. upstream has two servers 192.168.0.1 and 192.168.0.2 My goal is traffic comes in at port 80 it redirect to HTTPS
    – cnguyen
    Dec 18 '18 at 20:23


















0














server 1 - 192.168.0.1 has nginx and apache installed. apache listen port 8000, nginx listen port 80. nginx acting as TLS termination point, and load balancer.



server 2 - 192.168.0.1 apache listen port 80



HTTPS is working perfectly.



problem is when traffic point to server 1 :



web page show as http://test.net:8000 and did not redirect to HTTPS
and also expose port on address http://test.net:8000



im new to nginx, how do i improve my configuration blow:



upstream testpool {

    least_conn;

    server 192.168.0.1:8000;

    server 192.168.0.2:80;

    }



server {



    server_name test.com test.net;



    listen 80 default_server;

    listen [::]:80 default_server;



    #redirect non http to https

    #return 404; # managed by Certbot

    #not recomended rewrite ^ https://$host$request_uri;

    return 301 https://$host$request_uri;





}



server {



    server_name test.com test.net;

    listen 443 ssl default_server;



    #ssl section, listen 443 is new way of ssl on;

    ssl_certificate /etc/letsencrypt/live/test.net/fullchain.pem; # managed by Certbot

    ssl_certificate_key /etc/letsencrypt/live/test.net/privkey.pem; # managed by Certbot

    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



    location / {

    resolver 8.8.8.8;



    proxy_pass http://testpool;

    include /etc/nginx/proxy_params;

    #return 301 https://$server_name$request_uri;



    }

}





nginx







share|improve this question
























  • your two servers can't both listen on the same IP address... it'll cause conflicts. What's your goal here?
    – Thomas Ward
    Dec 18 '18 at 19:57










  • my bad, my typo of repeat the same IP address, but the configuration is correct. upstream has two servers 192.168.0.1 and 192.168.0.2 My goal is traffic comes in at port 80 it redirect to HTTPS
    – cnguyen
    Dec 18 '18 at 20:23
















0












0








0







server 1 - 192.168.0.1 has nginx and apache installed. apache listen port 8000, nginx listen port 80. nginx acting as TLS termination point, and load balancer.



server 2 - 192.168.0.1 apache listen port 80



HTTPS is working perfectly.



problem is when traffic point to server 1 :



web page show as http://test.net:8000 and did not redirect to HTTPS
and also expose port on address http://test.net:8000



im new to nginx, how do i improve my configuration blow:



upstream testpool {

    least_conn;

    server 192.168.0.1:8000;

    server 192.168.0.2:80;

    }



server {



    server_name test.com test.net;



    listen 80 default_server;

    listen [::]:80 default_server;



    #redirect non http to https

    #return 404; # managed by Certbot

    #not recomended rewrite ^ https://$host$request_uri;

    return 301 https://$host$request_uri;





}



server {



    server_name test.com test.net;

    listen 443 ssl default_server;



    #ssl section, listen 443 is new way of ssl on;

    ssl_certificate /etc/letsencrypt/live/test.net/fullchain.pem; # managed by Certbot

    ssl_certificate_key /etc/letsencrypt/live/test.net/privkey.pem; # managed by Certbot

    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



    location / {

    resolver 8.8.8.8;



    proxy_pass http://testpool;

    include /etc/nginx/proxy_params;

    #return 301 https://$server_name$request_uri;



    }

}





nginx







share|improve this question















server 1 - 192.168.0.1 has nginx and apache installed. apache listen port 8000, nginx listen port 80. nginx acting as TLS termination point, and load balancer.



server 2 - 192.168.0.1 apache listen port 80



HTTPS is working perfectly.



problem is when traffic point to server 1 :



web page show as http://test.net:8000 and did not redirect to HTTPS
and also expose port on address http://test.net:8000



im new to nginx, how do i improve my configuration blow:



upstream testpool {

    least_conn;

    server 192.168.0.1:8000;

    server 192.168.0.2:80;

    }



server {



    server_name test.com test.net;



    listen 80 default_server;

    listen [::]:80 default_server;



    #redirect non http to https

    #return 404; # managed by Certbot

    #not recomended rewrite ^ https://$host$request_uri;

    return 301 https://$host$request_uri;





}



server {



    server_name test.com test.net;

    listen 443 ssl default_server;



    #ssl section, listen 443 is new way of ssl on;

    ssl_certificate /etc/letsencrypt/live/test.net/fullchain.pem; # managed by Certbot

    ssl_certificate_key /etc/letsencrypt/live/test.net/privkey.pem; # managed by Certbot

    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



    location / {

    resolver 8.8.8.8;



    proxy_pass http://testpool;

    include /etc/nginx/proxy_params;

    #return 301 https://$server_name$request_uri;



    }

}





nginx




nginx






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 18 '18 at 20:29









Thomas Ward

43.6k23120173




43.6k23120173










asked Dec 18 '18 at 19:52









cnguyencnguyen

1




1












  • your two servers can't both listen on the same IP address... it'll cause conflicts. What's your goal here?
    – Thomas Ward
    Dec 18 '18 at 19:57










  • my bad, my typo of repeat the same IP address, but the configuration is correct. upstream has two servers 192.168.0.1 and 192.168.0.2 My goal is traffic comes in at port 80 it redirect to HTTPS
    – cnguyen
    Dec 18 '18 at 20:23




















  • your two servers can't both listen on the same IP address... it'll cause conflicts. What's your goal here?
    – Thomas Ward
    Dec 18 '18 at 19:57










  • my bad, my typo of repeat the same IP address, but the configuration is correct. upstream has two servers 192.168.0.1 and 192.168.0.2 My goal is traffic comes in at port 80 it redirect to HTTPS
    – cnguyen
    Dec 18 '18 at 20:23


















your two servers can't both listen on the same IP address... it'll cause conflicts. What's your goal here?
– Thomas Ward
Dec 18 '18 at 19:57




your two servers can't both listen on the same IP address... it'll cause conflicts. What's your goal here?
– Thomas Ward
Dec 18 '18 at 19:57












my bad, my typo of repeat the same IP address, but the configuration is correct. upstream has two servers 192.168.0.1 and 192.168.0.2 My goal is traffic comes in at port 80 it redirect to HTTPS
– cnguyen
Dec 18 '18 at 20:23






my bad, my typo of repeat the same IP address, but the configuration is correct. upstream has two servers 192.168.0.1 and 192.168.0.2 My goal is traffic comes in at port 80 it redirect to HTTPS
– cnguyen
Dec 18 '18 at 20:23












0






active

oldest

votes











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1102920%2fnginx-expose-port-and-not-redirect%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Ask Ubuntu!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1102920%2fnginx-expose-port-and-not-redirect%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Quarter-circle Tiles

Image
up vote 0 down vote favorite I have $99$ identical square tiles, each with a quarter-circle drawn on it like this: [asy] size(1.5cm); draw(Arc((2,0),1,90,180),red+1); draw((0,0)--(2,0)--(2,2)--(0,2)--(0,0)); [/asy] When I arrange the tiles in a $9times 11$ rectangular grid, each with a random orientation, what is the expected value of the number of full circles I form? I think this problem has to do with finding the chance any given 2x2 square has a circle, but I can't find it. expected-value share | cite | improve this question asked Nov 20 at 15:03 6minecraftninja 1 2
Read more

build a pushdown automaton that recognizes the reverse language of a given pushdown automaton?

Image
0 I think it's similiar to NFAs. I replace the finite states of the given automaton for start-states for my new automaton. I do it with $epsilon$ -transition from the start state to the actual finite states of the given automaton. The start state of the given automaton will be my accepting(finite) state of my new one. All transitions will be reversed of course to recognize the reversed word. But how do I have to change the stack of the pushdown automaton? That's tricky. formal-languages automata context-free-grammar share | cite | improve this question edited Nov 29 '18 at 14:20 joee
Read more

Mont Emei

Image
Mont Emei.mw-parser-output .entete.map{background-image:url("//upload.wikimedia.org/wikipedia/commons/7/7a/Picto_infobox_map.png")} Vue du sommet Wanfo du mont Emei Géographie Altitude 3 099  m , Wanfo Coordonnées 29° 31′ 11″ nord, 103° 19′ 57″ est Administration Pays   Chine Province Sichuan Ville-préfecture Leshan Géolocalisation sur la carte : Sichuan Mont Emei Géolocalisation sur la carte : Chine Mont Emei modifier   Paysage panoramique du mont Emei, incluant le paysage panoramique du grand Bouddha de Leshan *   Patrimoine mondial de l'UNESCO Passerelle en bois sur le versant ouest Pays   Chine Subdivision Sichuan Type Mixte Critères (iv) (vi) (x) Superficie 15 400 ha Numéro d’identification 779 Zone géographique Asie et Pacifique  ** Année d’inscription 1996 (20 e session) * Descriptif officiel UNESCO ** Classification géog
Read more