Welcome! Log In Create A New Profile

Advanced

Reverse proxy configuration help

February 17, 2013 11:22PM
I am new to nginx, it being recommended to solve a problem.

The problem: I have a VPS hosting a website and an application server in my DMZ. I have a test and prod version of each. I want both DMZ'ed servers reverse-proxied such that requests where the referrer is the test web server always go to the test app server and requests where the referrer is anything but the test web server always go to the production app server.

The app servers can only be accessed over https, and the proxy will eventually but not quite yet.

Question: What is the best way to accomplish this? I am trying to use two different registered host names which are registered to the secondary IP on the VPS, as the proxied names for the app servers, but that's not working too well. I wonder if it would be better to have a single server name for the proxy with the two proxied servers selected based on referrer, rather than trying to redirect to another server name, with one server name servicing one proxied server and the other, the other proxied server.

Regardless, I can't seem to get past the connection to the backend server. I keep getting a 110 connection failure. I have tried several configurations but none seem to work.

The problem I'm running into may be related to use of the valid_referers directive. It doesn't seem to do what I need, which is to use one back-end for requests referred from one web server host but use the other for all other requests.

If I have two server directives with the same IP but two different server names, it seems I can't have two location directives, one within each server name. If I could get that to work, it seems to me it should allow me to redirect to the default app server using the valid_referers directive within the referrer-specific app server's server directive, but that doesn't seem to work the way I expect, either.

I don't have a config file to post because it has gone through a dozen iterations already, none of which have been saved. A generic example of one that doesn't work would be :

server {
listen 10.10.10.10:80;
server_name devappxy.mydomain.com;
valid_referers devweb.mydomain.com;
if ($invalid_referer) {
return 301 http://apppxy.mydomain.com$request_uri;
}
proxy_bind 10.10.10.10;
access_log /var/log/nginx/devpxyaccess.log main;
error_log /var/log/nginx/devpxyerror.log debug;
location / {
proxy_pass https://devapp.mydomain.com;
proxy_redirect https://devapp.mydomain.com / ;
}
}
server {
listen 10.10.10.10:80 ;
server_name apppxy.mydomain.com ;
proxy_bind 10.10.10.10 ;
access_log /var/log/nginx/pxyaccess.log main ;
error_log /var/log/nginx/pxyerror.log debug ;
location / {
proxy_pass https://prodapp.mydomain.com ;
proxy_redirect https://prodapp.mydomain.com / ;
}
}

When I do that it says "location" directive isn't allowed here...
SubjectAuthorPosted

Reverse proxy configuration help

jimsFebruary 17, 2013 11:22PM

Re: Reverse proxy configuration help

Jonathan MatthewsFebruary 18, 2013 12:06PM

Re: Reverse proxy configuration help

jimsFebruary 18, 2013 03:04PM

Re: Reverse proxy configuration help

jimsFebruary 19, 2013 07:02PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 92
Record Number of Users: 5 on December 17, 2014
Record Number of Guests: 154 on December 17, 2014
Powered by nginx    Powered by FreeBSD    PHP Powered    Powered by Percona     ipv6 ready