Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Looking for nginx expert
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Looking for nginx expert

eKoeKo Member

Hello, im looking for a nginx expert, must be pro especially for reverse proxy setups. Please pm.

Comments

  • ZappieZappie Member, Host Rep, LIR

    More than happy to try help (free with the forum spirit) if you post your specific issue or questions

  • Will be happy to help if needed :)

  • exception0x876exception0x876 Member, Host Rep, LIR

    it is easy to become an expert yourself, just read this page

    https://www.nginx.com/resources/admin-guide/reverse-proxy/

    Thanked by 1theroyalstudent
  • Caching reverse proxy?

    location / {
        proxy_pass $proxyHost;
    
        proxy_http_version 1.1;
    
        proxy_set_header Host $http_host;
    
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Real-Port $remote_port;
    
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    
        add_header X-Proxy-Cache $upstream_cache_status;
    
        proxy_buffering on;
    
        proxy_redirect off;
        proxy_request_buffering off;
    
        proxy_buffer_size 64k;
        proxy_buffers 8 32k;
    
        proxy_ignore_client_abort off;
        
        proxy_connect_timeout 86400;
        proxy_read_timeout 86400;
        proxy_send_timeout 86400;
    
        # Dynamic content
        location ~* (.+)\.(?:\d+)\.(manifest|appcache|html|xml|json)$ {
            expires -1;
        }
    
        # Media
        location ~* (.+)\.(?:\d+)\.(jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm)$ {
            root /tmp/nginx/cache;
    
            access_log on;
    
            proxy_cache reverseProxy;
            proxy_cache_key "$scheme://$host$request_uri";
            proxy_cache_valid 200 302 304 30m;
    
            proxy_ignore_headers Cache-Control Set-Cookie;
    
            proxy_cache_revalidate on;
            proxy_cache_min_uses 3;
            proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
            proxy_cache_lock on;
    
            add_header Cache-Control "public";
    
            expires 30m;
        }
    }
    
    include /etc/nginx/buildPack/options/letsEncrypt;
    include /etc/nginx/buildPack/options/security;
    

    Taken from my codebase, the location block should have everything you need, replace $proxyHost with the address/upstream(s) and you should be fine.

    It works fine for me, PM if you need a full .ZIP that has everything that you can simply include in your config :)

  • eKoeKo Member
    edited May 2016

    So here is my problem.
    Im trying to do a reverse proxy to a website called extratorrent.cc, just for me and some of my friends in the uk, which have it blocked by their ISP.

    The main problem is that, with my nginx config, after a while proxing, extratorrent gives a redirect to one of his own proxies, with a strange meta refresh thing, which i saw by debugging with firefox, will post it in some minutes.

    So, Im looking for a solution to this, to dont redirect to one of their proxies. I see many proxies of extratorrent online havent that redirect, so i wonder how do they managed to avoid that redirection? The redirect happens when the proxy starts to get some traffic.

    Here is my nginx conf: http://pastebin.com/xTG88MSF

    Here is my domain.conf: http://pastebin.com/wvDQ023s

    Nginx is the version 1.10.0, compiled with https://github.com/yaoweibin/ngx_http_substitutions_filter_module and https://github.com/openresty/headers-more-nginx-module.git

    Any help is appreciated.

    Will post in a moment the exact redirect string.

    The string : http://pastebin.com/eVBMxynL

  • rokokrokok Member

    I remember can do this in the past... It wont redirect but has kind of overlay text notice blablabla.. ET has its own protection against reverse proxy and set limit per connections.

  • eKoeKo Member
    edited May 2016

    The important part is that I need it to not redirect, do you have any advice?

  • FalzoFalzo Member
    edited May 2016

    if you know thats a meta refresh, so based inside the proxied content and no header itself, you may want to look into this http://nginx.org/en/docs/http/ngx_http_sub_module.html to filter for the url given in that meta refresh or the meta refresh itself to replace and therefore disable it.

    edit: just seen you are already using subs_filter within your domain.conf - what is keeping you from replacing that meta refresh with this type?

  • rokokrokok Member
    edited May 2016

    Don't have time for this of thing now, but just from seeing have you try to "edit" the /scripts/script.js

    or look at other .js files, usually redirect came from javascript load with localhost or IP

  • eKoeKo Member

    @Falzo said:

    edit: just seen you are already using subs_filter within your domain.conf - what is keeping you from replacing that meta refresh with this type?

    hello falzo, I already tried to remove completely that meta, but somehow it keeps refreshing infinitely, might have found a solution which im testing, will let know you guys soon...

  • eKoeKo Member

    Nop, my results didnt gave the hoped results, still looking for some guru!

    Of course, if you give a working solution, I might be paying something.

    thanks!

  • FalzoFalzo Member

    Thought about it and probably they are just rewriting every request to that refresh/redirect thing after they detected you as using a proxy.

    So there probably is nothing you can do from your side if you reach that point. You may have to guess what makes them able to detect that your nginx is just a proxy.

    Could be easier to use that vps just as an vpn...

    Thanked by 1theroyalstudent
  • eKoeKo Member

    They are rewriting requests from domains not "listed" as their own I presume.
    BUT, there are some others who did managed to make it working, and I wonder how they could do that. For that reason is like a challenge for me, to learn or find someone who can teach me those meccanisms...

    Still no Solution for me, still looking for some "gurus" who can teach me :(

  • FalzoFalzo Member

    could be a lot, like cookie related (there are some nginx rules to deal with cookiedomains and such) or they have something in their code which tries to connect/load some url, pix or else and if that fails, because it doesn't go through your proxy at all, they know it's not a direct connection and so on.

    you probably have to analyze the sourcecode of the pages and js indeed (maybe it's doing some ajax calls or such things) looking for urls which you would than have add to your rewriting filters to have them send to your proxy.

    as said its probably a lot easier to just setup a vpn instead to use that ;-)

Sign In or Register to comment.