GreySec Forums

Full Version: You will earn a +1 Rep if you find the problem :D
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello,

If you find the problem in this code you will get +1 rep from me Big Grin

So have fun!

Code:
server {
   listen 80;
   server_name www.domain.com;
   server_name domain.com;
   access_log off;
   error_log off;
   location / {
      proxy_pass http://localhost/;
      proxy_redirect off;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addrr;
      proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
      proxy_max_temp_file_size 0;
      client_max_body_size 10m;
      client_body_buffer_size 128k;
      proxy_connect_timeout 90;
      proxy_send_timeout 90;
      proxy_read_timeout 90;
      proxy_buffer_size 4k;
      proxy_buffers 4 32k;
      proxy_busy_buffers_size 64k;
      proxy_temp_file_write_size 64k;
   }
}

Note they're three things wrong with this code.
Find them and you get rep Big Grin

Enjoy,
~ Network
This is an nginx config and here are some issues I found with it at first glance.

Spoiler(Show)

proxy_set_header X-Real-IP $remote_addrr; => proxy_set_header X-Real-IP $remote_addr;
proxy_max_temp_file_size 0 => Could result in errors if response data is too large
proxy_connect_timeout 90 => proxy_connect_timeout 90s #times require a unit like seconds
proxy_send_timeout 90; => ditto
proxy_read_timeout 90; => ditto
(10-30-2015, 03:31 AM)NO-OP Wrote: [ -> ]This is an nginx config and here are some issues I found with it at first glance.

Spoiler(Show)

proxy_set_header X-Real-IP $remote_addrr; => proxy_set_header X-Real-IP $remote_addr;
proxy_max_temp_file_size 0 => Could result in errors if response data is too large
proxy_connect_timeout 90 => proxy_connect_timeout 90s #times require a unit like seconds
proxy_send_timeout 90; => ditto
proxy_read_timeout 90; => ditto

This is the only one you got right.
Code:
proxy_set_header X-Real-IP $remote_addrr; => proxy_set_header X-Real-IP $remote_addr;
I see this is wrong:

proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;

Should be

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


and while im not 100% sure that this will break it - but its far more common/documented practice to have only one server_name directive with all server names being set on one, eg

server_name domain.com www.domain.com;

*EDIT* I can't stop mybb from prefixing http:// to the line above - but it wasn't there intentionally
(10-31-2015, 02:15 AM)MuddyBucket Wrote: [ -> ]I see this is wrong:

proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;

Should be

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


and while im not 100% sure that this will break it - but its far more common/documented practice to have only one server_name directive with all server names being set on one, eg

server_name domain.com www.domain.com;

*EDIT* I can't stop mybb from prefixing http:// to the line above - but it wasn't there intentionally

You got one right.
Code:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

So far two people have solved 2 of the errors.
First person to solve the third will get the rep Big Grin

~ Network
I'm likely wrong, but is it something to do with the forward slash at the end of http://localhost/?

Code:
proxy_pass http://localhost/;
(11-07-2015, 06:59 AM)Neko Wrote: [ -> ]I'm likely wrong, but is it something to do with the forward slash at the end of http://localhost/?

Code:
proxy_pass http://localhost/;

Well it's not the slash but your on the right path.
It was the localhost part.
You're suppose to have an IP instead of localhost.
Anyways you did a good job.
So enjoy the rep Big Grin

~ Network
(11-09-2015, 05:11 AM)Network Wrote: [ -> ]You're suppose to have an IP instead of localhost.

you could have http://localhost set up as an upstream :3
(11-09-2015, 05:11 AM)Network Wrote: [ -> ]You're suppose to have an IP instead of localhost.

Not according to the documentation. Hell the documentation even uses localhost in its example. Theres no difference between localhost and 127.0.0.1

http://i.imgur.com/VGzNqZb.png
(11-09-2015, 01:31 PM)MuddyBucket Wrote: [ -> ]
(11-09-2015, 05:11 AM)Network Wrote: [ -> ]You're suppose to have an IP instead of localhost.

Not according to the documentation. Hell the documentation even uses localhost in its example. Theres no difference between localhost and 127.0.0.1

http://i.imgur.com/VGzNqZb.png

Hello,

First I want to clear up that I wasn't talking about adding in localhosts IP Address aka 127.0.0.1
I was talking about the backend servers IP Address that you want the frontend to communicate with.
If you don't but your backend IP Address in the config. 
Then you will get an error. Since your basically asking the server to direct your first request back to itself.
So in a sense creating a loop.
With the config I put. Your basically asking the front proxy to forward the request to the backend.
And the backend will respond to the frontend proxies request.

Hope this clears up some misunderstandings.
~ Network