Comments (11)
@TheKangaroo : you can find a nextcloud example using the last 1.1.0 version here
from bunkerweb.
The upstream directive must be set at http context. You need to have two separate files.
http-config/upstream.conf :
upstream proxy {
server blue:3000;
server green:3000;
}
server-config/proxy.conf :
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / {
proxy_pass http://proxy;
}
Then you need to mount the http-config folder to /http-confs and server-config folder to /server-confs :
...
volumes:
- ./http-config:/http-confs
- ./server-config:/server-confs
...
from bunkerweb.
Hello @TheKangaroo, it might be fail2ban and/or ModSecurity. You can check fail2ban.log and modsec_audit.log inside the /var/log folder of the container. We will add more logging in the next version, thanks for your feedback.
from bunkerweb.
Thank you @bunkerity for pointing this out. You just saved me some hours of configuring my server 😍
from bunkerweb.
@bunkerity Thank you! It works. :)
I found another issue.
HTTPS works and nginx runs well, 403 forbidden error occurs.
My project is cloned by the example template of examples/reverse_proxy
.
So I cloned the project without code editing and ran it, also got same error.
from bunkerweb.
Can you attach the full logs given by docker-compose logs
please ? Don't forget to remove your IP address.
from bunkerweb.
Here are my nginx logs.
nginx_1 | ==> /var/log/error.log <==
nginx_1 | 2020/10/24 03:40:30 [error] 991#0: *62 access forbidden by rule, client: 175.193.247.207, server: temp.billionrecipe.com, request: "GET / HTTP/2.0", host: "temp.billionrecipe.com"
nginx_1 |
nginx_1 | ==> /var/log/access.log <==
nginx_1 | 175.193.247.207 - - [24/Oct/2020:03:40:32 +0000] "GET /favicon.ico HTTP/2.0" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36"
nginx_1 |
nginx_1 | ==> /var/log/error.log <==
nginx_1 | 2020/10/24 03:40:32 [error] 991#0: *62 access forbidden by rule, client: 175.193.247.207, server: temp.billionrecipe.com, request: "GET /favicon.ico HTTP/2.0", host: "temp.billionrecipe.com
And I try several times with http-confs, server-confs with upstream
, nginx doesn't find the block.
Here is error below.
nginx: [emerg] host not found in upstream "proxy" in /server-confs/proxy.conf:5
from bunkerweb.
You can find a load balancer example here. Hope it will help you.
Regarding the 403 error, it looks like you are in a blacklist. You can try setting the following environment variables :
...
environment:
...
- BLOCK_USER_AGENT=no
- BLOCK_TOR_EXIT_NODE=no
- BLOCK_PROXIES=no
- BLOCK_ABUSERS=no
...
...
from bunkerweb.
I try to configure nextcloud behind bunkerized-nginx. Great project btw 🎉 :)
After some klicks in the nextcloud GUI I get the same 403 forbidden. I'm pretty sure this is due to fail2ban.
I wonder, how i can crank up the log level from all components shipped in the container or how I can debug things inside the container.
I see barely other logs than nginx on stdout.
from bunkerweb.
I tried the load balancer example, and it seems to be working fine. (i didn't set the BLOCK_***
options)
But looks weird because I think there is no difference in the setup of the two projects..
Anyway, It works good. Thank you @bunkerity! I like this project. AWESOME :)
from bunkerweb.
Good news @peterkimzz ! There is still some logging issues with the current 1.0.0 version. I advise you to use the next version that will contain a fix (when it will be released). Do not hesitate to open a new issue if needed.
from bunkerweb.
Related Issues (20)
- [BUG] configs - cannot add multiple file on the same service_id HOT 3
- [BUG] K8S - Controller throws exception on reading ingress event in Managed K8S HOT 2
- [BUG] WebSocket Configuration - AutoConf HOT 2
- [BUG] upgrade 1.5.5 -> 1.5.6 SQL Errors HOT 9
- [BUG] Infinite page loading when using Chrome browser in developer mode HOT 3
- [BUG] exception while running mmdb-country.py HOT 2
- [BUG] changes are not saved HOT 5
- 1.5.6 virustotal plugin error HOT 1
- [license] is it ok to redistribute the maxmind mmdb files? HOT 2
- [FEATURE] Ability to export and import config via the Web UI
- [BUG] scheduler error _getdefaultlocale HOT 5
- [BUG] Scheduler Crash on Reloading Plugins HOT 3
- [BUG] Get empty page after reload page with challenge HOT 4
- [BUG] After the first unsuccessful attempt to complete the captcha challenge, the remaining attempts become failures HOT 2
- [DOC] Web-UI K8S "Advanced Installation" bunkerweb-ui isn't using correct serviceaccount HOT 6
- [FEATURE] allow to modify nginx default buffer setting to handle "upstream sent too big header" HOT 1
- [BUG] IPs in WHITELIST_IP gets banned for Bad Behavior in the middle of the night HOT 10
- [BUG] bunkerweb.service reported that there is missing configuration file HOT 6
- [BUG] whitelist bypass not effective HOT 7
- [FEATURE] K8S - Ability to ignore/use Ingresses based on IngressClass HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bunkerweb.