two tpcs running on the same port, nginx and digitalocean - node.js

I am deploying my react app on digital ocean. I have followed this tutorial and everything went just fine: https://www.youtube.com/watch?v=lN0oiYqenpA&ab_channel=RyanMichaelHirst
Now whenever I go to my ip or domain name, I the following error: 404 not found.
whenever i run the log of nginx it says that the port 80 is being used. therefore i run this:
sudo netstat -pan | grep ":80"
tcp 0 0 159.203.87.191:80 52.84.150.39:31164 SYN_RECV -
tcp 0 0 159.203.87.191:80 52.84.150.39:38386 SYN_RECV -
I know that, that is an internal error, but I can't seem to find the error on that.
I have two things running on the same port and everything is crashing. It was working yesterday and I was getting the welcome to nginx page.
This is my server config.(nginx)
upstream my_nodejs_upstream {
# (this is the server's ip address)
server x.x.x.x.;
keepalive 64;
}
server {
listen 80;
listen [::]:80 ipv6only=on;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name mmt-university;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://universitymmt.com/;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_read_timeout 240s;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}

The connection is in SYN_RECV state because the kernel has received a SYN packet for a port that is in LISTENING mode, but the other end did not reply with ACK.
Check if the ACK is received by the server by running the capture on the server. Is the capture taken on the client or on the server?
Also, a considerable number of SYN-RECV, indicates a possible SYN Flood Attack performed against the host. For more info:
https://www.cloudflare.com/learning/ddos/syn-flood-ddos-attack/

Related

Cant Serve statics files using NGINX and Digital Ocean

/etc/nginx/sites-available/default conf.
Hello, I am using DigialOcean NodeJS one click app set up for my app. NGINX is serving my HTML files, but its not serving my css or java files. I have tried to add location blocks for the public folder which is where my stylesheets and images and java files are. I don't know NGINX very much so any help would be appreciated.
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /Portfolio;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name 157.230.203.182;
location ^~ /assets/ {
gzip_static on;
expires 12h;
add_header Cache-Control public;
}
location / {
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8080;
}
}
I had to add
location ~* \.(css|gif|html|ico|jepg|jpg|mp4||js|jsx|pdf|php|png|scss|svg|txt|zip) {
add_header Cache-Control public;
add_header Cache-Control must-revalidate;
}
It works now but I had to add the above code
not sure why what this code does to be honest. If someone could explain that would be helpful.

How to deploy multiple NodeJS applications on different subdomains in digital ocean

Hie guys, So earlier I deployed a nodejs application that run on one port but using Nginx, I can still accept requests on default HTTP/HTTPS ports and forward them to my application's port. Now I would like to deploy an admin part of the same application which was built in its own project space and is running on a lightly different port as my client application; and I would like to assign this to a subdomain.
I am running an Ubuntu distribution on Digital Ocean. How can I accomplish this?
Below is my entire nginx config:
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
# SSL configuration
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name mydomain.com www.mydomain.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
proxy_pass http://localhost:5000; #whatever port your app runs on
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
server {
index index.html index.htm index.nginx-debian.html;
server_name admin.mydomain.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
proxy_pass http://localhost:3000; #whatever port your app runs on
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
server {
if ($host = mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server; listen [::]:80 default_server;
server_name mydomain.com www.mydomain.com;
return 404; # managed by Certbot
}
My admin Node App is running on port 3000 and Client App on 5000
Your nginx configuration looks ok, in order to achieve the desired result, you have to add a new dns resolution for your new domain in digital ocean panel.
Add a new cname record that is an alias for your domain, as follow:
CNAME admin.mydomain.com
is an alias of mydomain.com
Digital ocean panel
Networking
DNS records
Create new record cname type
This configuration must match your current nginx configuration for the server_name atribute.

Alexa Skill Server on node.js (express) using nginx as reverse proxy (https)

i am running a nginx on my Debian 8.5 64bit which is used as reverse proxy for my node applications. Each request walks through my reverse proxy before getting routed to the special apps. Therefor i am using this config:
upstream socket_nodes {
server 127.0.0.1:3000;
server myUrl.com:3000;
server MY.ROOTSERVER.IP.ADDRESS:3000;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name myUrl.com;
return 301 https://$server_name$request_uri;
}
server {
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
include snippets/ssl-my-website.com.conf;
include snippets/ssl-params.conf;
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name www.myWebsite.com;
root /root/webserver/app/;
location ~ /.well-known {
allow all;
}
location / {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /alexa-api/ {
proxy_pass http://localhost:3000;
}
location /at_backend/ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://socket_nodes;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
# fastcgi_pass unix:/var/run/php5-fpm.sock;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
Sadly this is not working. I can reach my website via https (https://www.myWebsite.com) and it works fine.
So i changed the endpoint of my alexa skill in the Amazon Developer Console to: https://www.myWebsite.com/alexa-api (with and without trailing /) but it is not working. The skill server itself worked when i used it locally and made it available via ngrok. What am i doing wrong here?
edit:
There is also a socket.io server running in the same app which can be accessed from the internet (the server loggs "new client connected") - but i can not emit any events between them. The HTTP Status Code of the socket.io connection is (correctly) 101 Switching Protocols.
Greetings
When you have a HTTPS you should also pass https scheme
proxy_pass https://socket_nodes;

Server Configuration for nodejs App and nginx

I have an app running
App is running perfectly.I can access to the root url. But cant access other urls. App is built with nodejs express framework. My server OS is Ubuntu 17.
I need to run my app in http://35.202.2.217 not in some other port.
Thats why i am using proxy pass. I am stuck here. What do i have to do
for example, http://localhost:1336/pages
i am using nginx.
my nginx codes
upstream adshackers {
server 10.128.0.2:8082;
server 10.128.0.2:9082;
server 10.128.0.2:3082;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name adshackers.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
proxy_pass http://adshackers/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
So I've cleaned it a bit and remove the php part, unless you're also serving php files.
upstream adshackers {
server localhost:1336;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
server_name adshackers.com;
location / {
proxy_pass http://adshackers;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
The upstream part must contain the info for proxying requests to your app. I have assumed your app is hosted on the same machine as your nginx is running and is listening localhost:1336 as your example shows.
In that case, when an http request comes to adshackers.com (if DNS entries are correct), nginx will transfer the request to localhost:1336.

Nginx unable to serve the node.js POST requests

I've a VM Ubuntu15.04 server and I've configured nginx to listen requests on port 80 and forward them to respective applications on different ports. I have a simple node.js service running over port 3000 which has one GET and POST service. I have started it by using PM2 and added a proxy_pass to localhost:3000/ in my nginx default conf. The problem is when i try to use a GET request it is working fine but in case of POST it is showing 404 error. I've tried to use the POST service through postman client.
This is my default conf file of nginx
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
upstream my_nodejs_upstream {
server 127.0.0.1:3000;
keepalive 64;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/face_rec/ServerTest;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
proxy_pass http://localhost:3000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
# fastcgi_pass unix:/var/run/php5-fpm.sock;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink
that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
# server_name example.com;
# root /var/www/example.com;
# index index.html;
# location / {
# try_files $uri $uri/ =404;
# }
#}
Any reference, tutorial, suggestions or solutions please let me know how to do it.
Using try_files and proxy_pass in the same location block is probably not going to work.
If you want nginx to test for the presence of a static file and proxy everything else, use a named location:
root /path/to/root;
location / {
try_files $uri $uri/ #proxy;
}
location #proxy {
proxy_pass ...;
...
}
Test the configuration using nginx -t as your question appears to be missing a closing }.
See this document for details.
It's impossible to tell you what's wrong with your code if you didn't include even a single line of your Node program that your question is about.
Also "404 error" is not enough to know what's wrong because nginx shows a different error message than Express and knowing the exact message would let us know where the error originated.
What you should do is first to make sure that both your GET and POST handlers are working correctly by using:
curl -v http://localhost:3000/your/get/path
and:
curl -v -X POST -d 'somedata' http://localhost:3000/your/post/path
from the same host where your app is running.
Then add the nginx proxy, restart nginx to make sure that the config is reloaded, and do the same with port 80. If anything is different then work from there and diagnose the difference.
But if the POST handler doesn't work on localhost:3000 then you first need to fix that.

Resources