How to forward request IP from NGINX to node.js application? - node.js

I have NGINX running as reverse proxy which forwards all http and https traffic to my node.js application, which listens to localhost:port
However the issue I have is that the node.js application sees all incoming requests as coming from ::ffff:127.0.0.1
How can I change the NGINX config such that the real IP will be passed through and forwarded to the node.js application?
server {
listen 80;
listen [::]:80;
listen 443;
listen [::]:443;
root /var/www/example.com/html;
index index.html index.htm;
server_name example.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:myport;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
# Requests for socket.io are passed on to Node on port x
location ~* \.io {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:myport;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
Edit: The express.js/node.js application processes req.ip and has app.enable('trust proxy'); at startup

Express.js official site has this guide. Instructions:
app.set('trust proxy', true) in js.
proxy_set_header X-Forwarded-For $remote_addr in nginx.conf
You can now read-off the client IP address from req.ip property

This solves it taking into consideration above NGINX config.
var ip = req.headers['x-real-ip'] || req.connection.remoteAddress;

Related

nginx reverse proxy nodejs subdomain

I am having a problem.
I have a node application running on :3000 on a subdomain inside of Plesk.
I have the subdomain https://xxx.flamingocams.co.uk ;
when I navigate to the subdomain it displays the default plesk page and this is the problem;
I have tried to change the port of the node application to 80 and 443 however this conflicts with plesk.
I have no issues when accessing the node application on https://xxx.flamingocams.co.uk:3000.
Now the only other thing I've seen other people attempt is a reverse proxy;
I found this example;
server {
listen 0.0.0.0:80;
server_name xxx.flamingocams.co.uk;
access_log "/var/log/nginx/xxxflam.log";
location / {
proxy_pass http://127.0.0.1:3000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_cache_bypass $http_upgrade;
}
}
I am running Plesk Obsidian v18.0.34_build1800210325.10 os_Ubuntu 16.04 so my question is, Where would I place this config to get the subdomain to point only to the nodejs application?
And is this config correct for what I'm trying to achieve?
I have little to no knowledge on nginx configuration my apologies
I have checked out this post and the answer says I need to add a config /etc/nginx/sites-available/yourdomain.com however I do not have the directory sites-available
response to comments // xxx.flamingocams.co.uk.conf
server {
listen 0.0.0.0:80;
server_name xxx.flamingocams.co.uk;
access_log "/var/log/nginx/xxxflam.log";
location / {
proxy_pass http://127.0.0.1:3000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_cache_bypass $http_upgrade;
}
}
server {
listen 0.0.0.0:443;
server_name xxx.flamingocams.co.uk;
ssl_certificate /opt/psa/var/certificates/scfZc0CwJ;
ssl_certificate_key /opt/psa/var/certificates/scfZc0CwJ;
server_name xxx.flamingocams.co.uk;
access_log "/var/log/nginx/xxxflam.log";
location / {
proxy_pass http://127.0.0.1:3000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_cache_bypass $http_upgrade;
}
}
In your config, the server is running only on port 80
listen 0.0.0.0:80;
With this config, the page : http://xxx.flamingocams.co.uk will display your application (the request come to the NginX proxy then is forwarded to NodeJS application on port 3000). Because there aren't any server block listen on port 443, the default Plesk screen is displayed.
In order to have your app running on https, you need to listen on port 443 on NginX, you also need to configure the SSL certificate
The config would be :
server {
listen 0.0.0.0:443;
server_name xxx.flamingocams.co.uk;
ssl_certificate path_to_your_ssl_certificate;
ssl_certificate_key path_to_your_ssl_key;
# The rest of your config is ok :)
}

Why my reverse proxy (nginx) does not work

I am installing a site under my machine. I have a NodeJS server that listens on port 4000.
I am using an NGINX reverse proxy, so that it is accessible from port 80. Here is the following configuration in / sites-availabes
upstream site {
server 127.0.0.1:4000;
}
server {
listen 80;
server_name site.infra.monsite.blog;
location / {
proxy_pass http://site;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
But I can't access my site from site.infra.monsite.blog; which points to port 80 of the machine.
Are there any ports to open like on Windows, or an NGINX configuration that I missed?
Yet when I do "curl -X GET http://localhost/": It works on the machine.
Thanks for your help.
Try this:
upstream site {
server 127.0.0.1:4000;
keepalive 64;
}
server {
listen 80;
server_name www.example.com;
return 301 https://www.example.com$request_uri;
}
location / {
proxy_pass http://site;
proxy_http_version 1.1;
proxy_redirect off;
proxy_pass_header Set-Cookie;
proxy_set_header Connection 'upgrade';
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass_header X-XSRF-TOKEN;
proxy_read_timeout 240s;
}

nginx as a reverse proxy for API cannot redirect full url, params, body headers

I'am putting my node js API (that I manage with pm2) behind a reverse proxy with nginx, here no problem.
But since, if I send any request it become a GET on '/'.
How can I tell to nginx to forward the full url, the request types (PUT, OPTIONS, DELETE, ...), the requests params and the request body ?
here is my simple nginx config.
server {
listen 80;
listen [::]:80;
server_name api-prod.mysite.com www.api-prod.mysite.com localhost;
location / {
proxy_pass http://127.0.0.1:3111;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Your nginx configuration seems good except, you should use proxy_http_version and proxy_cache_bypass because sometimes(depends on version) Nginx and nodejs using different HTTP version.
Following configuration working fine for me
server {
listen 80;
server_name arifjaunpur.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}

Nginx not listening to ports

I am trying to set up a Nginx as a reverse proxy to access multiple NodeJS apps running on the same server.
I have my nodeJS apps running with PM2 and it all seems fine:
My nodeJS app is the simple nodeJS app generated with express-generator, so it is supposed to be running on port 3000.
I have also set up my Nginx with the following config
server {
listen 1004;
server_name pumadashboard.com;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
However when I curl 127.0.0.1:1004 I get a badGateway error from Nginx. I am also not able to access pumadashboard.com from anywhere on my local network, it just loads until timeout.
What do you get if you do:
curl http://locahost:3000
This should give back a response and like that you will understand if the application started properly.
This nginx configuration works for me
upstream pumadashboard.com {
server 127.0.0.1:3010;
}
server {
listen 80;
server_name pumadashboard.com;
root <path to your node application>;
access_log /var/log/nginx/your-access.access.log;
error_log /var/log/nginx/your-error.error.log;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_max_temp_file_size 0;
proxy_pass http://pumadashboard.com/;
proxy_redirect off;
proxy_read_timeout 240s;
}
}
Try adding
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port 80;
to your location / block

Proxy from nginx to node - not enough worker connections

I want to setup nginx server listening on one port, proxying the connection to a different port to a nodejs application. The problem is that I get 500 error - worker_connections are not enough while connecting to upstream.
Nginx config:
upstream node {
server 127.0.0.1:1235;
keepalive 8;
}
server {
listen 1234;
server_name http://123.123.123.123:1234 node;
access_log off;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://123.123.123.123:1234/;
proxy_redirect off;
}
}
What's wrong?
You should correct your proxy_pass since you are proxying requests back to nginx itself.
According to your config it must be
proxy_pass http://node/;
You may need to add:
proxy_responses 0;
to you nginx config.

Resources