0

I would like to rewrite an URL to send it to a different vhost.

Here is my first Host:

upstream splunk {
    server 127.0.0.1:8000;
}

upstream test{
     server 127.0.0.1:88;
}
server {
    listen 88;
    root /var/www/errors/;
    index index.html;
    location ~* ^.+\.(jpeg|gif|png|jpg)
    {
        root /var/www/images/;
    }
}

In /var/www/errors/ : 495.html 496.html 404.html

Here is my proxy:

server {
    listen 443 ssl spdy default_server;
    error_page 404 @404;
    error_page 495 @495;
    error_page 495 @496;
    location @404
        {
        rewrite ^ /404.html break;
            proxy_pass http://test;
        }
    location @495
        {
        rewrite ^ /495.html break;
            proxy_pass http://test;
        }
    location @496
        {
        rewrite ^ /496.html break;
            proxy_pass http://test;
        }
  location /
    {
        if ($ssl_client_verify = NONE)
        {
            return 496;
        }
        if ($ssl_client_verify != SUCCESS) {
            return 495;
        }
    proxy_pass http://splunk;
    proxy_set_header  X-Remote-User         $username;
    proxy_set_header  X_Remote_User         $username;
    proxy_set_header  X-SSL-Client-Serial   $ssl_client_serial;
    proxy_set_header  X-SSL-Client-Verify   $ssl_client_verify;
    proxy_set_header  X-SSL-Client-S-DN     $ssl_client_s_dn;
    proxy_set_header  X-SSL-Client-S-DN-CN  $username;
    }
}

The first server is working well and I can access without any problem to index.html, 404.html and so on. The second one should rewrite the URI to send to the appropriate page on the first server. With my current configuration, I keep getting 400 Bad Request.

Thanks a lot in advance

EDIT: With the break keyword, the pages are redirected properly. Unfortunately, the images in the target pages (404.html for instances) are not loaded and the server sends a 400 Bad Request. This is strange since I am able to see the page properly when I directly connect to this vhost (so the HTML is correct).

EDIT2: Access logs from second vhost:

172.20.175.133 - - [19/Mar/2016:16:09:31 -0700] "GET / HTTP/1.1" 400 728 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36"
172.20.175.133 - - [19/Mar/2016:16:09:32 -0700] "GET /logo.jpg HTTP/1.1" 400 728 "https://secondvhost.net/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36"
172.20.175.133 - - [19/Mar/2016:16:09:32 -0700] "GET /images/logo.jpg HTTP/1.1" 400 728 "https://secondvhost.net/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36"
172.20.175.133 - - [19/Mar/2016:16:09:32 -0700] "GET /var/www/images/logo.jpg HTTP/1.1" 400 728 "https://secondvhost.net/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36"
172.20.175.133 - - [19/Mar/2016:16:09:32 -0700] "GET /favicon.ico HTTP/1.1" 400 728 "https://secondvhost.net/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36"

There is no 400 from the first vhost (the landing one).

Arkon
  • 2,648
  • 6
  • 26
  • 46
  • `err` doesn't look like a valid hostname. Your error logs might have more info. – Kyle Mar 19 '16 at 04:06
  • I renamed it to test, it is just the name of the upstream server. This part works well, just the pictures that are not properly loaded now. – Arkon Mar 19 '16 at 14:34
  • You have it listening on port 88, but don't appear to specify that in your upstream config – Kyle Mar 19 '16 at 14:58
  • Yes sorry, I did not mention that. My upstream config is: upstream test{ server 127.0.0.1:88; } upstream splunk { server 127.0.0.1:8000; } for both proxies – Arkon Mar 19 '16 at 15:07
  • Do you have any logs from the first server? I'm a bit suspicious of that regex, I'm wondering if requests are matching the block correctly – Kyle Mar 19 '16 at 17:29

2 Answers2

0

You need to use break to process the rewrite in the same location.

location @404 {
    rewrite ^ /404.html break;
    proxy_pass http://err;
}

See this document for details.

Richard Smith
  • 45,711
  • 6
  • 82
  • 81
  • Thanks a lot for this! Indeed, it works much better with a break and I am able to get to the right page. But the pictures are not loaded properly and nginx keeps sending 400 Bad Request. I am editing my main post with my recent conf. If you have any idea ? thanks again – Arkon Mar 19 '16 at 14:29
0

Try changing

location ~* ^.+\.(jpeg|gif|png|jpg) { root /var/www/images/; }

to

location ~* \.(?:jpeg|gif|png|jpg)$ { root /var/www/images/; }

the regex should match on the end of the location (the $, not the beginning)

Kyle
  • 4,205
  • 1
  • 21
  • 22
  • Thanks so I changed it. It's still the same. I believe that it is trying to load the picture from the initial proxy (http://splunk) since I see a 400 error on favicon.ico, which I know nothing about. I pasted logs from both vhosts in my initial post. When I use a full url in the html, it works well (http://10.10.10.10:88/logo.jpg) so that's definitively nginx who can not access the ressource. – Arkon Mar 19 '16 at 23:14
  • Strangely nothing in the logs, the 400 error appear in the access log. Error log file is empty. The debug level is set to warn which is the lowest. – Arkon Mar 20 '16 at 18:10
  • Something is up with your error log configuration then: principal nginx dev says 400 errors should appear in the error log - http://stackoverflow.com/questions/12315832/how-to-fix-nginx-throws-400-bad-request-headers-on-any-header-testing-tools#comment16555393_12315832 – Kyle Mar 20 '16 at 18:13