Question

I have setup a reverse proxy on nginx to two apps hosted on the app platform, i'm receiving a 403 from cloudflare

Hi there, I have two apps hosted in app platform, a frontend static app, and an API. I have created a droplet with nginx set with proxy_pass for the / and /api paths, pointed at the app platform apps. I can visit the digital ocean provided URL’s for both apps successfully, but when I try to access through my nginx proxy, I am getting a 403 from Cloudflare

my nginx config:

server {
        server_name dev.experivise.com;
        index index.html;

        location / {
                proxy_pass https://experivise-web-mjiua.ondigitalocean.app;
                #proxy_set_header X-Real-IP $remote_addr;
                #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                #proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header Host $host;
                proxy_read_timeout 1m;
        }

        location /api {
                proxy_pass https://experivise-api-fyfnm.ondigitalocean.app;
                #proxy_set_header X-Real-IP $remote_addr;
                #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                #proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header Host $host;
                proxy_read_timeout 1m;
        }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/dev.experivise.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/dev.experivise.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}


server {
    if ($host = dev.experivise.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
        server_name dev.experivise.com;
    return 404; # managed by Certbot


}

If you lookup these addresses with dig or drill, you will see that they all resolve correctly on the internet. When visiting dev.experivise.com, I get the 403 from Cloudflare, and this error in my nginx error log

2022/06/17 06:06:48 [error] 2601#2601: *1 connect() to [2606:4700::6810:f44e]:443 failed (101: Network is unreachable) while connecting to upstream, client: *****, server: dev.experivise.com, request: "GET /index.htm HTTP/1.1", upstream: "https://[2606:4700::6810:f44e]:443/index.htm", host: "dev.experivise.com"

Any help provided would be greatly appreciated. I am not using Cloudflare directly, only my nginx droplet and the App Platform apps. The nginx proxy seems to pass the connections through without an issue, but Cloudflare gives me a 403.

Thanks!


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer