Question
Question
nginx reverse proxy and apache2 Access denied
Hi guys
I got stuck on a problem since long time now. here is the error I get
[Sat Jun 30 04:44:55.379880 2018] [proxy_fcgi:error] [pid 5671] [client 192.168.1.6:46876] AH01071: Got error 'Access to the script 'redirect:/index.php/catalog' has been denied (see security.limit_extensions)\n', referer: https://akii.nc/admin85/index.php?controller=AdminInvoices&token=9f29e159a770e5fcbb43cf0b2a87f947
So to explain about my infrastructure, I’m running nginx as reverse proxy on edge of my network, I am hosting a Prestashop website on a apache2 server runing php7.0-fpm.
After investigations I found this :
cat /etc/php/7.0/fpm/pool.d/www.conf|grep security.limit_extensions
security.limit_extensions = .php .php3 .php4 .php5 .php7 .php7.0 .html .htm .shtml
But still not working.
Here are my nginx conf :
server {
listen 80;
server_name akii.nc;
return 301 https://akii.nc$request_uri;
}
server {
listen 443;
server_name akii.nc;
error_log /var/log/nginx/nar.access.log;
ssl on;
ssl_certificate /etc/nginx/ssl/akii_net/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/akii_net/_akii_net.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # dont use SSLv3 ref: POODLE
set $upstream 192.168.1.5;
location / {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_header Authorization;
proxy_pass http://$upstream:8880;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 36000s;
proxy_redirect off;
}
}
And here are my Apache conf:
000-default.conf
<VirtualHost *:8080>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php/php7.0-fpm.sock|fcgi://localhost:8880/var/www/nar
</VirtualHost>
akii.nc.conf
<VirtualHost *:8880>
ServerName akii.nc
DocumentRoot /var/www/nar
ErrorLog ${APACHE_LOG_DIR}/nar_error.log
CustomLog ${APACHE_LOG_DIR}/nar_access.log combined
<Directory /var/www/nar>
AllowOverride All
</Directory>
</VirtualHost>
Any help on that problem would be appreciate.
Add a comment
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×