Question
nginx reverse proxy and apache2 Access denied
Hi guys
I got stuck on a problem since long time now. here is the error I get
[Sat Jun 30 04:44:55.379880 2018] [proxy_fcgi:error] [pid 5671] [client 192.168.1.6:46876] AH01071: Got error 'Access to the script 'redirect:/index.php/catalog' has been denied (see security.limit_extensions)\n', referer: https://akii.nc/admin85/index.php?controller=AdminInvoices&token=9f29e159a770e5fcbb43cf0b2a87f947
So to explain about my infrastructure, I’m running nginx as reverse proxy on edge of my network, I am hosting a Prestashop website on a apache2 server runing php7.0-fpm.
After investigations I found this :
cat /etc/php/7.0/fpm/pool.d/www.conf|grep security.limit_extensions
security.limit_extensions = .php .php3 .php4 .php5 .php7 .php7.0 .html .htm .shtml
But still not working.
Here are my nginx conf :
server {
listen 80;
server_name akii.nc;
return 301 https://akii.nc$request_uri;
}
server {
listen 443;
server_name akii.nc;
error_log /var/log/nginx/nar.access.log;
ssl on;
ssl_certificate /etc/nginx/ssl/akii_net/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/akii_net/_akii_net.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # dont use SSLv3 ref: POODLE
set $upstream 192.168.1.5;
location / {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_header Authorization;
proxy_pass http://$upstream:8880;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 36000s;
proxy_redirect off;
}
}
And here are my Apache conf:
000-default.conf
<VirtualHost *:8080>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php/php7.0-fpm.sock|fcgi://localhost:8880/var/www/nar
</VirtualHost>
akii.nc.conf
<VirtualHost *:8880>
ServerName akii.nc
DocumentRoot /var/www/nar
ErrorLog ${APACHE_LOG_DIR}/nar_error.log
CustomLog ${APACHE_LOG_DIR}/nar_access.log combined
<Directory /var/www/nar>
AllowOverride All
</Directory>
</VirtualHost>
Any help on that problem would be appreciate.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×