Hello Ian, Thank you for your answer. I did what you told me Now I have on my reverse proxy location / { proxy_pass http://10.10.10.10:80; proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Real-IP $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Referer "http://example.org"; #proxy_set_header Upgrade $http_upgrade; #proxy_pass_header Set-Cookie; }
And on the backend server server { listen 80; server_name example.org; index index.html index.php; root /var/www/htdocs/app1; access_log /var/log/nginx/example.org.access.log; error_log /var/log/nginx/example.org.error.log; location / { try_files $uri $uri/ /index.php$is_args$args; root /var/www/htdocs/app1; } location /app2 { try_files $uri $uri/ /index.php$is_args$args; root /var/www/htdocs/app2; } location ~ \.php$ { try_files $uri =450; fastcgi_pass unix:/run/php-fpm.app1.sock; fastcgi_read_timeout 700; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } Access to example.org leads me to app1 so it works as expected.Access to example.org/app2 doesnt lead me to app2. It seems to me that the following lineproxy_set_header Referer "http://example.org";on the reverse proxy could make a confusion ? I can see that example.org/app2 still lands on /var/www/htdocs/app1 Regards Le mardi 19 juillet 2022 à 06:10:28 UTC+2, Ian Hobson <hobso...@gmail.com> a écrit : Hi Mik, I think the problem is that your back end cannot distinguish app1 from app2. I don't think there is a need for proxy-pass, unless it is to spread the load. I would try the following approach: Change the root within location / and location /app2 and serve static files directly. When you pass the .php files, the different roots will appear in the $document_root location, so you can share the php instance. It will be MUCH more efficient if you use fast-cgi because it removes a process create from every php serve. Finally, you need to protect against sneaks who try to execute code, by adding a try_files thus... location ~ \.php$ { try_files $uri =450; include /etc/nginx/fastcgi.conf; fastcgi_split_path_info ^(.+\.php)(/.+)$; etc. Hope this helps. Ian On 18/07/2022 05:08, Mik J via nginx wrote: > Hello, > > I don't manage to make my thing works although it's probably a classic > for Nginx users. > > I have a domain https://example.org > > What I want is this > https://example.org goes on reverse proxy => server1 (10.10.10.10) to > the application /var/www/htdocs/app1 > https://example.org/app2 goes on reverse proxy => server1 (10.10.10.10) > to the application /var/www/htdocs/app2 > So in the latter case the user adds /app2 and the flow is redirected to > the /var/www/htdocs/app2 directory > > First the reverse proxy, I wrote this > ## > # App1 > ## > location / { > proxy_pass http://10.10.10.10:80; > proxy_redirect off; > proxy_set_header Host $http_host; > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header X-Forwarded-For > $proxy_add_x_forwarded_for; > proxy_set_header Referer > "http://example.org"; > #proxy_set_header Upgrade $http_upgrade; > #proxy_pass_header Set-Cookie; > } > ## > # App2 > ## > location /app2 { > proxy_pass http://10.10.10.10:80; > proxy_redirect off; > proxy_set_header Host $http_host; > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header X-Forwarded-For > $proxy_add_x_forwarded_for; > proxy_set_header Referer > "http://example.org"; > #proxy_set_header Upgrade $http_upgrade; > #proxy_pass_header Set-Cookie; > } > > > Second the back end server > server { > listen 80; > server_name example.org; > index index.html index.php; > root /var/www/htdocs/app1; > > access_log /var/log/nginx/example.org.access.log; > error_log /var/log/nginx/example.org.error.log; > > location / { > try_files $uri $uri/ /index.php$is_args$args; > > location ~ \.php$ { > root /var/www/htdocs/app1; > fastcgi_pass unix:/run/php-fpm.app1.sock; > fastcgi_read_timeout 700; > fastcgi_split_path_info ^(.+\.php)(/.+)$; > fastcgi_index index.php; > fastcgi_param SCRIPT_FILENAME > $document_root$fastcgi_script_name; > include fastcgi_params; > } > } > > location /app2 { > try_files $uri $uri/ /index.php$is_args$args; > > location ~ \.php$ { > root /var/www/htdocs/app2; > fastcgi_pass unix:/run/php-fpm.app1.sock; > fastcgi_read_timeout 700; > fastcgi_split_path_info ^(.+\.php)(/.+)$; > fastcgi_index index.php; > fastcgi_param SCRIPT_FILENAME > $document_root$fastcgi_script_name; > include fastcgi_params; > } > } > } > > The result I have right now is that I can access app1 with > http://example.org, but i cannot access app2 with http://example.org/app2 > > Also what is the best practice on the backend server: > - should I make one single virtual host with two location statements > like I did or 2 virtual hosts with a fake name like > internal.app1.example.org and internal.app2.example.org ? > - can I mutualise the location ~ \.php$ between the two ? > - Should I copy access_log and error_log in the location /app2 statement ? > > By the way, app1 and app2 are the same application/program but sometimes > I want another instance or test app version 1, app version 2 etc. > > What I tend to do in the past is to have > app1.example.org > app2.example.org > The problem is that it makes me use multiple certificates. > Here I want to group all the applications behind one domain name > example.org with one certificate and then access different applications > with example.org/app1, example.org/app2 > > Thank you > > > > > > > > _______________________________________________ > nginx mailing list -- nginx@nginx.org > To unsubscribe send an email to nginx-le...@nginx.org -- Ian Hobson Tel (+66) 626 544 695 _______________________________________________ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
_______________________________________________ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org