Tag Archives: nginx

error: \*1035 connect() failed (111: Connection refused) while connecting to upstream, client…..

error:1035 connect() failed (111: Connection refused) while connecting to upstream, client: …217, server: .com, request: “POST /api/userLogin HTTP/1.1”, upstream: “http://.1:8443/userLogin”, host: “*.com”

1. Cause

The deployment of the project is on Tencent cloud server, http upgraded to https, using Tencent ssl certificate, Ali’s domain name, during the nginx.conf configuration process, there is a front-end to back-end send request failure problem. The following error occurs.

The nginx.conf configuration is as follows:

server{
	#SSL The default access port number is 443
    listen 443 ssl;
    server_name domain;
    default_type text/html;
    ssl_certificate certificate file path (.crt/.pem);
    ssl_certificate_key private key file path (.key);
    ssl_session_timeout 5m;
    # Please configure according to the following protocols
    ssl_protocols TLSv1.2 TLSv1.3;
    s#Please configure the encryption suite according to the following suite configuration, written following the openssl standard.
     ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;

    location/{
        root /usr/share/nginx/html/dist/;
        try_files $uri $uri/ /index.html;
        index index.html;
    }

    location /api/ {
        default_type application/json;
        proxy_pass http://localhost:8443/;
    }
}

2. Solutions

Add a clause to the nginx.conf configuration: proxy_set_header Host $http_host;

server{
	#SSL The default access port number is 443
    listen 443 ssl;
    server_name domain;
    default_type text/html;
    ssl_certificate certificate file path (.crt/.pem);
    ssl_certificate_key private key file path (.key);
    ssl_session_timeout 5m;
    # Please configure according to the following protocols
    ssl_protocols TLSv1.2 TLSv1.3;
    s#Please configure the encryption suite according to the following suite configuration, written following the openssl standard.
     ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;

    location/{
        root /usr/share/nginx/html/dist/;
        try_files $uri $uri/ /index.html;
        index index.html;
    }

    location /api/ {
    	# nginx reverse proxy rewrites the host field attribute in the request header
        proxy_set_header Host $http_host;
        default_type application/json;
        proxy_pass http://localhost:8443/;
    }
}

[Solved] Windows Nginx Startup Error: bind() to 0.0.0.0:80 failed (10013: An attempt was made to access a socket

Solution 1:

(1) Check the error.log in the nginx-1.19.2\logs directory, and learn that the error message is: bind() to 0.0.0.0:80 failed (10013: An attempt was made to access a socket in a way forbidden by its access permissions)

(2) Press win+r, type cmd, and open the administrator interface

(3) type netstat -aon|findstr :80, find the port number 0.0.0.0:80 is occupied, check the pid value of 4

(4) Enter tasklist | findstr “4” to find the name corresponding to port 4, which is System

(5) after viewing the System system occupancy can not be manually terminated, the reason is SQLServer Reporting Services, stop this service and set to start manually can, after starting nginx, need to restart SQLServer Reporting Services

Disadvantage: This approach requires you to stop SQLServer Reporting Services again after each boot, and then start nginx

Solution 2:

Modify the default port number under nginx.conf

(1) Open the nginx.conf file in the nginx directory with Notepad

(2) Press win+r, type cmd, open the administrator interface, type netstat -aon|findstr :expected port number to see if your expected port number is occupied

(3) Modify nginx.conf, and then save it

(4) At the command prompt, type nginx -s reload (an important step)

(5) Then type start nginx at the command prompt

(6) in the browser localhost:81, if the following page appears in the modified successful

[Solved] yum Install gcc Error: Error: Package: glibc-headers-2.17-317.el7.x86_64

When installing Nignx
Installing the GCC compiler

yum install -y gcc

Report an error as below:

Error: Package: glibc-headers-2.17-317.el7.x86_64 (base)
           Requires: glibc = 2.17-317.el7
           Installed: glibc-2.17-322.el7_9.i686 (@c6-update)
               glibc = 2.17-322.el7_9
           Available: glibc-2.17-317.el7.i686 (base)
               glibc = 2.17-317.el7
Error: Package: glibc-devel-2.17-317.el7.x86_64 (base)
           Requires: glibc = 2.17-317.el7
           Installed: glibc-2.17-322.el7_9.i686 (@c6-update)
               glibc = 2.17-322.el7_9
           Available: glibc-2.17-317.el7.i686 (base)
               glibc = 2.17-317.el7
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest

Show one installed version higher than the required version

Resolved by downgrading.

yum downgrade glibc glibc-devel glibc-common glibc-headers

Installation success!

Installed:
  gcc.x86_64 0:4.8.5-44.el7                                                                                                                                           

Dependency Installed:
  cpp.x86_64 0:4.8.5-44.el7 glibc-devel.x86_64 0:2.17-317.el7 glibc-headers.x86_64 0:2.17-317.el7 kernel-headers.x86_64 0:3.10.0-1160.el7 libmpc.x86_64 0:1.0.1-3.el7
  mpfr.x86_64 0:3.1.1-4.el7

Complete!

[Solved] failed (13: Permission denied) while reading upstream

Error Messages:

/usr/local/nginx/logs/error.log
2022/08/11 09:36:47 [crit] 2821940#0: *6263 open() "/usr/local/nginx/proxy_temp/2/29/0000000292" failed 
(13: Permission denied) while reading upstream, client: 15.60.178.88, server: demo.jichu.com, 
request: "GET /static/css/bootstrap.min.css.map HTTP/1.1", 
upstream: "http://15.60.178.88:3001/static/css/bootstrap.min.css.map", host: "demo.jichu.com"
2022/08/11 09:36:49 [crit] 2821940#0: *6261 open() "/usr/local/nginx/proxy_temp/3/29/0000000293" failed (
13: Permission denied) while reading upstream, client: 15.60.178.88, server: demo.jichu.com, 
request: "GET /class/studChoiceConfig?v=463&_=1660181808733 HTTP/1.1", 
upstream: "http://15.60.178.88:3001/class/stu?v=463&_=1660181808733", host: "demo.jichu.com", 
referrer: "http://demo.jichu.com/class/class"

 

Solution:
vi /usr/local/nginx/conf/nginx.conf
#use nobody;
Modify to
use root;
Restart nginx

nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied)

nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied) This is because port 80 can only be started by the root user, so just let the non-root user use port 80.

The solution is as follows:

# Set CAP_NET_BIND_SERVICE capability for the specified program
$ setcap cap_net_bind_service=+eip /path/to/application
The tests are as follows:
# sudo setcap cap_net_bind_service=+eip /usr/local/nginx/sbin/nginx

It’s OK to start nginx again.

/usr/local/nginx/sbin/nginx-c/usr/local/nginx/conf/nginx.conf

[Solved] Nginx Restart Error: /run/nginx.pid failed (2: No such file or directory)

Nginx重启失败/run/nginx.pid failed (2: No such file or directory)

When deploying the project, an error is reported when restarting the nginx server after configuring the open port configuration

Go to the /run directory and find that there is no nginx.pid file.

Solution: enter etc/nginx/conf/nginx.conf file and modify the location of pid as below:

[Solved] gateway Error: reactor.core.Exceptions$ErrorCallbackNotImplemented

The production environment is fine, but suddenly all front-end requests are cross-domain and the requests are 500. gateway reports an error.
reactor.core.Exceptions$ErrorCallbackNotImplemented:java.lang.IndexOutOfBoundsException: Index: 0, Size: 0. All interfaces are reported.
The reason is that the gateway also integrates with springboot-admin, which opens the actuator endpoint of the application, leading to a code injection attack

Solution: Use nginx to intercept the path directly, add the following configuration to conf, and reload nginx.

location /actuator {
    return 404;
}

 

Nginx Error: SSL: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small


ubuntu20.04 nginx startup error:

root@ubuntu:/etc/nginx/conf.d# nginx -s reload
nginx: [warn] the “ssl” directive is deprecated, use the “listen … ssl” directive instead in /etc/nginx/conf.d/xx.conf:12
nginx: [emerg] SSL_CTX_use_certificate("/etc/nginx/conf.d/crt/server.crt") failed (SSL: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small)

 

Solution: When generating the secret key, the command is as follows
openssl genrsa -des3 -out server.key 1024
Modify to
openssl genrsa -des3 -out server.key 2048

[Solved] jumpserver nginx Error: Connect websocket server error

After installation, the jumpserver selects a custom port, and the HTTP port 80 is changed to 88. After forwarding through nginx, remember to set the upgrade of nginx, otherwise it will prompt: connect websocket server error

Nginx is configured as follows:

##Jump
server {
listen 80;
server_name jump.xxxxxx.cn;

location/{
proxy_pass   http://127.0.0.1:88;
        proxy_http_version      1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
}
}

This will not prompt an error

[Solved] Nginx cannot access pictures on FTP Error: Whitelabel error page

1. Unable to access the picture

 

As can be seen from the above figure, whether the full path home/ftpuser/image access or/image access is used, the image access fails.

Let’s solve this problem

2. Configure nginx image access path

# Go to the conf directory of nginx, and find nginx.conf

# Edit profile
vi nginx.conf

# nginx.conf Add Configuration
location /image {
	alias /home/ftpuser/image;
	autoindex on;
}

3. Restart nginx

./nginx -s reload

4. Picture access succeeded