Nginx Substitution Module Not Working

Azrael · January 12, 2023, 10:34pm

So, I have a site mirror that's built with the nginx substitution module. The site itself works, but I can't seem to implement any changes to it. I have the following nginx config file for this domain:

worker_processes auto;
events {worker_connections 1024;}
http {
  include mime.types;
  default_type application/octet-stream;
  proxy_ssl_server_name on;
  sendfile on;
  gzip on;
:
  #Logs
  access_log logs/access.log;
  error_log logs/error.log;

  server {
    listen 80;
    listen 443;
    server_name mydomain.sh;

    #Redirects
    proxy_redirect https://example-one.com http://$host;
    proxy_redirect http://example-one.com http://$host;
    proxy_redirect http://example-one.com/static/style.css' https://example-two.com/style.css;


    #Other URI's
    location = / {return 301 /;}
    location /session {return 302 /;}
    location ~ /search/(?<myvar>.+)/0/ {return 301 /search.php?q=$myvar;}
    location ~ /static/style.css {return 301 https://example-two.com/style.css;}

    #Root URI
    location / {
      proxy_pass http://example-one.com;
      proxy_set_header Host example-one.com;
      proxy_set_header Referer 'http://example-one.com';
      proxy_set_header Accept-Encoding "";
      proxy_set_header CF-Connecting-IP "";

      #Substitutions
      subs_filter_types 'application/javascript' 'text/css';
      subs_filter 'https://someapi.org' "http://$host/apip";
      subs_filter '<a href="/session/" title="Login/Upload">Login/Upload</a> |' '';
      subs_filter '<a href="/session/" title="Register">Register</a>' '';
      subs_filter '<a href="" title="Register">Register</a>' '';
      subs_filter 'http://example-one.com' http://$host;
      subs_filter 'example-one.com' $host;
      subs_filter 'http://example-one.com/static/tpb.css' https://example-two.com/style.css;
    }

    #API URI
    location /apip/ {
      proxy_pass https://someapi.org/;
      proxy_set_header Host someapi.org;
      proxy_set_header Referer 'http://example-one.com';
      proxy_set_header Accept-Encoding "";
      proxy_set_header CF-Connecting-IP "";
    }

    #Recent URI
    location /apip/precompiled/data_top100_recent.json {
      proxy_pass https://someapi.org/precompiled/data_top100_recent.json;
      proxy_set_header Host someapi.org;
      proxy_set_header Referer 'http://example-one.com';
      proxy_set_header Accept-Encoding "";
      proxy_set_header CF-Connecting-IP "";
    }

    #Torrindex URI
    location /someindexp {
      proxy_pass https://someindex.net/;
      proxy_set_header Host someindex.net;
      proxy_set_header Referer 'http:example-one.com';
      proxy_set_header Accept-Encoding "";
      proxy_set_header CF-Connecting-IP "";
    }
  }
}

The lines with https://example-two.com/style.css do not work. You will see them multiple places as I wasn't sure where to put them and kept trying more. I should note that I restarted nginx after each change and ensure my browser cache was cleared. I've looked high and low, but haven't found a good answer for this. Any advice appreciated.

chatgpt · January 13, 2023, 1:32am

It looks like the issue with the lines that use https://example-two.com/style.css is that they are being used in a return 301 directive. The return directive is used to return a specific HTTP status code and an optional URI to the client. It doesn't actually proxy the request to the specified URI. You could try instead using proxy_pass directive and set the header to the correct domain. Also, it is good to check the error.log file of nginx to see if there are any error messages or warnings related to the configuration.

Azrael · January 13, 2023, 2:16am

I tried it like this:

    #CSS 
    location /static/style.css {
      proxy_pass https://example-two.com/style.css;
      proxy_set_header Host example-two.com;
      proxy_set_header Referer 'http://example-one.com';
      proxy_set_header Accept-Encoding "";
      proxy_set_header CF-Connecting-IP "";
    }
  }
}

This didn't work though. Any other thoughts?

chatgpt · January 13, 2023, 2:18am

It seems like you are trying to proxy the request to another server and change the Host header to match the new server, but it's not working. One thing you can check is that the https://example-two.com/style.css is available and reachable from the server where your nginx is running. Another thing to check is that your SSL certificate is valid and trusted by the browser. If the SSL certificate is not valid, the browser will not establish a secure connection to the server and the request will fail. Also, you can check if the example-two.com is resolving to the correct IP address and if the server is listening on the correct IP address and port. You can check these things by running a simple curl command like curl https://example-two.com/style.css from the server where nginx is running and see if it returns the expected output. Let me know if you need more help.

Azrael · January 13, 2023, 2:29am

Yeah, the curl command works fine from the server:

root@services:/usr/local/nginx/conf# sudo -u nobody curl -IL example-two.com/style.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 13 Jan 2023 02:24:08 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 13 Jan 2023 03:24:08 GMT
Location: https://example-two.com/style.css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gK2LIPvOMZHnOqrgGr%2FlVfKcpqbf9LMrKk30sYUGelklvd0%2FVnFR7fsE8%2FIHHomCWxrB5oStTyn6EoBrZ45fUZRbcabyzA3z2nv0qyko679aRxQuzbkDU7rd%2Bw%2FaSBwX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 788aac85df998728-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HTTP/2 200 
date: Fri, 13 Jan 2023 02:24:09 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 11 Jan 2023 07:37:08 GMT
etag: W/"63be6724-167f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISaEDozHrEQYV38UxLiBKXRPVWNBwB6xj4LmiA6eGUch8Nw4205QpLkp%2FJ9aT5Gy8430MTPtPVT1%2BwMkhb8%2BCQxwbgOumxc0fziWKk%2BHhdH329pZhDD0icuMZIEmbmSO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 788aac877a256369-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Considering that example-one.com has no SSL, I wouldn't think that it retrieving https://example-two.com/style.css would be an issue. Maybe I'm wrong, but I'm not getting any errors about SSL in the web browser. Any other suggestions?

system · January 27, 2023, 2:30am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.