Closed buzzsubash closed 3 years ago
root@buzzgeetha:/etc/nginx/conf.d# sudo nginx -V nginx version: nginx/1.21.1 built by gcc 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04) built with OpenSSL 1.1.1 11 Sep 2018 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fdebug-prefix-map=/data/builder/debuild/nginx-1.21.1/debian/debuild-base/nginx-1.21.1=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie'
root@buzzgeetha:/etc/nginx/conf.d# ls -la /etc/nginx total 92 drwxr-xr-x 8 root root 4096 Aug 30 18:31 . drwxr-xr-x 110 root root 12288 Aug 30 21:16 .. drwxr-xr-x 2 root root 4096 Aug 30 09:56 bots.d drwxr-xr-x 2 root root 4096 Aug 30 21:21 conf.d -rw-r--r-- 1 root root 1077 Apr 6 2018 fastcgi.conf -rw-r--r-- 1 root root 1007 Jul 6 22:59 fastcgi_params -rw-r--r-- 1 root root 2837 Apr 6 2018 koi-utf -rw-r--r-- 1 root root 2223 Apr 6 2018 koi-win -rw-r--r-- 1 root root 5290 Jul 6 22:59 mime.types lrwxrwxrwx 1 root root 22 Jul 6 23:11 modules -> /usr/lib/nginx/modules drwxr-xr-x 2 root root 4096 Aug 30 17:35 modules-enabled -rw-r--r-- 1 root root 4869 Aug 30 18:31 nginx.conf -rw-r--r-- 1 root root 648 Jul 6 23:11 nginx.conf.dpkg-dist -rw-r--r-- 1 root root 180 Apr 6 2018 proxy_params -rw-r--r-- 1 root root 636 Jul 6 22:59 scgi_params drwxr-xr-x 2 root root 4096 Aug 30 21:16 sites-available drwxr-xr-x 2 root root 4096 Aug 30 18:01 sites-enabled drwxr-xr-x 2 root root 4096 Aug 30 09:54 snippets -rw-r--r-- 1 root root 664 Jul 6 22:59 uwsgi_params -rw-r--r-- 1 root root 3071 Apr 6 2018 win-utf root@buzzgeetha:/etc/nginx/conf.d# ls -la /etc/nginx/bots.d total 48 drwxr-xr-x 2 root root 4096 Aug 30 09:56 . drwxr-xr-x 8 root root 4096 Aug 30 18:31 .. -rw------- 1 root root 4723 Aug 30 09:55 bad-referrer-words.conf -rw------- 1 root root 5197 Aug 30 09:56 blacklist-ips.conf -rw------- 1 root root 3954 Aug 30 09:56 blacklist-user-agents.conf -rw------- 1 root root 3623 Aug 30 09:55 blockbots.conf -rw------- 1 root root 2971 Aug 30 09:55 custom-bad-referrers.conf -rw------- 1 root root 1748 Aug 30 09:55 ddos.conf -rw------- 1 root root 2974 Aug 30 09:56 whitelist-domains.conf -rw------- 1 root root 2292 Aug 30 09:56 whitelist-ips.conf root@buzzgeetha:/etc/nginx/conf.d# ls -ls /etc/nginx/conf.d total 540 4 -rw-r--r-- 1 root root 200 Aug 30 09:18 x.x.x.x.conf <<<<<<<< IP of server 4 -rw------- 1 root root 1914 Aug 30 18:41 botblocker-nginx-settings.conf 512 -rw------- 1 root root 523098 Aug 30 18:17 globalblacklist.conf 4 -rw-r--r-- 1 root root 482 Aug 2 20:55 phpmyadmin.inc 4 -rw-r--r-- 1 root root 306 Aug 2 20:55 phppgadmin.inc 4 -rw-r--r-- 1 root root 178 Aug 2 20:55 status.conf 4 -rw-r--r-- 1 root root 344 Aug 30 21:21 vesta.conf 4 -rw-r--r-- 1 root root 358 Aug 2 20:55 webmail.inc root@buzzgeetha:/etc/nginx/conf.d#
Copy of vhost / website / host .conf file
/etc/nginx/conf.d# cat x.x.x.x.conf server { listen x.x.x.x:80 default; servername ;
location / {
proxy_pass http://x.x.x.x:8080;
} }
========================================
Ubuntu
uname -a 4.15.0 #1 SMP Tue Aug 25 11:59:26 MSK 2020 x86_64 x86_64 x86_64 GNU/Linux
root@buzzgeetha:/etc/nginx/conf.d# cat vesta.conf
include /home/admin/conf/web/domain1.com.nginx.conf; include /home/admin/conf/web/domain1.com.nginx.ssl.conf; include /home/admin/conf/web/assets.domain1.com.nginx.conf; include /home/admin/conf/web/domain2.net.nginx.conf; include /home/admin/conf/web/assets.domain2.net.nginx.conf; include /home/admin/conf/web/assets.domain1.com.nginx.ssl.conf; root@buzzgeetha:/etc/nginx/conf.d#
This has been sorted out, I never ran the ./update after adding second domain. All good now.
27 cd /home/admin/conf/web/ 28 ls -l 29 cd /etc/nginx/conf.d 30 cat vesta.conf 31 sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O /usr/local/sbin/install-ngxblocker 32 sudo chmod +x /usr/local/sbin/install-ngxblocker 33 cd /usr/local/sbin 34 sudo ./install-ngxblocker 35 cd /usr/local/sbin/ 36 sudo ./install-ngxblocker -x 37 sudo chmod +x /usr/local/sbin/setup-ngxblocker 38 sudo chmod +x /usr/local/sbin/update-ngxblocker 39 cd /usr/local/sbin/ 40 sudo ./setup-ngxblocker 41 cd /usr/local/sbin/ 42 ls /home/admin/conf/web/ 43 sudo ./setup-ngxblocker -x -e conf -v /home/admin/conf/web/ 44 sudo nginx -t 45 sudo service nginx restart 46 sudo crontab -e 47 ./setup-ngxblocker -v /home/admin/conf/web/ 48 ./setup-ngxblocker -x -v /home/admin/conf/web/ 49 reboot 50 timedatectl
Hello, I have installed per the directions, which seemed very easy, but I am not able to get a successful blocking test. Everything appears to be in order, but will not work. I use an ubuntu server and lets encrypt SSL What can I look for to fix it?
1. Output while crawling
Subashs-MacBook-Pro ~ % curl -A "Xenu Link Sleuth/1.3.8" -I https://mydomain.com HTTP/1.1 200 OK Server: nginx Date: Mon, 30 Aug 2021 11:55:45 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Vary: Accept-Encoding Set-Cookie: ci_session=; expires=Mon, 30-Aug-2021 12:00:45 GMT; Max-Age=300; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache
======================================================================================= 2. nginx.conf file
root@buzzgeetha:/etc/nginx# cat nginx.conf
Server globals
user www-data; worker_processes auto; worker_rlimit_nofile 65535; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid;
Worker config
events { worker_connections 1024; use epoll; multi_accept on; }
http {
Main settings
======================================================================================= 3. Sites available
root@buzzgeetha:/etc/nginx/sites-available# ls -l total 12 -rw-r--r-- 1 root root 2633 Aug 30 09:56 default -rw-r--r-- 1 root root 527 Aug 30 18:10 domain1.com -rw-r--r-- 1 root root 505 Aug 30 18:10 domain2.net root@buzzgeetha:/etc/nginx/sites-available#
For some reason, .vhost files were never generated.
4. Sites directory
root@buzzgeetha:/etc/nginx/sites-available# cat domain1.com server { listen 80 default_server; listen [::]:80;
} root@buzzgeetha:/etc/nginx/sites-available#