Hi guys,
thanks in advance for all your help. Also thanks for creating those great docker images. I really like them a lot.
Okay so i was trying to install wordpress inside of linuxserver/nginx behind another nginx proxy running in front of it. Downloaded the latest wordpress files, extracted them inside www and set default.conf from nginx to the following:
server {
listen 80 default_server;
# listen 443 ssl;
root /config/www/wordpress;
index index.html index.htm index.php;
server_name _;
# ssl_certificate /config/keys/cert.crt;
# ssl_certificate_key /config/keys/cert.key;
client_max_body_size 0;
location / {
try_files $uri $uri/ /index.html /index.php?$args =404;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
Somehow the wordpress site is weirdly acting. I can see all the text but seem to be missing images. Also I cannot login via the login page. In case you want to take a look:
I didnt wanted to use swag because I have all certificates created by my reverse proxy. PHP also seems to be running fine, since it would show such an error on the setup page. Lastly I rechecked all my permission and ownerships of folders which also seem to be correct.
Its an error I never ran into before so I really would be grateful for any help you can give me. Am I overlooking something completely obvious here?
Thanks again,
driz
12 July 2021 15:03
2
If you bypass your proxy and go directly to your site, do you see the images?
troubleshooting a reverse proxy that isn’t ours isn’t something we would do, though you could ask in #other-support on discord.
Thanks for your answer. You are actually right. Connecting directly to that container work with images. I am actually using nginx image by linuxserver as reverse proxy and created my own conf file. Guess that one is somehow incorrect…
In case anyone might have time to help. Thats my config. Plus redirecting all from port 80 to 443:
server {
listen 443 ssl http2;
server_name SOME;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
ssl_certificate /etc/letsencrypt/live/SOME/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/SOME/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_early_data on;
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
#client_max_body_size 0;
#gzip_min_length 10240;
#gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip on;
gzip_disable "msie6";
#add_header Cache-Control public;
location ^~ / {
proxy_pass http://IP:80;
# Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
# Proxy Connection Settings
proxy_buffers 32 4k;
proxy_connect_timeout 240;
proxy_headers_hash_bucket_size 128;
proxy_headers_hash_max_size 1024;
proxy_http_version 1.1;
proxy_read_timeout 240;
proxy_redirect http:// $scheme://;
proxy_send_timeout 240;
# Proxy Cache and Cookie Settings
proxy_cache_bypass $cookie_session;
#proxy_cookie_path / "/; Secure"; # enable at your own risk, may break certain apps
proxy_no_cache $cookie_session;
# Proxy Header Settings
# proxy_set_header Connection $connection_upgrade;
proxy_set_header Early-Data $ssl_early_data;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
driz
12 July 2021 17:18
4
Ill direct you to our config template for proxying, but if you want support with your custom stuff, i would suggest discord #other-support .
## Version 2021/05/18
# REMOVE THIS LINE BEFORE SUBMITTING: The structure of the file (all of the existing lines) should be kept as close as possible to this template.
# REMOVE THIS LINE BEFORE SUBMITTING: Look through this file for <tags> and replace them. Review other sample files to see how things are done.
# REMOVE THIS LINE BEFORE SUBMITTING: The comment lines at the top of the file (below this line) should explain any prerequisites for using the proxy such as DNS or app settings.
# make sure that your dns has a cname set for <container_name> and that your <container_name> container is not using a base url
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name <container_name>.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
show original
you’ll need to review our swag proxy.conf, resolver.conf, and ssl.conf as they’re part of this.
Seems like this solved my problem in the end in wp-config.php file:
/*
Handle SSL reverse proxy
*/
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS']='on';
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
$_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
}
Taken from: Wordpress-Seite hinter Nginx ReverseProxy | Media-TechPort
