How to apply the same settings to all hosts at once in Nginx?

A

Artyom2021-06-30 01:18:35

Nginx

Artyom, 2021-06-30 01:18:35

I have a server with several sites in sites-available

I want to deny access to some locations and issue 404 or 444

But I don’t want to write the same thing in each file

I read the Internet, it seems that the issue can be solved through nginx.conf

I write there:

server {

location /123 {
 deny all;
 return 444;
}

}

Then restart and reload nginx

I go to the first_address/123, error 404
I go to the second_address/123, again 404

If I write location to each site in sites-available separately, then everything works, I get 444

What am I doing wrong? I searched the Internet, tried everything, but nothing helped :-(

default in sites-available

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;

    server_name _;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    
    }

    location ~ /\.ht {
        deny all;
    }
}

nginx.conf

user www-data;

worker_processes auto;

pid /run/nginx.pid;

include /etc/nginx/modules-enabled/*.conf;

events {
  worker_connections 768;
}

http {	
  
  client_max_body_size 100M;
  
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout 65;
  types_hash_max_size 2048;
  
  server_tokens off;

  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
  ssl_prefer_server_ciphers on;

  access_log /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;

  gzip on;

  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-enabled/*;
}

one of the sites in sites-available

server {

    root /var/www/адрес;
    index index.php index.html index.htm index.nginx-debian.html;

    server_name адрес www.адрес;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
    }

    location ~ /\.ht {
        deny all;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/адрес/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/адрес/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}server {
    if ($host = www.адрес) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = адрес) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
  
    server_name адрес www.адрес;
    listen 80;
    return 404; # managed by Certbot

}

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

Sergey Sokolov, 2021-06-30
@ixley

once all the configs will have to be supplemented with the instruction include common.conf;
Create this file common.confand put general instructions in it.
Alternatively, write a script that will insert an addition into each config.