What about curl command? Are you able to access with the given port?
When I run curl stapp01:<nginx-port>
from Jump Server
& from LB Server
I get the 403
error shown in the screenshot above.
When I run telnet stapp01 <nginx port>
, however, it says that it’s connected.
I’ve tried getting this to work with eth0
, without eth0, with
WAN, and without any attached network interface, which then requires the use of
iptables -F in order to avoid yet another error:
No route to host`.
Here are the steps that I have taken on all 3 App Servers
:
systemctl status nginx
systemctl status httpd
# get apache port Listen 3004
sudo cat /etc/httpd/conf/httpd.conf | grep Listen
sudo su -
yum install net-tools
# find nginx port 8096
netstat -tulpn | grep LISTEN
yum install -y firewalld
systemctl restart dbus
systemctl start firewalld
systemctl enable firewalld
systemctl status firewalld
firewall-cmd --zone=public --add-port=8096/tcp --permanent
firewall-cmd --permanent --zone=public --add-service={http,https}
firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="172.16.238.14" port protocol=tcp port=3004 accept'
firewall-cmd --permanent --zone=public --change-interface=wan
firewall-cmd --reload
firewall-cmd --get-active-zones
systemctl restart firewalld
systemctl status firewalld
firewall-cmd --zone=public --list-ports
firewall-cmd --zone=public --list-all
firewall-cmd --list-all
# From Jump Host
curl stapp01:8096 == > //nginx 403 Forbidden
telnet stapp01 8096 //nginx => connected
telnet stapp02 8096 //nginx => connected
telnet stapp03 8096 //nginx => connected
curl stapp01:3004 => //apache => ... No route to host
telnet stapp01 3004 //apache => ..No route to host
telnet stapp02 3004 //apache => ...No route to host
telnet stapp03 3004 //apache => ...No route to host
# from LB server:
curl stapp01:8096 //nginx = > 403 Forbidden
telnet stapp01 8096 //nginx => connects
telnet stapp02 8096 //nginx => connects
telnet stapp03 8096 //nginx => connects
curl stapp01:3004 //apache => connects
telnet stapp01 3004 //apache => connects
telnet stapp02 3004 //apache => connects
telnet stapp03 3004 //apache => connects
Can anyone help me with this??
Thanks:-)
I guess configuration error. NGINX could not deliver the content that you have configured in nginx.conf.
it could be the file name or the path… or the permission to the content that you would like to publish…
If you can provide the config code, some KodeKloud senior engineers could easily diagnosis the cause of 403.
Hi @dthapali!
Thanks for responding. I FINALLY figured it out. You were right: I had to check the nginx.conf
, something that I had checked before, but I had missed a couple of things/nuances.
When I went back to the NGINX Reverse Proxy
proxy task (I completed that task over a week ago) and checked my notes, it all became a bit more clear.
It seemed so difficult, but now that I know…I know. Sometimes I have to do something a few times in order for things to stick. That’s how we learn I guess.
If anyone needs helps with this task let me know.
Please share your work out.
Hi @Nasri,
Is there a certain part of this task that you are stuck on?
To get rid of the 403 forbidden
error when trying to curl nginx
from the Jump host
and from the LB server
, I had to check/set the configuration(s) in the /etc/nginx/nginx.conf
config file on each app server like so:
server {
listen <nginx-port>;
listen [::]:<nginx-port>;
server_name <app-server-ip>;
root /usr/share/nginx/html;
}
location / {
proxy_pass http://<app-server-ip>:<apache-port>/;
}
Then I had to run systemctl restart nginx
to persist the changes.
Let me know if this helps:-)
PS.
The /etc/httpd/conf/httpd.conf
configuration was already listening on the Apache port
, so there were no issues there, but you might want to check it to make sure that it is listening in your environment…just to be sure.
Thank you for your reply But I was curious about the part that gives 403 error, how did you fix that?
Hi @Nasri,
Have you checked out my last post above?
I had to check/set the configuration(s) in the /etc/nginx/nginx.conf
config file…
Hope this helps:-)
Hi Juliettet,
How did you resolve the 403 error message in nginx conf file?
thanks
Swaroop
Hi @swaroopcs88,
Basically, after getting/checking the nginx port
via:
sudo su -
yum install net-tools
netstat -tulpn | grep LISTEN
# or get port via checking out conf file:
cat /etc/nginx/nginx.conf => check port #
& getting/checking the httpd port
:
sudo cat /etc/httpd/conf/httpd.conf | grep Listen
I had to edit/configure the correct ports in the server block
section of the /etc/httpd/conf/httpd.conf
file.
Check out my posts above for the steps that I took.
Hope this helps:-)
Hi @juliettet,
Can you help me to complete this task?
I’m getting No root to host when I use telnet, If I use curl to Nginx port getting HTML code.
Hi @TharunTeja4676,
Have you configured/added the iptables rule for the Apache port?
Also, make sure that you have added ServerName with the ip + port (127.0.0.1::<apache-port>)
in the Apache conf file (etc/httpd/conf/httpd.conf)
.
You also need to add Listen <serverip-of-app-server-with-failing-connection>:<apache-port>
via the Apache conf file on the app server that is failing to connect.
If you have these three things in place, the no route to host error should go away.
Hope this helps:-)
running systemctl nginx restart command is showing an error message.