I am running into issue where the website is accessible thru port 443, but if I try to integration api access (key,secret,token,secret), it will gives me error 403. I suspect the Nginx Config file is not set up properly. I hope someone can point me to the right direction.
My server setup is as follow:
Nginx Proxy Reverse on both (443) and (80 redirect to 443) as we implement http/2 protocol -> Varnish (listen on 6081) -> Apache backend (8080).
Nginx.conf file:
server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name DOMAIN.com www.DOMAIN.com; ssl on; ssl_certificate /etc/letsencrypt/live/DOMAIN.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com/privkey.pem; # managed by Certbot ssl_protocols TLSv1.2; ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL'; ssl_session_cache shared:SSL:10m; ssl_session_timeout 24h; keepalive_timeout 300s; ssl_dhparam /etc/nginx/ssl/dhparam.pem; location / { proxy_pass http://999.999.999.999:6081; #Real IP has been changed proxy_set_header Host $ host; proxy_set_header X-Real-IP $ remote_addr; proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Port 443; } server { listen 80; listen [::]:80; server_name DOMAIN.com www.DOMAIN.com; return 301 https://$ server_name$ request_uri; } /etc/default/varnish:
DAEMON_OPTS="-a :6081 \ -T localhost:6082 \ -f /etc/varnish/default.vcl \ -S /etc/varnish/secret \ -s malloc,1G" Default.vcl is generated from Magento Varnish 4.0 Generation Tools.
Apache.conf file:
<VirtualHost *:8080> ServerName DOMAIN.com ServerAlias www.DOMAIN.com DocumentRoot /var/www/DOMAIN.com/public_html <Directory /var/www/DOMAIN.com/public_html> Options Indexes FollowSymLinks MultiViews AllowOverride All Require all granted </Directory> ErrorLog $ {APACHE_LOG_DIR}/error.log CustomLog $ {APACHE_LOG_DIR}/access.log combined </VirtualHost> I suspect I miss on configration on Nginx.conf, it just dont know what to add or edit.
Thanks in advance.
