Nginx reverse proxy & AJP

Just wanted to drop my observations with this one as it gave me some fits. First thing: if you need to make a change to the .conf file use the comand sudo NGINX -s reload . That will allow you to quickly reload the new conf. Second: You can’t use port 80 on pwnbox. I used 8082, but you can just use an arbitrary open port. Third: The server entry in the conf file will use the target port, not the default 8009 (it mentions this in the question, but I overlooked it), Lastly and probably most important: If it doesn’t work and you think everything looks right. Refresh the target. I was certain I didn’t mess anything up, but it took about 4 target refreshes before it would go through.

I really need some help with this one; I’ve tried with kali and pwnbox. This is the error that I receive. Many thanks if anyone has any ideas.

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
	worker_connections 768;
	# multi_accept on;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;

	# gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	# gzip_buffers 16 8k;
	# gzip_http_version 1.1;
	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;


        upstream tomcats {
	     server 94.237.53.57:32181;
	     keepalive 10;
	}
        server {
	    listen 8080;
	    location / {
		ajp_keep_conn on;
		ajp_pass tomcats;
	    }
        }
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
#
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
#
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}
┌─[eu-academy-2]─[10.10.14.12]─[htb-ac-709620@htb-oqroyyf87b]─[/etc/nginx]
└──╼ [★]$ sudo nginx -T
nginx: [emerg] unknown directive "ajp_keep_conn" in /etc/nginx/nginx.conf:70
nginx: configuration file /etc/nginx/nginx.conf test failed

┌─[eu-academy-2]─[10.10.14.12]─[htb-ac-709620@htb-oqroyyf87b]─[/etc/nginx]
└──╼ [★]$ sudo nginx -s reload
nginx: [emerg] unknown directive "ajp_keep_conn" in /etc/nginx/nginx.conf:70

Many thanks if you have any ideas!

I got it. What a nightmare lol

These instructions are absolutely terrible. I honestly think they don’t even have staff go through the module themselves and try to see if there is any errors or easy to follow for beginners.

u will find it on the next page , Apache Reverse Proxy & AJP