3

I'm trying to setup Nginx to forward requests to several backend services using proxy_pass.

The links on the pages that lack trailing slashes do have https:// in front, but get redirected to a http request with a trailing slash - which ends in connection refused - I only want these services to be available through https.

So if a link is too https://example.com/internal/errorlogs

in a browser when loaded https://example.com/internal/errorlogs gives Error Code 10061: Connection refused (it redirects to http://example.com/internal/errorlogs/)

If I manually append the trialing slash https://example.com/internal/errorlogs/ it loads

I've tried with varied trailing forward slashes appended to the proxypath and location in proxy.conf to no effect, have also added server_name_in_redirect off;

This happens on more than one app under nginx, and works in apache reverse proxy

Config files;

proxy.conf

location /internal { proxy_pass http://localhost:8081/internal; include proxy.inc; } .... more entries ....

sites-enabled/main

server { listen 443; server_name example.com; server_name_in_redirect off; include proxy.conf; ssl on; }

proxy.inc

proxy_connect_timeout 59s; proxy_send_timeout 600; proxy_read_timeout 600; proxy_buffer_size 64k; proxy_buffers 16 32k; proxy_pass_header Set-Cookie; proxy_redirect off; proxy_hide_header Vary; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_set_header Accept-Encoding ''; proxy_ignore_headers Cache-Control Expires; proxy_set_header Referer $http_referer; proxy_set_header Host $host; proxy_set_header Cookie $http_cookie; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-Proto https;

curl output

-$ curl -I -k https://example.com/internal/errorlogs/ HTTP/1.1 200 OK Server: nginx/1.0.5 Date: Thu, 24 Nov 2011 23:32:07 GMT Content-Type: text/html;charset=utf-8 Connection: keep-alive Content-Length: 14327 -$ curl -I -k https://example.com/internal/errorlogs HTTP/1.1 301 Moved Permanently Server: nginx/1.0.5 Date: Thu, 24 Nov 2011 23:32:11 GMT Content-Type: text/html;charset=utf-8 Connection: keep-alive Content-Length: 127 Location: http://example.com/internal/errorlogs/
Improve this question
4
  • Can you check if this redirect from https to http is result from a 3XX response? Commented Nov 24, 2011 at 13:02
  • Please, add the result for curl -I https://example.com/internal/errorlogs Commented Nov 24, 2011 at 23:23
  • yep, you're right!, do you think I should try add a scheme rewrite rule to proxy.inc? Commented Nov 24, 2011 at 23:35
  • See this answer. Commented Jun 15, 2017 at 8:29

1 Answer 1

Reset to default
0

I saw you added the server_name_in_redirect directive, but you need proxy_redirect directive on the location session

http://wiki.nginx.org/HttpProxyModule#proxy_redirect

You will add something like that

proxy_redirect http://example.com/ /;
Improve this answer
6
  • proxy_redirect http://example.com/ /; #Works proxy_redirect http://$host/ /; #Fails Commented Nov 25, 2011 at 0:00
  • also, works regardless of server_name_in_redirect Commented Nov 25, 2011 at 0:00
  • I know, they are similar, but the server_name_in_redirect acts on redirects inside nginx, and proxy_redirect acts in redirect responses from upstream proxies. Commented Nov 25, 2011 at 0:08
  • RE: Voting, what I can tell you is that no one person has voted, in any way, more than 4 times on your posts. Beyond that, I can't tell. Commented Dec 29, 2011 at 3:20
  • @sysadmin1138 it disappeared a few minutes after I sent that message, I thought that was strange because all had the same time, thanks anyway. Commented Dec 29, 2011 at 3:39

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.