Port redirect in URL

Jim Ohlstein jim at ohlste.in
Thu Apr 21 14:41:24 UTC 2016 

Hello,

On 4/21/16 10:17 AM, Igor Sysoev wrote:
> On 21 Apr 2016, at 17:14, Igor Sysoev <igor at sysoev.ru> wrote:
>
>> On 21 Apr 2016, at 17:09, Jim Ohlstein <jim at ohlste.in> wrote:
>>
>>> Hello,
>>>
>>> I'm going a bit crazy here and hoping for some help. I've set up a new Mailman installation on FreeBSD. The system is set as follows:
>>>
>>> Web <-> nginx SSL termination and reverse proxy <-> nginx + fcgiwrap + Mailman
>>>
>>> When I try to access https://lists.mydomain.com or https://lists.mydomain.com/ it redirects me to https://lists.mydomain.com:8000/mailman/listinfo which of course fails.
>>>
>>> If I access https://lists.mydomain.com/mailman/listinfo directly or any URL except the main one, it works as expected.
>>>
>>> I have tried multiple options including:
>>>
>>> port_in_redirect off;
>>> proxy_bind $host:443;
>>> proxy_redirect off;
>>>
>>> Nothing seems to be working.
>>> Proxy settings for nginx front end: server
>>>
>>>    location / {
>>>        proxy_pass http://10.0.250.37:8000;
>>>        proxy_set_header    X-Real-IP   $remote_addr;
>>>        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
>>> 	proxy_set_header    X-Forwarded-Proto   $scheme;
>>>        proxy_http_version 1.1;
>>>        proxy_set_header Connection "";
>>>        proxy_redirect   off;
>>>        proxy_set_header   Host  $host;
>>>
>>> 	[snip]
>>>    }
>>>
>>> Backend server uses fastcgi for Python via fcgiwrap. Any help would be appreciated.
>>
>> proxy_redirect  on;
>
> Sorry, no.
>
> proxy_redirect  https://lists.mydomain.com:8000/  /;
>
>

Same result. I believe I had tried it already. To make certain I wasn't 
seeing a cached response I checked with curl:

curl -I https://lists.mydomain.com
HTTP/1.1 301 Moved Permanently
Server: nginx/1.9.14
Date: Thu, 21 Apr 2016 14:34:27 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://lists.mydomain.com:8000/mailman/listinfo
Strict-Transport-Security: max-age=31536000

So it's actually redirecting to http. I have

fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;

set on the backend server so this is puzzling.


-- 
Jim Ohlstein


"Never argue with a fool, onlookers may not be able to tell the 
difference." - Mark Twain

More information about the nginx mailing list