<div dir="ltr"><div>On this setup, there is a server directive listening to port 80 that returns www to non www and returns 80 to 443. </div><div><br></div><div>The second server is Nginx as SSL terminator, so it's an SSL virtual host, that proxies the request to Varnish, and the last server is the last host on the chain, that processes and serves back the requests. </div><div><br></div><div>Now, when I bypass the chain and do a `curl -v 127.0.0.1:8081` ( this is the backend vhost, the last in the chain ) I get a 302 redirect instead a 200. This is causing problems on my CMS and also with Varnish communicating to the backend.</div><div><br></div><div>    This is the curl response : </div><div>    </div><div>    * Rebuilt URL to: <a href="http://127.0.0.1:8081/">127.0.0.1:8081/</a></div><div>    * Hostname was NOT found in DNS cache</div><div>    *   Trying 127.0.0.1...</div><div>    * Connected to 127.0.0.1 (127.0.0.1) port 8081 (#0)</div><div>    > GET / HTTP/1.1</div><div>    > User-Agent: curl/7.38.0</div><div>    > Host: <a href="http://127.0.0.1:8081">127.0.0.1:8081</a></div><div>    > Accept: */*</div><div>    ></div><div>    < HTTP/1.1 302 Found</div><div>    * Server nginx/1.9.9 is not blacklisted</div><div>    < Server: nginx/1.9.9</div><div>    < Date: Sat, 19 Dec 2015 16:04:14 GMT</div><div>    < Content-Type: text/html</div><div>    < Transfer-Encoding: chunked</div><div>    < Connection: keep-alive</div><div>    < X-Powered-By: HHVM/3.11.0</div><div>    < Vary: Accept-Encoding</div><div>    < Location: <a href="https://domain.com">https://domain.com</a></div><div>    <</div><div>    * Connection #0 to host 127.0.0.1 left intact</div><div><br></div><div>And this is my nginx configuration : </div><div><br></div><div>    server {</div><div>        listen 80;</div><div>        server_name <a href="http://www.domain.com">www.domain.com</a>;</div><div>        return 301 $scheme://<a href="http://domain.com">domain.com</a>$request_uri;</div><div>        if ($scheme = http) {</div><div>                    return 301 https://$server_name$request_uri;</div><div>            }</div><div>    </div><div>    }</div><div>    </div><div>    </div><div>    </div><div>    server {</div><div>    </div><div>    <span class="" style="white-space:pre">      </span>listen 443 default_server ssl http2;</div><div>    <span class="" style="white-space:pre"> </span></div><div>    <span class="" style="white-space:pre">     </span>server_name <a href="http://domain.com">domain.com</a>;</div><div>    <span class="" style="white-space:pre">        </span>access_log  off;</div><div>    <span class="" style="white-space:pre">    </span>ssl_certificate /etc/ssl/private/cert_chain.crt;</div><div>    <span class="" style="white-space:pre">     </span>ssl_certificate_key /etc/ssl/private/server.key;</div><div>            </div><div>    <span class="" style="white-space:pre">   </span>if ($allow = no) {</div><div>            return 403;</div><div>            }</div><div>            if ($bad_referer) {</div><div>            return 444;</div><div>            }</div><div>    </div><div>    <span class="" style="white-space:pre">     </span>location / {</div><div>    <span class="" style="white-space:pre"> </span>proxy_pass <a href="http://127.0.0.1:8080">http://127.0.0.1:8080</a>;</div><div>    <span class="" style="white-space:pre">  </span>proxy_set_header X-Real-IP  $remote_addr;</div><div>            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;</div><div>            proxy_set_header X-Forwarded-Proto https;</div><div>            proxy_set_header X-Forwarded-Port 443;</div><div>            proxy_set_header Host $host;</div><div>    <span class="" style="white-space:pre">        </span>proxy_redirect     off;</div><div>    <span class="" style="white-space:pre">    </span>proxy_set_header HTTPS "on"; </div><div>    <span class="" style="white-space:pre">     </span>}</div><div>    }</div><div>    </div><div>    server {</div><div>    </div><div>    <span class="" style="white-space:pre">     </span>listen <a href="http://127.0.0.1:8081">127.0.0.1:8081</a>;</div><div>    <span class="" style="white-space:pre">     </span>root /var/www/<a href="http://domain.com/wordpress">domain.com/wordpress</a>;</div><div>            index index.php index.html index.htm;</div><div>    <span class="" style="white-space:pre">    </span>server_name <a href="http://domain.com">domain.com</a>;</div><div>    <span class="" style="white-space:pre">        </span>error_log /var/log/nginx/upstream.log info;</div><div>    <span class="" style="white-space:pre">  </span></div><div>            if ($allow = no) {</div><div>            return 403;</div><div>            }</div><div>            if ($bad_referer) {</div><div>            return 444;</div><div>            }</div><div>    </div><div>    </div><div>    <span class="" style="white-space:pre">      </span></div><div>    <span class="" style="white-space:pre">     </span>location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|css|js)$ {</div><div>    <span class="" style="white-space:pre">         </span>add_header Cache-Control "public, max-age=600";</div><div>    <span class="" style="white-space:pre">            </span>add_header Access-Control-Allow-Headers "X-Requested-With";</div><div>            <span class="" style="white-space:pre">    </span>add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS";</div><div>            <span class="" style="white-space:pre">  </span>add_header Access-Control-Allow-Origin "*";</div><div>    </div><div>    <span class="" style="white-space:pre">          </span>access_log off;</div><div>    <span class="" style="white-space:pre">      </span>}</div><div>    </div><div>            client_body_buffer_size 124K;</div><div>    </div><div>            client_header_buffer_size 1k;</div><div>    </div><div>            client_max_body_size 100m;</div><div>    </div><div>            large_client_header_buffers 4 16k;</div><div>    </div><div>            error_page 404 /404.html;</div><div>    </div><div>    </div><div>    </div><div>            gzip on;</div><div>            gzip_disable "msie6";</div><div>            gzip_vary on;</div><div>            gzip_proxied any;</div><div>            gzip_comp_level 6;</div><div>            gzip_buffers 16 8k;</div><div>            gzip_http_version 1.1;</div><div>            gzip_types application/json application/x-javascript application/xml text/javascript text/plain text/css application/javascript text/xml application/xml+rss;</div><div>    <span class="" style="white-space:pre">   </span>try_files $uri $uri/ /index.php?$args;</div><div>    <span class="" style="white-space:pre">       </span># Rewrites for Yoast SEO XML Sitemap</div><div>    <span class="" style="white-space:pre"> </span>rewrite ^/sitemap_index.xml$ /index.php?sitemap=1 last;</div><div>    <span class="" style="white-space:pre">      </span>rewrite ^/([^/]+?)-sitemap([0-9]+)?.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;</div><div>    <span class="" style="white-space:pre">        </span>include hhvm.conf;</div><div>    #<span class="" style="white-space:pre">  </span>include domain.com-ps.conf;</div><div>    #<span class="" style="white-space:pre"> </span>include multisite.conf;<span class="" style="white-space:pre">   </span> </div><div>    <span class="" style="white-space:pre">   </span>rewrite /wp-admin$ $scheme://$server_name$uri/ permanent;</div><div>            error_page 500 502 503 504 /50x.html;</div><div>            location = /50x.html {</div><div>                  root /usr/share/nginx/html;</div><div>            }</div><div>    <span class="" style="white-space:pre">        </span>       </div><div>    <span class="" style="white-space:pre">  </span> if ($bad_client) { return 403; }<span class="" style="white-space:pre"> </span></div><div>    </div><div>    </div><div>    </div><div>            #location / {</div><div>            #try_files $uri $uri/ /index.php?$args;</div><div>    <span class="" style="white-space:pre">     </span>#}</div><div>    </div><div>    </div><div>    }</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div><br></div><div><font color="#ffffff">ELSITAR</font></div><div></div><div><br></div><div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><img src="https://docs.google.com/uc?export=download&id=0B3XfePYC7r00QkVpTzFuYWx4NUU&revid=0B3XfePYC7r00amZwVHAxMGVxeUNhUFNzSGhlRUhadFBjbjlRPQ" width="200" height="87"><br></div></div></div></div></div>
<img width="0" height="0" class="mailtrack-img" src="https://mailtrack.io/trace/mail/9e3ce12d66a7a8f4394faa8420fd95d8330ccab8.png"></div>