forward 443 requests to correct (?) port

Brian Carey biscotty666 at gmail.com
Mon Sep 19 18:25:04 UTC 2022


Hi,

Maybe I'm misunderstanding how this should work. Can I use non-ssl 
connections for upstream servers when the originating request is https?

I'm forwarding nginx requests to an apache server listening on 8080. 
Everything works fine if I explicitly use http but not https. My nginx 
site itself has no problem with https and all http traffic is forwarded 
to https. However when I try to go to wordpress (on apache) I get an 
error in my browser that I am forwarding plain http to https, and indeed 
the port I see in the browser is 443 not 8080. Again if I explicitly 
request http I'm good but it fails with https. Why is nginx forwarding 
this traffic to 443 instead of 8080? Or probably better how do I change 
this behavior?

So I'm trying to find out how nginx makes that decision. This is the 
stanza nginx conf file.

server {
         listen 80 default_server;
         listen [::]:80;
         server_name biscotty.me;
         return 301 https://$hostname$request_uri;
}

server{

  listen 443 ssl http2;
         listen [::]:443 ssl;
         server_name biscotty.me;

         ssl_certificate         /etc/nginx/ssl/certificates.crt;
         ssl_certificate_key     /etc/nginx/ssl/private.key;

         root /var/www/html;

         index index.html index.htm index.nginx-debian.html;

         server_name _;

         location / {
                 # First attempt to serve request as file, then
                 # as directory, then fall back to displaying a 404.
                 try_files $uri $uri/ =404;
         }

location /wordpress {
                 proxy_pass http://0.0.0.0:8080;
                 proxy_buffering on;
                 proxy_buffers 12 12k;
                 proxy_redirect off;

                 proxy_set_header X-Real-IP $remote_addr;
                 proxy_set_header X-Forwarded-For $remote_addr;
                 proxy_set_header Host $host:8080;
         }

}



More information about the nginx mailing list