Port redirect in URL

Igor Sysoev igor at sysoev.ru
Thu Apr 21 14:51:24 UTC 2016 

On 21 Apr 2016, at 17:41, Jim Ohlstein <jim at ohlste.in> wrote:

> Hello,
> 
> On 4/21/16 10:17 AM, Igor Sysoev wrote:
>> On 21 Apr 2016, at 17:14, Igor Sysoev <igor at sysoev.ru> wrote:
>> 
>>> On 21 Apr 2016, at 17:09, Jim Ohlstein <jim at ohlste.in> wrote:
>>> 
>>>> Hello,
>>>> 
>>>> I'm going a bit crazy here and hoping for some help. I've set up a new Mailman installation on FreeBSD. The system is set as follows:
>>>> 
>>>> Web <-> nginx SSL termination and reverse proxy <-> nginx + fcgiwrap + Mailman
>>>> 
>>>> When I try to access https://lists.mydomain.com or https://lists.mydomain.com/ it redirects me to https://lists.mydomain.com:8000/mailman/listinfo which of course fails.
>>>> 
>>>> If I access https://lists.mydomain.com/mailman/listinfo directly or any URL except the main one, it works as expected.
>>>> 
>>>> I have tried multiple options including:
>>>> 
>>>> port_in_redirect off;
>>>> proxy_bind $host:443;
>>>> proxy_redirect off;
>>>> 
>>>> Nothing seems to be working.
>>>> Proxy settings for nginx front end: server
>>>> 
>>>>   location / {
>>>>       proxy_pass http://10.0.250.37:8000;
>>>>       proxy_set_header    X-Real-IP   $remote_addr;
>>>>       proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
>>>> 	proxy_set_header    X-Forwarded-Proto   $scheme;
>>>>       proxy_http_version 1.1;
>>>>       proxy_set_header Connection "";
>>>>       proxy_redirect   off;
>>>>       proxy_set_header   Host  $host;
>>>> 
>>>> 	[snip]
>>>>   }
>>>> 
>>>> Backend server uses fastcgi for Python via fcgiwrap. Any help would be appreciated.
>>> 
>>> proxy_redirect  on;
>> 
>> Sorry, no.
>> 
>> proxy_redirect  https://lists.mydomain.com:8000/  /;
>> 
>> 
> 
> Same result. I believe I had tried it already. To make certain I wasn't seeing a cached response I checked with curl:
> 
> curl -I https://lists.mydomain.com
> HTTP/1.1 301 Moved Permanently
> Server: nginx/1.9.14
> Date: Thu, 21 Apr 2016 14:34:27 GMT
> Content-Type: text/html
> Content-Length: 185
> Connection: keep-alive
> Location: http://lists.mydomain.com:8000/mailman/listinfo
> Strict-Transport-Security: max-age=31536000
> 
> So it's actually redirecting to http. I have
> 
> fastcgi_param HTTPS on;
> fastcgi_param HTTP_SCHEME https;
> 
> set on the backend server so this is puzzling.

Then you need:

-proxy_redirect  https://lists.mydomain.com:8000/  /;
+proxy_redirect  http://lists.mydomain.com:8000/  /;

The first parameter should be equal to the beginning
of string in Location header.  Also you can specify several
proxy_redirect directives.


-- 
Igor Sysoev
http://nginx.com

More information about the nginx mailing list