Reverse proxy problem with an application

B.R. reallfqq-nginx at
Wed Mar 8 13:02:53 UTC 2017

This clearly looks like an application problem and not a nginx-related one.
nginx does not remove cookies nor, as the configuration snippet you shared
suggest, handles authentication.

If you use DNS, make sure all requests are served by the instance of nginx
you quote, including redirects which might happen on login (have a look at
access logs).
You can also investigate the content of cookies received either from
downstream or upstream if you think it is related to your problem.

If you got a question on the nginx configuration this ML is here to help.
Otherwise, you'll need to rereoute your question where appropriate.
*B. R.*

On Mon, Mar 6, 2017 at 10:35 PM, Mik J via nginx <nginx at> wrote:

> Hello,
> I have run an application behind a nginx reverse proxy and I can't make it
> to work
> a) if I access this application using
> <> it works (certificate warning)
> b) if I access this application using, I get
> access to the login page
>     location ^~ / {
>         proxy_pass;
>         proxy_redirect    off;
>         proxy_set_header  Host             $http_host;
>         proxy_set_header  X-Real-IP        $remote_addr;
>         proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
>         proxy_hide_header X-Frame-Options;
>         proxy_hide_header X-Content-Security-Policy;
>         proxy_hide_header X-Content-Type-Options;
>         proxy_hide_header X-WebKit-CSP;
>         proxy_hide_header content-security-policy;
>         proxy_hide_header x-xss-protection;
>         proxy_set_header  X-NginX-Proxy true;
>         proxy_ssl_session_reuse off;
>     }
> c) I log in in the page and after some time (2/3 seconds) the application
> logs me out
> When I log in directly case a) I notice that I have (firebug)
> CookieSaveStateCookie=root; APPSESSIONID=070ABC6AE433D2CAEDCFFB1E43074416;
> testcookieenabled
> Whereas when I log in in case c) I have
> APPSESSIONID=070ABC6AE433D2CAEDCFFB1E43074416; testcookieenabled
> So I feel there's a problem with the session or something like that.
> PS: There is only one backend server and I can't run plain http (disable
> https)
> Does anyone has an idea ?
> _______________________________________________
> nginx mailing list
> nginx at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list