Reverse proxy redirection issue

Daniel Armando Rodriguez drodriguez at unau.edu.ar
Mon Sep 20 01:08:08 UTC 2021 

El 2021-09-19 04:00, Francis Daly escribió:
> On Sat, Sep 18, 2021 at 09:16:28AM -0300, Daniel Armando Rodriguez 
> wrote:
>> El 2021-09-18 05:03, Francis Daly escribió:
>> > On Fri, Sep 17, 2021 at 10:24:44PM -0300, Daniel Armando Rodriguez
>> > wrote:
> 
> Hi there,
> 
>> > if you do
>> >
>> >     curl -i http://2.DOMAIN.edu.ar
>> >
>> > you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar (which
>> > is not what you want).
>> >
>> > Is that correct?
>> 
>> Yep, that was exactly the issu. And saying 'was' 'cause this morning
>> everything is working like a charm. Without made any further 
>> modification I
>> mean. Really don't know what have happened here, but glad to see it 
>> working
>> as expected.
> 
> Great that you have a config and setup that now does what you want :-)
> 
> Now that is isn't broken, with no known changes, it's hard to guess
> what might have been the problem. Maybe something restarted overnight,
> or caches cleared, or something odd like that.
> 
> Cheers,
> 
> 	f

Today I added a new domain, and the issue showed up again.

curl -i http://4.DOMAIN.edu.ar

Returns a redirect to https://4.DOMAIN.edu.ar

But

curl -i https://4.DOMAIN.edu.ar

Returns a redirect to https://4.DOMAIN.edu.ar

I really would like to understand why this happens.

This is the output of nginx -T

# configuration file /etc/nginx/sites-enabled/4.DOMAIN.edu.ar.conf:
server {
     listen 80;
     server_name 4.DOMAIN.edu.ar;
     server_tokens off;
     # Don't show the nginx version number

     include /etc/nginx/snippets/location-letsencrypt.conf;

     return 301 https://$server_name$request_uri;
}

server {
     listen 443 ssl http2;

     server_name 4.DOMAIN.edu.ar;
     server_tokens off;
     # Don't show the nginx version number

     include /etc/nginx/snippets/location-letsencrypt.conf;
     include /etc/nginx/snippets/ssl-params.conf;

     ssl_certificate /etc/letsencrypt/live/4.DOMAIN.edu.ar/fullchain.pem;
     ssl_certificate_key 
/etc/letsencrypt/live/4.DOMAIN.edu.ar/privkey.pem;

     location / {
        proxy_http_version  1.1;
        #For Websockets and keepalive connections
        proxy_set_header Upgrade           $http_upgrade;
        proxy_set_header Connection        "upgrade";
        #required when using Websockets
        proxy_set_header Host              $host;
        #Contains:
        #   hostname from the request line,
        #   or hostname from the Host request header field,
        #   or the server name matching a request.
        proxy_set_header X-Real-IP         $remote_addr;
        #Forwards the real visitor remote IP address
        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
        #List containing the IP addresses of every server the client has 
been proxied through.
        proxy_set_header X-Forwarded-Proto $scheme;
        #When used inside an HTTPS server block,
        #each HTTP response from the proxied server is rewritten to HTTPS
        proxy_set_header X-Forwarded-Host  $host;
        #Original host requested by the client
        proxy_set_header X-Forwarded-Port  $server_port;
        #Original port requested by the client
        proxy_pass http://INTERNAL-IP/;
     }

     access_log /var/log/nginx/4.DOMAIN.edu.ar/access.log;
     error_log /var/log/nginx/4.DOMAIN.edu.ar/error.log;

}

More information about the nginx mailing list