Reverse proxy redirection issue

Daniel Armando Rodriguez drodriguez at unau.edu.ar
Mon Sep 20 14:01:59 UTC 2021


El 2021-09-19 22:08, Daniel Armando Rodriguez escribió:
> El 2021-09-19 04:00, Francis Daly escribió:
>> On Sat, Sep 18, 2021 at 09:16:28AM -0300, Daniel Armando Rodriguez 
>> wrote:
>>> El 2021-09-18 05:03, Francis Daly escribió:
>>> > On Fri, Sep 17, 2021 at 10:24:44PM -0300, Daniel Armando Rodriguez
>>> > wrote:
>> 
>> Hi there,
>> 
>>> > if you do
>>> >
>>> >     curl -i http://2.DOMAIN.edu.ar
>>> >
>>> > you get a http 301 redirect from nginx to https://1.DOMAIN.edu.ar (which
>>> > is not what you want).
>>> >
>>> > Is that correct?
>>> 
>>> Yep, that was exactly the issu. And saying 'was' 'cause this morning
>>> everything is working like a charm. Without made any further 
>>> modification I
>>> mean. Really don't know what have happened here, but glad to see it 
>>> working
>>> as expected.
>> 
>> Great that you have a config and setup that now does what you want :-)
>> 
>> Now that is isn't broken, with no known changes, it's hard to guess
>> what might have been the problem. Maybe something restarted overnight,
>> or caches cleared, or something odd like that.
>> 
>> Cheers,
>> 
>> 	f
> 
> Today I added a new domain, and the issue showed up again.
> 
> curl -i http://4.DOMAIN.edu.ar
> 
> Returns a redirect to https://4.DOMAIN.edu.ar
> 
> But
> 
> curl -i https://4.DOMAIN.edu.ar
> 
> Returns a redirect to https://4.DOMAIN.edu.ar
> 
> I really would like to understand why this happens.
> 
> This is the output of nginx -T
> 
> # configuration file /etc/nginx/sites-enabled/4.DOMAIN.edu.ar.conf:
> server {
>     listen 80;
>     server_name 4.DOMAIN.edu.ar;
>     server_tokens off;
>     # Don't show the nginx version number
> 
>     include /etc/nginx/snippets/location-letsencrypt.conf;
> 
>     return 301 https://$server_name$request_uri;
> }
> 
> server {
>     listen 443 ssl http2;
> 
>     server_name 4.DOMAIN.edu.ar;
>     server_tokens off;
>     # Don't show the nginx version number
> 
>     include /etc/nginx/snippets/location-letsencrypt.conf;
>     include /etc/nginx/snippets/ssl-params.conf;
> 
>     ssl_certificate 
> /etc/letsencrypt/live/4.DOMAIN.edu.ar/fullchain.pem;
>     ssl_certificate_key 
> /etc/letsencrypt/live/4.DOMAIN.edu.ar/privkey.pem;
> 
>     location / {
>        proxy_http_version  1.1;
>        #For Websockets and keepalive connections
>        proxy_set_header Upgrade           $http_upgrade;
>        proxy_set_header Connection        "upgrade";
>        #required when using Websockets
>        proxy_set_header Host              $host;
>        #Contains:
>        #   hostname from the request line,
>        #   or hostname from the Host request header field,
>        #   or the server name matching a request.
>        proxy_set_header X-Real-IP         $remote_addr;
>        #Forwards the real visitor remote IP address
>        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
>        #List containing the IP addresses of every server the client
> has been proxied through.
>        proxy_set_header X-Forwarded-Proto $scheme;
>        #When used inside an HTTPS server block,
>        #each HTTP response from the proxied server is rewritten to 
> HTTPS
>        proxy_set_header X-Forwarded-Host  $host;
>        #Original host requested by the client
>        proxy_set_header X-Forwarded-Port  $server_port;
>        #Original port requested by the client
>        proxy_pass http://INTERNAL-IP/;
>     }
> 
>     access_log /var/log/nginx/4.DOMAIN.edu.ar/access.log;
>     error_log /var/log/nginx/4.DOMAIN.edu.ar/error.log;
> 
> }

Gave a try adding

server {
     listen      80;
     return      444;
}

server {
     listen      443;
     return      444;
}

to prevent processing requests with undefined server names, but the 
message was 'Connection closed'


More information about the nginx mailing list