Getting weird issue with Nginx reverse Proxy
Sergey A. Osokin
osa at freebsd.org.ru
Thu Mar 3 20:00:45 UTC 2022
Hi there,
hope you're doing well these days.
On Thu, Mar 03, 2022 at 01:26:51PM -0500, blason wrote:
> Hi Team,
>
> My portal name is lets say fs.example.com and it is configured on apache
> server which is then proxied to internet using Nginx reverse proxy. However
> I tried everything I was aware of and I am consistently getting below error
> whenever this URL is accessed. I am running out of ideas about
> troubleshooting the issue and I need a help on it. Here is Nginx config
> file
>
> ```
> server {
> listen 443 http2 ssl;
> server_name fs.example.com;
> ssl_protocols TLSv1.2;
> ssl_prefer_server_ciphers on;
> ssl_session_cache shared:SSL:10m;
> ssl_certificate /etc/nginx/ssls/isncert/isnwild.crt;
> ssl_certificate_key /etc/nginx/ssls/isncert/star.key;
> ssl_ciphers
> 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:E
> CDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256
> -SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RS
> A-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:
> DES-CBC3-SHA:!DSS';
> ssl_dhparam /etc/ssl/dhparams2048.pem;
> ssl_session_timeout 1d;
> ssl_session_tickets off;
> ssl_stapling on;
> ssl_stapling_verify on;
> resolver 8.8.8.8 8.8.4.4 valid=300s;
> include /config/nginx/authelia.conf;
> access_log /var/log/nginx/fs/access.log;
> error_log /var/log/nginx/fs/error.log;
> location / {
> client_max_body_size 10m;
> #proxy_headers_hash_max_size 512;
> proxy_headers_hash_bucket_size 128;
> proxy_busy_buffers_size 256k;
> proxy_temp_file_write_size 256k;
> proxy_buffers 4 256k;
> proxy_buffer_size 16k;
> proxy_pass http://fs.example.com;
> proxy_set_header Host $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> add_header X-Content-Type-Options nosniff;
> add_header X-XSS-Protection "1; mode=block";
> add_header Referrer-Policy "no-referrer-when-downgrade";
> add_header Strict-Transport-Security "max-age=31536000;
> includeSubDomains" always;
> include /config/nginx/auth.conf;
> include /config/nginx/restconfig.conf;
> }
> }
> ```
>
> And here is the error
>
> Bad Request
> Your browser sent a request that this server could not understand.
I'd recommend to run
# nginx -T |& tee /tmp/output.log
remote/anonimyse all restricted information in the /tmp/output.log file
and share the configuration here.
Thank you.
--
Sergey A. Osokin
More information about the nginx
mailing list