Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

nginx redirect loop with ssl

This is a very similar problem to Nginx configuration leads to endless redirect loop but that discussion has not led me to an answer yet. I'm learning how to work with nginx and ssl and everything works perfectly on the regular http:// example.com side of things, but when routing to the https:// example.com/admin I instead see:

This webpage has a redirect loop

Here is my config file:

map $uri $example_org_preferred_proto {
        default "http";
        ~^/(images|css|javascript)/ "none";
        ~^/admin/ "https";
}

server {
    listen 80;
    root /usr/share/nginx/www/example.com/blog;

    server_name example.com;
        if ($example_org_preferred_proto = "https")
            return 301 https://example.com$request_uri;
        }

    location ~ / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:2368;
    }

}

server {
    listen 443;
    ssl on;
    root /usr/share/nginx/www/example.com/blog;

    server_name example.com;
    ssl_certificate /usr/share/nginx/<redacted>.crt;
    ssl_certificate_key /usr/share/nginx/<redacted>.key;
    if ($example_org_preferred_proto = "http") {
        return 301 http://example.com$request_uri;
    }

    location ~ / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:2368;
    }


}

Basically what I want to accomplish is having a site that normally runs unencrypted, but when I point to my admin page the browser redirects to https and encrypts my login.

Note: the mapping idea came from http://www.redant.com.au/ruby-on-rails-devops/manage-ssl-redirection-in-nginx-using-maps-and-save-the-universe/ and seems like a much better approach than using rewrite

like image 684
stoves Avatar asked Apr 16 '14 23:04

stoves


People also ask

What ports does Nginx use for redirects?

Nginx Redirect from HTTP to HTTPS (SSL) HTTP and HTTPS use different ports – HTTP port 80 and HTTPS port 443. Using HTTPS is much more helpful since it protects you from MITM attacks that can hijack your session. Remember, that for this method to work, you need to have an SSL already set up.

What is redirect URL in Nginx?

Redirection in Nginx The ability to forward the URL of the website to another address or point based on your criteria is an essential feature of the Nginx web server. An Nginx redirect is simple and easy to set up. Often users choose to redirect a page that has good SEO ranking.

How do I change the default URL in Nginx?

Restart the Nginx web server to put the changes into effect using the command: sudo systemctl restart Nginx If you wish to redirect from non-www to www, simply replace the website URL’s mentioned in the above command. Replace www.devisers.in with devisers.in and vice versa.

Can Nginx be used as a reverse proxy?

It can work as a reverse proxy or POP3/IMAP proxy. It is the third most popular web server and well known for its enhanced performance, ease of use and configuration, stability and minimum resource utilization. That’s why in this tutorial, we’ll show you how to use Nginx to redirect traffic in different ways.


2 Answers

When nginx encounters a https protocol it thinks it is still using http as the protocol and is not being forwarded with the rest of the headers, try adding:

proxy_set_header        X-Forwarded-Proto $scheme;

in your location blocks to fix it.

like image 131
John Avatar answered Oct 11 '22 23:10

John


I've toyed around with other answers but nothing worked for me. Then I realized since I use Cloudflare the problem may not be in the server but with Cloudflare. Lo and behold when I set my SSL to Full (Strict) everything works as it should!

enter image description here

like image 31
Zaki Aziz Avatar answered Oct 11 '22 21:10

Zaki Aziz