TO_MANY_REDIRECTS when enabling redirect to https?

V

Vasily Alibabaevich2020-08-14 07:41:17

Nginx

Vasily Alibabaevich, 2020-08-14 07:41:17

Good afternoon.

Ask for help from the community. I've already broken my head. Bitrix site works.

There is a site.

Apache backend, nginx frontend.
Set up SSL. Everything is working. BUT! When you enable a redirect in Apache, the site immediately falls into the TO_MANY_REDIRECTS error

According to the logs, everything is clear.

Here is part of the apache config:

<VirtualHost *:80>
        ServerName site.ru
        ServerAlias www.site.ru
       Redirect / https://site.ru/
        DocumentRoot "/wwwroot/data"
        <Directory "/wwwroot/data">
                Options Indexes FollowSymLinks
                AllowOverride All
                Satisfy any
        </Directory>

        Alias /phpmyadmin/ "/wwwroot/phpmyadmin/"
        <Directory "/wwwroot/phpmyadmin">
                AllowOverride All
                Options FollowSymlinks
                Require all denied
                Require ip 192.168.29.2
        </Directory>
</VirtualHost>

Here is nginx:

server {
                resolver 8.8.8.8;
                listen 80;
                listen 443 ssl;

                #access_log off;
                ssl_certificate /usr/local/etc/nginx/certs/certificate.crt;
                ssl_certificate_key /usr/local/etc/nginx/certs/private.key;
                ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
                ssl_ciphers HIGH:!aNULL:!MD5;
                ssl_session_timeout  5m;
                #return 301 https://site.ru$request_uri;

                location / {
                        proxy_set_header X-Real-IP $remote_addr;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_set_header X-Forwarded-Proto $scheme;
                        proxy_set_header Host "site.ru";
                        proxy_pass_request_headers on;
                        proxy_cache all;
                        proxy_cache_key "$request_method|$is_args|$host|$request_uri";
                        proxy_cache_revalidate on;
                        proxy_cache_use_stale error timeout updating;
                        proxy_cache_bypass $cookie_nocache $arg_nocache;
                        proxy_ignore_headers "Set-Cookie";
                        proxy_cache_background_update on;
                        proxy_cache_lock on;
                        proxy_cache_valid any 15m;
                        proxy_cache_valid 404 502 503 1m;

                        proxy_cookie_domain 62.0.0.0 $host;
                        sub_filter      "62.0.0.0" $host;

                        proxy_pass $scheme://62.0.0.0;
                }

Tell me where to dig?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Dmitry, 2020-08-14
@dimitrius86

It's obvious.
If you have everything described in one block server , both http and https , then you need a condition:

if ($scheme = http) {
        return 301 https://site.ru$request_uri;
}

V

Viktor Taran, 2020-08-15
@shambler81

https://klondike-studio.ru/standards/standartnyy-h...
wrote here how to do it.
The reason is that all the mana and, as a result, the servers in the world are configured with an error and the host is not saved with nginx + apache,
but is replaced, and as a result of this moronic scheme, js suffers which needs to know what protocol it is currently on, well, redirects because the host is not matches what is needed, as a result, the redirect rule is triggered again.
In short, all you need is to choose a redirect that suits your configuration.
I gave examples in
the Bitrix CNC link to place at the very end