Answer the question
In order to leave comments, you need to log in
B
B
b4rret2020-12-15 14:19:12
b4rret, 2020-12-15 14:19:12
Why is there a redirect to the wrong protocol?
There is the following config. When accessing https://site.ru/path/ , the server sends a response with a header, i.e. to http and not to https
Location: http://site.ru/api/path
server {
server_name site.ru www.site.ru;
charset off;
index index.php index.html;
disable_symlinks if_not_owner from=$root_path;
include /etc/nginx/vhosts-includes/*.conf;
include /etc/nginx/vhosts-resources/site.ru/*.conf;
access_log /var/www/httpd-logs/site.ru.access.log;
error_log /var/www/httpd-logs/site.ru.error.log notice;
ssi on;
set $root_path /var/www/www-root/data/www/site.ru/public;
root $root_path;
location / {
location ~ [^/]\.ph(p\d*|tml)$ {
try_files /does_not_exists @fallback;
}
location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
try_files $uri $uri/ @fallback;
}
location / {
try_files /does_not_exists @fallback;
}
}
location @fallback {
proxy_pass http://127.0.0.1:8080;
proxy_redirect http://127.0.0.1:8080 /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
access_log off;
}
return 301 https://$host:443$request_uri;
listen 194.67.110.127:80 default_server;
listen [2a00:f940:2:1:2:0:1:53a3]:80 default_server;
}
server {
server_name site.ru www.site.ru;
ssl_certificate "/var/www/httpd-cert/www-root/site.ru REG.RU.crtca";
ssl_certificate_key "/var/www/httpd-cert/www-root/site.ru REG.RU.key";
ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:!NULL:!RC4;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000;";
ssl_dhparam /etc/ssl/certs/dhparam4096.pem;
charset off;
index index.php index.html;
disable_symlinks if_not_owner from=$root_path;
include /etc/nginx/vhosts-includes/*.conf;
include /etc/nginx/vhosts-resources/site.ru/*.conf;
access_log /var/www/httpd-logs/site.ru.access.log;
error_log /var/www/httpd-logs/site.ru.error.log notice;
ssi on;
set $root_path /var/www/www-root/data/www/site.ru/public;
root $root_path;
location / {
location ~ [^/]\.ph(p\d*|tml)$ {
try_files /does_not_exists @fallback;
}
location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
try_files $uri $uri/ @fallback;
}
location / {
try_files /does_not_exists @fallback;
}
}
location @fallback {
proxy_pass http://127.0.0.1:8080;
proxy_redirect http://127.0.0.1:8080 /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
access_log off;
}
listen 194.67.110.127:443 ssl default_server;
listen [2a00:f940:2:1:2:0:1:53a3]:443 ssl default_server;
}
Similar questions
A
V
B
K
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question