Re: Port redirect in URL

Thu, 21 Apr 2016 07:41:49 -0700 

Hello,

On 4/21/16 10:17 AM, Igor Sysoev wrote:

On 21 Apr 2016, at 17:14, Igor Sysoev <i...@sysoev.ru> wrote:


On 21 Apr 2016, at 17:09, Jim Ohlstein <j...@ohlste.in> wrote:


Hello,

I'm going a bit crazy here and hoping for some help. I've set up a new Mailman 
installation on FreeBSD. The system is set as follows:

Web <-> nginx SSL termination and reverse proxy <-> nginx + fcgiwrap + Mailman

When I try to access https://lists.mydomain.com or https://lists.mydomain.com/ 
it redirects me to https://lists.mydomain.com:8000/mailman/listinfo which of 
course fails.

If I access https://lists.mydomain.com/mailman/listinfo directly or any URL 
except the main one, it works as expected.

I have tried multiple options including:

port_in_redirect off;
proxy_bind $host:443;
proxy_redirect off;

Nothing seems to be working.
Proxy settings for nginx front end: server

   location / {
       proxy_pass http://10.0.250.37:8000;
       proxy_set_header    X-Real-IP   $remote_addr;
       proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto   $scheme;
       proxy_http_version 1.1;
       proxy_set_header Connection "";
       proxy_redirect   off;
       proxy_set_header   Host  $host;

        [snip]
   }

Backend server uses fastcgi for Python via fcgiwrap. Any help would be 
appreciated.


proxy_redirect  on;


Sorry, no.

proxy_redirect  https://lists.mydomain.com:8000/  /;
Same result. I believe I had tried it already. To make certain I wasn't seeing a cached response I checked with curl: 

curl -I https://lists.mydomain.com
HTTP/1.1 301 Moved Permanently
Server: nginx/1.9.14
Date: Thu, 21 Apr 2016 14:34:27 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://lists.mydomain.com:8000/mailman/listinfo
Strict-Transport-Security: max-age=31536000

So it's actually redirecting to http. I have

fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;

set on the backend server so this is puzzling.


--
Jim Ohlstein
"Never argue with a fool, onlookers may not be able to tell the difference." - Mark Twain 

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply via email to