Hello,
On Fri, Aug 12, 2016 at 02:08:55PM -0400, Jeff Dyke wrote:
> i have configured haproxy 1.6 and nginx 1.10.1 and all is well, but i'd
> like to be able to access the servers directly on occasion and not through
> haproxy. Mainly this is done for troubleshooting or viewing a release
> before it goes out to the public (its off the LB at the time).
>
> Unfortunately accessing the server directly gives me a 400 and the logs
> show Broken Header error messages. Is there a way around this without
> removing proxy_protocol from the vhost configuration?
>
> Thanks
>
> minimal config:
> server {
> listen 443 ssl http2 default_server proxy_protocol;
> // other stuff
> set_real_ip_from XXX.XXX.XX.XX;
> set_real_ip_from NNN.NNN.NNN.NNN;
> real_ip_header proxy_protocol;
> // more stuff
> }
>
> Example error.log entry
> VX�www.example.com#" while reading PROXY protocol, client: YY.YY.YY.YY,
> server: 0.0.0.0:8000
> 2016/08/11 11:25:28 [error] 23818#23818: *1445 broken header: "illegible
> characters"
You can add another "listen" directive without the proxy_protocol option.
Nginx will always expect the PROXY protocol header if it's specified in the
"listen" directive.
--
Roman Arutyunyan
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
