ssl – Nginx does redirect, not proxy

ssl – Nginx does redirect, not proxy

You have to use the proxy_redirect to handle the redirection.

 Sets the text that should be changed in the “Location” and “Refresh” header fields of a 
 proxied server response. Suppose a proxied server returned the header field 
 “Location:https://myserver/uri/”. The directive
 will rewrite this string to “Location: http://nginx_server:8080/uri/”. 

Example:

 proxy_redirect https://myserver/ http://nginx_server:8080/;

Source: http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_redirect

You can setup nginx like this if you do not want the server to do redirects:

server
{
    listen 80;
    server_name YOUR.OWN.DOMAIN.URL;
    location / {
        proxy_pass http://THE.SITE.URL.YOU.WANT.TO.DELEGAGE/;
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

ssl – Nginx does redirect, not proxy

For me, this config was sufficient:

events {
}

http {
    server {
        location / {
            resolver 8.8.8.8;
            proxy_pass https://www.example.com$request_uri;
        }
    }
}

(Note that the resolver directive has nothing to do with the problem in the OP, I just needed it to be able to proxy an external domain such as example.com)

The problem for me was just that I was missing the www. in www.example.com. In the Firefox developers console, I could see the GET request to localhost coming back with a 301, and so I thought that NGINX was issuing 301s instead of just mirroring example.com. Not so: in fact the problem was that example.com was returning 301s to redirect to www.example.com, NGINX was dutifully mirroring those 301s, and then Firefox changed the URL (followed the redirect) straight from localhost to www.example.com.

Leave a Reply

Your email address will not be published.