A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from http://stackoverflow.com/questions/23121800/nginx-redirect-loop-with-ssl below:

nginx redirect loop with ssl

This is a very similar problem to Nginx configuration leads to endless redirect loop but that discussion has not led me to an answer yet. I'm learning how to work with nginx and ssl and everything works perfectly on the regular http:// example.com side of things, but when routing to the https:// example.com/admin I instead see:

This webpage has a redirect loop

Here is my config file:

map $uri $example_org_preferred_proto {
        default "http";
        ~^/(images|css|javascript)/ "none";
        ~^/admin/ "https";
}

server {
    listen 80;
    root /usr/share/nginx/www/example.com/blog;

    server_name example.com;
        if ($example_org_preferred_proto = "https")
            return 301 https://example.com$request_uri;
        }

    location ~ / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:2368;
    }

}

server {
    listen 443;
    ssl on;
    root /usr/share/nginx/www/example.com/blog;

    server_name example.com;
    ssl_certificate /usr/share/nginx/<redacted>.crt;
    ssl_certificate_key /usr/share/nginx/<redacted>.key;
    if ($example_org_preferred_proto = "http") {
        return 301 http://example.com$request_uri;
    }

    location ~ / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:2368;
    }


}

Basically what I want to accomplish is having a site that normally runs unencrypted, but when I point to my admin page the browser redirects to https and encrypts my login.

Note: the mapping idea came from http://www.redant.com.au/ruby-on-rails-devops/manage-ssl-redirection-in-nginx-using-maps-and-save-the-universe/ and seems like a much better approach than using rewrite

asked Apr 16, 2014 at 23:09

stovesstoves

81811 gold badge1212 silver badges2525 bronze badges

When nginx encounters a https protocol it thinks it is still using http as the protocol and is not being forwarded with the rest of the headers, try adding:

proxy_set_header        X-Forwarded-Proto $scheme;

in your location blocks to fix it.

answered Apr 17, 2014 at 10:08

JohnJohn

90799 silver badges1919 bronze badges

1

I've toyed around with other answers but nothing worked for me. Then I realized since I use Cloudflare the problem may not be in the server but with Cloudflare. Lo and behold when I set my SSL to Full (Strict) everything works as it should!

answered May 31, 2019 at 0:27

Zaki AzizZaki Aziz

3,9121212 gold badges4646 silver badges6565 bronze badges

3

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4