Spurious "/.com" inserted into URL

desiato · August 9, 2010, 8:04pm

(You can see this pretty-printed at
http://serverfault.com/questions/168098/nginx-just-started-inserting-spurious-coms-into-our-urls
)

I made some minor changes to our nginx config on Friday (deploying SSL
certs: adding a server listening on 443 with the appropriate settings
and adding a couple rewrite rules to forward certain requests to it) and
all of a sudden our URLs started getting extra "/.com"s inserted into
them. For example, clicking a link to http://domain.com/logout/ takes
the user to http://domain.com/logout/.com/. http://domain.com/register/
forwards to Website Domain Names, Online Stores & Hosting | Domain.com. This doesn’t happen with
a subdomain (e.g. http://production.domain.com/logout/ just works) and
it also doesn’t happen with https://domain.com/ (so right now, as a
workaround, the entire site is being served with https).

Our nginx serves static content and proxies dynamic requests to Apache,
which is pretty standard for Django. This had been working fine for
months; I have no idea why it stopped working. I can’t even be sure the
problem is at the nginx level, but that’s the only thing I changed, so
that’s where my attention has been.

Any help/suggestions would be greatly appreciated.

Here are the relevant config files (again, the link above has this
formatted nicely):

nginx.conf:

#######################################################################

This is the main Nginx configuration file.

More information about the configuration options is available on

* the English wiki - http://wiki.codemongers.com/Main

* the Russian documentation - nginx

#######################################################################

#----------------------------------------------------------------------

Main Module - directives that cover basic functionality

http://wiki.codemongers.com/NginxMainModule

#----------------------------------------------------------------------

user nginx;
worker_processes 4;

error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;

pid /var/run/nginx.pid;

#----------------------------------------------------------------------

Events Module

http://wiki.codemongers.com/NginxEventsModule

#----------------------------------------------------------------------

events {
worker_connections 1024;
}

#----------------------------------------------------------------------

HTTP Core Module

http://wiki.codemongers.com/NginxHttpCoreModule

#----------------------------------------------------------------------

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format  main  '$remote_addr - $remote_user [$time_local]
$request ’
'“$status” $body_bytes_sent “$http_referer” ’
‘“$http_user_agent” “$http_x_forwarded_for”’;
access_log  /var/log/nginx/access.log  main;

sendfile        on;

keepalive_timeout  65;

# Load config files from the /etc/nginx/conf.d directory
include /etc/nginx/conf.d/*.conf;

# the upstream apache server
upstream django {
    server  localhost:9000;
}

upstream blog {
    server  localhost:9001;
}

server {
    listen      80;
    server_name www.domain.com beta.domain.com;
    rewrite ^/(.*) http://domain.com/$1 permanent;
}


server {
    listen      80;
    server_name domain.com production.domain.com;
    root    /var/www/domain.com/;
    access_log  /var/log/nginx/domain.com.access.log;

    location ~ ^/blog/ {
        proxy_set_header     Host             $host;
        proxy_pass           http://blog;
    }

    location / {

        proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
        if (-f $request_filename/index.html) {
            rewrite (.*)    $1/index.html break;
        }

        if ($request_filename ~ "/register/") {
            rewrite ^/(.*)  https://domain.com/$1 permanent;
        }

        if ($request_filename ~ "/accounts/subscription/") {
            rewrite ^/(.*)  https://domain.com/$1 permanent;
        }

        # temporary workaround for weird .com bug
        rewrite ^/(.*)  https://domain.com/$1 permanent;

        if (!-f $request_filename) {
            proxy_pass         http://django;
        }
    }
}

server {
    listen 443;
    server_name domain.com production.domain.com;
    root /var/www/domain.com/;
    access_log /var/log/nginx/domain.com.https.access.log;
    error_log /var/log/nginx/domain.com.https.error.log;

    ssl on;
    ssl_certificate /etc/nginx/conf.d/full.crt;
    ssl_certificate_key /etc/nginx/conf.d/pass_server.key;
    ssl_prefer_server_ciphers on;

    location / {

        if (-f $request_filename/index.html) {
            rewrite (.*) $1/index.html break;
        }
        if (!-f $request_filename) {
            proxy_pass http://django;
        }

conf.d/virtual.conf:

server {
listen 80;
server_name 11.22.33.44;
root /var/www/domain.com/;
access_log /var/log/nginx/domain.com.directip.access.log;
location / {
    if (-f $request_filename/index.html) {
        rewrite (.*)    $1/index.html break;
    }
    if (!-f $request_filename) {
        proxy_pass         http://django;
    }
}
}

Posted at Nginx Forum:

desiato · August 9, 2010, 8:13pm

Hi, I’d suggest changing

Â Â server {
Â Â Â Â listen Â Â Â 80;
Â Â Â Â server_name domain.com production.domain.com;
Â Â Â Â root Â Â /var/www/domain.com/;

to root /var/www/domain.com;

and re-check your regexes, but that’s just a newbie hint.

–
()Â ascii-rubanda kampajno - kontraÅ html-a retpoÅto
/\Â ascii ribbon campaign - against html e-mail

desiato · August 9, 2010, 10:16pm

On Mon, Aug 09, 2010 at 07:12:11PM +0100, Nuno Magalhães wrote:

Hi, I’d suggest changing

server {
listen 80;
server_name domain.com production.domain.com;
root /var/www/domain.com/;

to root /var/www/domain.com;

No, the trailing slash in root can not do this.

and re-check your regexes, but that’s just a newbie hint.

–
Igor S.
http://sysoev.ru/en/

desiato · August 9, 2010, 11:26pm

Thanks Igor, will do. However, logging that means disabling my
workaround on production, and I can’t really do that during the
day…but I’ll give it a shot tonight, when our users are mostly
asleep.

Igor S. Wrote:

–
Igor S.
Igor Sysoev

nginx mailing list
[email protected]
nginx Info Page

Posted at Nginx Forum:

desiato · August 9, 2010, 10:24pm

On Mon, Aug 09, 2010 at 02:03:27PM -0400, desiato wrote:

forwards to Website Domain Names, Online Stores & Hosting - Domain.com. This doesn’t happen with
Any help/suggestions would be greatly appreciated.
Try to log $sent_http_location and $upstream_http_location to
see who sent wrong redirects.

* the English wiki - http://wiki.codemongers.com/Main

default_type  application/octet-stream;
keepalive_timeout  65;
    server  localhost:9001;
    listen      80;

            rewrite ^/(.*)  https://domain.com/$1 permanent;
            proxy_pass         http://django;
        }
    }

This configuration should rewritten as

     location / {
         try_files  $uri/index.html  $uri  @django;
     }

     location @django {
         proxy_set_header X-Forwarded-For

$proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://django;
}

     location /register/ {
         rewrite ^/(.*)  https://domain.com/$1 permanent;
     }

     location /accounts/subscription/ {
         rewrite ^/(.*)  https://domain.com/$1 permanent;
     }

    ssl_certificate /etc/nginx/conf.d/full.crt;
        }

location / {
try_files $uri/index.html $uri @django;
}

     location @django {
         proxy_pass         http://django;
     }

location / {
    if (-f $request_filename/index.html) {
        rewrite (.*)    $1/index.html break;
    }
    if (!-f $request_filename) {
        proxy_pass         http://django;
    }
}

}
[/quote]

–
Igor S.
http://sysoev.ru/en/

desiato · August 10, 2010, 6:35am

Thanks, proxy_redirect off; seems to have done the trick. Really
weird behavior…

Posted at Nginx Forum:

desiato · August 9, 2010, 11:28pm

Hello!

On Mon, Aug 09, 2010 at 02:03:27PM -0400, desiato wrote:

forwards to Website Domain Names, Online Stores & Hosting - Domain.com. This doesn’t happen with
a subdomain (e.g. http://production.domain.com/logout/ just works) and
it also doesn’t happen with https://domain.com/ (so right now, as a
workaround, the entire site is being served with https).

I can’t say for sure as you stripped lots of details from your
report, but it sounds similar to the following issue (mostly in
Russian):

http://nginx.org/pipermail/nginx-ru/2010-February/032586.html

Try using “proxy_redirect off;” to see if it helps.

If it doesn’t - please provide debug log. See here for details:

http://nginx.org/en/docs/debugging_log.html

Maxim D.