Hi
I’m trying to redirect all income request from http to https: i’ve
tried the rewrite module , but i always got the redirect in a loop
issue. please help.
server {
listen 80;
server_name www.domain.com domain.com;
rewrite ^(.*) https://$server_name$1 permanent;
'''''''
}
server {
listen 443;
server_name www.domain.com domain.com;
…
}
Thank You.
On Sun, Mar 08, 2009 at 09:28:46PM +0100, Steve Z. wrote:
Hi
I’m trying to redirect all income request from http to https: i’ve
tried the rewrite module , but i always got the redirect in a loop
issue. please help.
You need to enable SSL on port 443.
listen 443; server_name www.domain.com domain.com;
..... }
Best regards,
Grzegorz N. (replying by diffs is fun! ;))
Hi, thanks for the reply, i enable SSL on port 443, i just didn’t paste
it. Here is a more complete version. if i use https://domain.com, it
works no problem, just when i tried to redirect from http to https, it
went into a redirect loop…
server {
listen 80;
server_name www.domain.com domain.com;
rewrite ^(.*) https://$server_name$1 permanent;
location / {
# needed for HTTPS
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
server {
listen 443;
server_name www.domain.com domain.com;
ssl on;
ssl_certificate /path/myssl.crt;
ssl_certificate_key /path/myssl.key;
ssl_session_timeout 5m;
location / {
proxy_pass http://mysvr;
}
}
Thank You
Grzegorz N. wrote:
On Sun, Mar 08, 2009 at 09:28:46PM +0100, Steve Z. wrote:
Hi
I’m trying to redirect all income request from http to https: i’ve
tried the rewrite module , but i always got the redirect in a loop
issue. please help.You need to enable SSL on port 443.
listen 443; server_name www.domain.com domain.com;
- ssl_certificate /path/to/server.crt;
- ssl_certificate_key /path/to/server.key;
- ssl on;
..... }Best regards,
Grzegorz N. (replying by diffs is fun! ;))
On Sun, Mar 8, 2009 at 3:04 PM, Steve Z. [email protected] wrote:
Hi, thanks for the reply, i enable SSL on port 443, i just didn’t paste
it. Â Here is a more complete version. Â if i use https://domain.com, it
works no problem, just when i tried to redirect from http to https, it
went into a redirect loop…
i don’t see why it would be (first off)
try using lynx -mime_header http://foo.com/ and see what it says. i do
http to https all the time without an issue. you need to inspect the
headers and what is happening on the client side. firebug for firefox
or fiddler even could help too.
why do you have this chunk? these headers are being sent to the
upstream and there is no upstream.
location / {
        # needed for HTTPS
        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_set_header  X-Forwarded-For
$proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
    }
}
 location / {
   proxy_pass  http://mysvr;
this would be where you would put the proxy_set_headers
Hi mike, i have a upstream portion:
upstream mysvr {
server 127.0.0.1 weight=1;
}
Is there other things i’m missing besides rewrite module to do the
redirect from http to https? I’m still new to nginx. any help is
appreciated… Thank You
mike wrote:
On Sun, Mar 8, 2009 at 3:04 PM, Steve Z. [email protected] wrote:
Hi, thanks for the reply, i enable SSL on port 443, i just didn’t paste
it. Â Here is a more complete version. Â if i use https://domain.com, it
works no problem, just when i tried to redirect from http to https, it
went into a redirect loop…i don’t see why it would be (first off)
try using lynx -mime_header http://foo.com/ and see what it says. i do
http to https all the time without an issue. you need to inspect the
headers and what is happening on the client side. firebug for firefox
or fiddler even could help too.why do you have this chunk? these headers are being sent to the
upstream and there is no upstream.location / {
        # needed for HTTPS
        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_set_header  X-Forwarded-For
$proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
    }
}Â location / {
   proxy_pass  http://mysvr;this would be where you would put the proxy_set_headers
your proxy_set_header stuff would go where you proxy things, not on
your redirection
your http to https should be a simple
server {
listen 80;
server_name www.domain.com domain.com;
rewrite ^(.*) https://$server_name$1 permanent;
}
this is literally one i have working flawlessly (just changed the
domain):
server {
listen 80;
server_name foo.com bar.com;
rewrite ^/(.*) https://foo.com/$1 permanent;
}
Thanks mike, it’s working now, but i encounter another problem, every
time i visited the website, it had so many log entries, like few hundred
of them. all from the same ip address. Any ideas?
thank you
mike wrote:
your proxy_set_header stuff would go where you proxy things, not on
your redirectionyour http to https should be a simple
server {
listen 80;
server_name www.domain.com domain.com;
rewrite ^(.*) https://$server_name$1 permanent;
}this is literally one i have working flawlessly (just changed the
domain):server { listen 80; server_name foo.com bar.com; rewrite ^/(.*) https://foo.com/$1 permanent; }
No, only myself are testing the site, when i visiting the site, somehow
it generates so many log entries at the same time…
127.0.0.1 - main [09/Mar/2009:23:36:52 +0000] “GET /favicon.ico
HTTP/1.1” 302 161 “-” “Mozilla/5.0 (X11; U; Linux
i686; en-US; rv:1.9b5) Gecko/2008041514 Firefox/3.0b5”
127.0.0.1 - main [09/Mar/2009:23:36:52 +0000] “GET /favicon.ico
HTTP/1.1” 302 161 “-” “Mozilla/5.0 (X11; U; Linux
i686; en-US; rv:1.9b5) Gecko/2008041514 Firefox/3.0b5”
127.0.0.1 - main [09/Mar/2009:23:36:52 +0000] “GET /favicon.ico
HTTP/1.1” 302 161 “-” “Mozilla/5.0 (X11; U; Linux
i686; en-US; rv:1.9b5) Gecko/2008041514 Firefox/3.0b5”
127.0.0.1 - main [09/Mar/2009:23:36:52 +0000] “GET /favicon.ico
HTTP/1.1” 302 161 “-” “Mozilla/5.0 (X11; U; Linux
i686; en-US; rv:1.9b5) Gecko/2008041514 Firefox/3.0b5”
mike wrote:
a) is debugging on ?
b) maybe you’re getting flooded, or you’re popular somehow?
c) is it a search engine crawler, or some application like it? i’ve
been flooded with a bunch of requests per minute for weeks before we
noticed someone was hitting our website for no good reason…
a) is debugging on ?
b) maybe you’re getting flooded, or you’re popular somehow?
c) is it a search engine crawler, or some application like it? i’ve
been flooded with a bunch of requests per minute for weeks before we
noticed someone was hitting our website for no good reason…
no clue, maybe there’s multiple access log directives and each one is
active
i’d have to defer to igor to answer/ask the better questions
one more question, now the website can be redirect to https if i enter
http://domain.com/newpage.html, but i don’t know somehow if i only enter
http://domain.com/, but doesn’t redirect and outputs and redirect loop
error.
mike wrote:
no clue, maybe there’s multiple access log directives and each one is
activei’d have to defer to igor to answer/ask the better questions
curl -I http://yoursite/favicon.ico
I wouldn’t be supprised if you’re generating a redirect from
/favicon.ico to
favicon.ico.
Cheers
Dave
mike writes:
I didn’t redirect from /favicon.ico, i think this happens when it goes
into a loop, let’s say if i enter the http://domain.com/status, the log
will show as
127.0.0.1 - main [09/Mar/2009:23:36:52 +0000] “GET /status
HTTP/1.1” 302 161 “-” “Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5)
Gecko/2008041514 Firefox/3.0b5”
Only when i enter http://domain.com/ will show “/favicon.co” in the
log.
127.0.0.1 - main [09/Mar/2009:23:36:52 +0000] “GET /favicon.ico
HTTP/1.1” 302 161 “-” “Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5)
Gecko/2008041514 Firefox/3.0b5”
Dave C. wrote:
curl -I http://yoursite/favicon.ico
I wouldn’t be supprised if you’re generating a redirect from
/favicon.ico to
favicon.ico.Cheers
Dave
mike writes:
On Tue, Mar 10, 2009 at 07:02:57PM +0100, Steve Z. wrote:
127.0.0.1 - main [09/Mar/2009:23:36:52 +0000] “GET /favicon.ico
HTTP/1.1” 302 161 “-” “Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5)
Gecko/2008041514 Firefox/3.0b5”
Could you create a debug log:
./configure --with-debug …
nginx.conf:
error_log /path/to/log debug;
On Tue, Mar 10, 2009 at 08:51:23PM +0100, Steve Z. wrote:
2009/03/10 15:40:32 [notice] 15197#0: *4 rewritten redirect:
“www.domain.com”
127.0.0.1, server: www.domain.com, request: “GET / HTTP/1.0”, host:
“www.domain.com”…
2009/03/10 15:40:36 [notice] 15197#0: *42 rewritten redirect:
“https://www.domain.com/”, client: 127.0.0.1, server: www.domain.com,
request: “GET / HTTP/1.0”, host: “www.domain.com”
As client address is 127.0.0.1, it seems that your HTTPS proxy_pass
location / {
proxy_pass http://mysvr;
}
proxies just to your first server:
server {
listen 80;
server_name www.domain.com domain.com;
rewrite ^(.*) https://$server_name$1 permanent;
}
and here is a loop.
42 entries were logged…
1 "^/(.)" matches “/”, client: 10.10.10.10, server: www.domain.com,
request: “GET / HTTP/1.1”, host: “www.domain.com”
2009/03/10 15:40:31 [notice] 15197#0: *1 rewritten redirect:
“https://www.domain.com/”, client: 10.10.10.10, server: www.domain.com,
request: “GET / HTTP/1.1”, host: “www.domain.com”
2009/03/10 15:40:32 [notice] 15197#0: 4 "^/(.)" matches “/”, client:
127.0.0.1, server: www.domain.com, request: “GET / HTTP/1.0”, host:
“www.domain.com”
2009/03/10 15:40:32 [notice] 15197#0: *4 rewritten redirect:
“https://www.domain.com/”, client: 127.0.0.1, server: www.domain.com,
request: “GET / HTTP/1.0”, host: “www.domain.com”
2009/03/10 15:40:32 [notice] 15197#0: 6 "^/(.)" matches “/”, client:
127.0.0.1, server: www.domain.com, request: “GET / HTTP/1.0”, host:
“www.domain.com”
2009/03/10 15:40:32 [notice] 15197#0: *6 rewritten redirect:
“https://domain.com/”, client: 127.0.0.1, server: www.domain.com,
request: “GET / HTTP/1.0”, host: “www.domain.com”
2009/03/10 15:40:32 [notice] 15197#0: 8 "^/(.)" matches “/”, client:
127.0.0.1, server: www.domain.com, request: “GET / HTTP/1.0”, host:
“www.domain.com”
2009/03/10 15:40:32 [notice] 15197#0: *8 rewritten redirect:
“https://www.domain.com/”, client: 127.0.0.1, server: www.domain.com,
request: “GET / HTTP/1.0”, host: “www.domain.com”
2009/03/10 15:40:32 [notice] 15197#0: 10 "^/(.)" matches “/”, client:
127.0.0.1, server: www.domain.com, request: “GET / HTTP/1.0”, host:
“www.domain.com”
2009/03/10 15:40:32 [notice] 15197#0: *10 rewritten redirect:
“https://www.domain.com/”, client: 127.0.0.1, server: www.domain.com,
request: “GET / HTTP/1.0”, host: “www.domain.com”
2009/03/10 15:40:33 [notice] 15197#0: 12 "^/(.)" matches “/”, client:
127.0.0.1, server: www.domain.com, request: “GET / HTTP/1.0”, host:
“www.domain.com”
…
2009/03/10 15:40:36 [notice] 15197#0: *42 rewritten redirect:
“https://www.domain.com/”, client: 127.0.0.1, server: www.domain.com,
request: “GET / HTTP/1.0”, host: “www.domain.com”
Igor S. wrote:
On Tue, Mar 10, 2009 at 07:02:57PM +0100, Steve Z. wrote:
127.0.0.1 - main [09/Mar/2009:23:36:52 +0000] “GET /favicon.ico
HTTP/1.1” 302 161 “-” “Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5)
Gecko/2008041514 Firefox/3.0b5”Could you create a debug log:
./configure --with-debug …
nginx.conf:
error_log /path/to/log debug;
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs