29 Jun 2012 15:59
Re: upstream server are always redirected as https
On 29 June 2012 08:10, henn1nk <nginx-forum@...> wrote: > I am always redirect to https://mydomain .... How can i STOP this? Nothing in the nginx config you posted is doing this. It's almost certainly your application that's choosing to issue the redirect. If I had to guess, I'd suggest that your app is redirecting you, a non-logged-in user, to a login page, which it insists on serving over HTTPS so your login creds can't get sniffed. You can verify that it's the app that's doing this by either * watching your app's (*not* nginx's) per-request logs and seeing a 301/302 get issued or * doing a "curl -v" against the URI you're hitting in your browser, and looking out for response headers that let you know it's definitely app responding, not nginx (for example "X-Powered-By:", etc) or * doing a "curl -v" against the app *directly*, without involving nginx, and seeing the 301/302 get issued. Something like that, anyway; I hope you get the idea. To stop this being a problem, you either need to * set up an SSL nginx server which informs the app that it's a secure connection or * lie to the app, and tell it that the HTTP connection is actually secure * tell the app not to insist on an SSL login. I'd suggest you do the first of these. The "X-Forwarded-Proto" header may be your friend. Have a google. HTH, Jonathan -- -- Jonathan Matthews Oxford, London, UK http://www.jpluscplusm.com/contact.html
RSS Feed