Welcome! Log In Create A New Profile

Advanced

Nginx, HAPrpxy, redirecting will never complete

Posted by worker_processes 
Nginx, HAPrpxy, redirecting will never complete
February 09, 2017 01:18PM
Hi to community.
Want to ask some help, but we are faced with a simple problem, i hope.
HaProxy must Implement SSL termination and turn http to https, and stands between Nginx and the World.
The Nginx and HaProxy are connected through the socket - haproxy.sock

My software: nginx-devel 1.11.7
HA-Proxy 1.7.2

NGINX HTTP only

THE WORLD <-->-HTTPS--public_IP:443 --<-haproxy.sock->--HTTP--Frontend <-> Backend <-> Varnish, PHP-FPM


The problem:
HAProxy returns to the World:
---------------------------------------------
The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
This problem can sometimes be caused by disabling or refusing to accept cookies.
--------------------------------------------

But the backend is working and returns all pages correctly.
Besides, the robots.txt is accessible from the world.


nginx.conf
--------------------------

load_module /usr/local/libexec/nginx/ngx_mail_module.so;
load_module /usr/local/libexec/nginx/ngx_stream_module.so;

user www;
worker_processes auto;
worker_rlimit_nofile 40000;
pid /var/run/nginx.pid;

events {
worker_connections 1024;
multi_accept on;

}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;
server_tokens off;

map $http_x_forwarded_proto $fastcgi_https {
default off;
https on;
}

# BackEnd
server {
listen X.X.X.X:80;
listen 127.0.0.1:8080; #For Varnish

server_name mydomain.com;
root /site/root/dir;
index index.php index.html index.htm;
error_page 404 /404.html;
server_tokens off;
error_page 404 500 502 503 504 = /404.html;

rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
rewrite ^/([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$1$2$3.jpg last;
rewrite ^/([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
rewrite ^/([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
rewrite ^/c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/c/$1$2$3.jpg last;
rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ /img/c/$1$2.jpg last;
rewrite ^/images_ie/?([^/]+)\.(jpe?g|png|gif)$ /js/jquery/plugins/fancybox/images/$1.$2 last;
try_files $uri $uri/ /index.php$is_args$args;
error_page 404 /index.php?controller=404;

location / {
fastcgi_index index.php;
try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
try_files $uri $uri/ /index.php?$args;
}

location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|js|woff|woff2)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
try_files $uri $uri/ /index.php?$args;
}

# HTTP Frontend

server {

listen unix:/path/to/haproxy.sock;
set_real_ip_from unix:;
real_ip_header X-Forwarded-For;
server_name mydomain.com;
proxy_headers_hash_max_size 512;
gzip on;
gzip_min_length 1024;
gzip_buffers 40 8k;
gzip_comp_level 6;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
gzip_disable "msie6";
gzip_proxied expired no-cache no-store private auth;
sendfile on;
tcp_nopush on;

location / {
proxy_pass http://127.0.0.1:80; #Varnish
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|js|woff|woff2|ttf)$ {
root /site/root/dir;
proxy_ignore_headers Cache-Control Expires;
add_header Cache-Control public;
expires max;
access_log off;
}

location = /robots.txt {
root /site/root/dir;
auth_basic off;
allow all;
log_not_found off;
access_log off;
}

}

---------------------------------------------------------

HAProxy request log: - Error.
----------------------------------
00000013:www-https.clireq[0008:ffffffff]: GET /index.php HTTP/1.1
00000013:www-https.clihdr[0008:ffffffff]: Host: mydomain.com
00000013:www-https.clihdr[0008:ffffffff]: User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0
00000013:www-https.clihdr[0008:ffffffff]: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
00000013:www-https.clihdr[0008:ffffffff]: Accept-Language: en-US,en;q=0.5
00000013:www-https.clihdr[0008:ffffffff]: Accept-Encoding: gzip, deflate
00000013:www-https.clihdr[0008:ffffffff]: Connection: keep-alive
00000013:www-https.clihdr[0008:ffffffff]: Cache-Control: max-age=0
00000013:www-backend.srvrep[0008:0009]: HTTP/1.1 301 Moved
00000013:www-backend.srvhdr[0008:0009]: Server: nginx
00000013:www-backend.srvhdr[0008:0009]: Date: Thu, 09 Feb 2017 16:46:10 GMT
00000013:www-backend.srvhdr[0008:0009]: Content-Type: text/html; charset=utf-8
00000013:www-backend.srvhdr[0008:0009]: Content-Length: 20
00000013:www-backend.srvhdr[0008:0009]: Connection: close
00000013:www-backend.srvhdr[0008:0009]: Cache-Control: no-cache
00000013:www-backend.srvhdr[0008:0009]: Location: http://mydomain.com/index.php
00000013:www-backend.srvhdr[0008:0009]: Content-Encoding: gzip
00000013:www-backend.srvhdr[0008:0009]: Vary: Accept-Encoding
00000013:www-backend.srvhdr[0008:0009]: Age: 0
00000015:www-https.clicls[0008:ffffffff]
00000015:www-https.closed[0008:ffffffff]

--------------------------------------------------


HAProxy robots.txt request log: success
---------------------------------------------------
00000000:www-https.accept(0006)=0008 from [207.244.70.35:36957]
00000000:www-https.clireq[0008:ffffffff]: GET /robots.txt HTTP/1.1
00000000:www-https.clihdr[0008:ffffffff]: Host: mydomain.com
00000000:www-https.clihdr[0008:ffffffff]: User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0
00000000:www-https.clihdr[0008:ffffffff]: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
00000000:www-https.clihdr[0008:ffffffff]: Accept-Language: en-US,en;q=0.5
00000000:www-https.clihdr[0008:ffffffff]: Accept-Encoding: gzip, deflate
00000000:www-https.clihdr[0008:ffffffff]: Connection: keep-alive
00000000:www-https.clihdr[0008:ffffffff]: Cache-Control: max-age=0
00000000:www-backend.srvrep[0008:0009]: HTTP/1.1 200 OK
00000000:www-backend.srvhdr[0008:0009]: Server: nginx
00000000:www-backend.srvhdr[0008:0009]: Date: Thu, 09 Feb 2017 16:43:12 GMT
00000000:www-backend.srvhdr[0008:0009]: Content-Type: text/plain
00000000:www-backend.srvhdr[0008:0009]: Last-Modified: Sun, 18 Dec 2016 04:42:43 GMT
00000000:www-backend.srvhdr[0008:0009]: Transfer-Encoding: chunked
00000000:www-backend.srvhdr[0008:0009]: Connection: close
00000000:www-backend.srvhdr[0008:0009]: ETag: W/"585613c3-679"
00000000:www-backend.srvhdr[0008:0009]: Content-Encoding: gzip
-----------------------------------------------------------------------------

Since the robots.txt returns to the world correctly, my problem in the nginx.conf, i think.
I just in a deadlock, my brain does not working at all today ..... please, help me.
Re: Nginx, HAPrpxy, redirecting will never complete
February 09, 2017 01:54PM
Nginx.log has only one string

----------------------------------------------------------------------------------------
2017/02/10 00:33:10 [info] 3106#100490: *3 kevent() reported that client 127.0.0.1 closed keepalive connection
-----------------------------------------------------------------------------------------

As we can see, an error request log has a string:
-------------------------------------------------------------
Location: http://mydomain.com/index.php
----------------------------------------------------------
But it must be HTTPS, it is obviously. But what i have to change in nginx.conf?
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 57
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready