Welcome! Log In Create A New Profile

Advanced

Scheme proxy/redirect issue

Posted by TheConsumer 
Scheme proxy/redirect issue
April 25, 2010 08:37AM
Hello, my apologies if this topic has already been covered. I have searched the forum (as well as Google) and was unable to find a relevant post/thread.

I have Nginx front-ending several Apache virtual hosts on port 80. I have a python web server behind the Nginx proxy listening on port 1213. I only want Nginx front-ending SSL for the Python app via desired.hostname.com. If I attempt to access any of the virtual hosts with HTTPS, I am able. It is as though the Nginx server is ignoring the server_name directive completely.

I have attempted to get around this issue by creating a second "server" instance (the one on top below), which _kinda_ works. the if/rewrite does redirect non-"desired.hostname.com" requests to Google, however, the HTTPS scheme is always preserved. I simply want to redirect users to another site (Google as an example), while also changing the scheme from HTTPS to HTTP.

nginx version: nginx/0.8.33
openSUSE 11.2 (i586)

Relevant config entries:

[code]
server {
listen 443 ssl;
ssl_certificate /etc/nginx/mycert.crt;
ssl_certificate_key /etc/nginx/mycert.pem;
if ($host != 'desired.hostname.com') {
rewrite ^/(.*)$ http://www.google.com/$1 redirect;
break;
}
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
root /home/username/www/;
index index.html;
}
}
server {
listen 443 ssl;
server_name desired.hostname.com;
ssl_certificate /etc/nginx/mycert.crt;
ssl_certificate_key /etc/nginx/mycert.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
access_log /var/log/nginx/access.ssl.log;
proxy_pass http://172.16.0.2:1213;
proxy_buffering on;
proxy_cache my-cache;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 10s;
}
}
[/code]
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 83
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready