Welcome! Log In Create A New Profile

Advanced

NGINX: Reverse Proxy (SSL) with non-ssl backend

Nelson Manuel Marques
May 26, 2014 05:12AM
Hi,

I currently run a small system which consists on an Apache HTTP with PHP (8080) backend (no SSL on localhost) with a Varnish HTTP accelerator on Port 9000 (localhost) and a NGINX reverse proxy (SSL).

I am facing a small issue with this setup, mainly, when I select checkboxes and friends and hit submit (ex; application setup) nothing happens… Boxes get unticket and I remain in the same screen. If bind Apache or Varnish on all interfaces and hit their ports directly, everything works. I believe this might be an issue with my nginx setup.

My nginx configuration (vhost, nginx.conf is the default):



server {
listen 80;
server_name foobar.local;
return 301 https://foobar.local/$request_uri;
}

server {
listen 443 ssl;
server_name foobar.local;
# virtual host error and access logs in /var/log/nginx
access_log /var/log/nginx/foobar.local-access.log;
error_log /var/log/nginx/foobar.local.vm-error.log;
# gzip compression configuration
gzip on;
gzip_comp_level 7;
gzip_min_length 1000;
gzip_proxied any;
# SSL configuration; generated cert
keepalive_timeout 60;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DS
S;
ssl_certificate /etc/nginx/certs/self-ssl.crt;
ssl_certificate_key /etc/nginx/certs/self-ssl.key;
ssl_session_cache shared:SSL:5m;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;

client_max_body_size 2M;

location / {
proxy_pass http://127.0.0.1:8080/;
add_header Front-End-Https on;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
#proxy_set_header Accept-Encoding "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
allow all;
proxy_ignore_client_abort on;
proxy_redirect off;
}
}

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

NGINX: Reverse Proxy (SSL) with non-ssl backend

Nelson Manuel Marques May 26, 2014 05:12AM

Re: NGINX: Reverse Proxy (SSL) with non-ssl backend

Francis Daly May 28, 2014 07:08PM

Re: NGINX: Reverse Proxy (SSL) with non-ssl backend

Steve Wilson May 28, 2014 07:16PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 100
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready