1

We have a server setup for reverse proxy using nginx. This server will redirect visitors to the corresponding server in which path they are accessed. Now, I want to set up the nginx.conf to force redirect them to https. The problem is I am getting a "too many redirection" error. I tried using a rewrite and adding "proxy_set_header X-Forwarded-Proto https;" but none of it works. Is there a way we can achieve this? We have set up a ssl cert on cloudflare so we won't need to add it on the config.

Below is the config setting of the current nginx.

   server {
    listen       80 default_server;
    listen       [::]:80 default_server;
    server_name  localhost;
    root         /usr/share/nginx/html;

   if ($http_x_forwarded_proto = "http") {
      rewrite  ^/(.*)$  https://development-link/$1 permanent;
   }

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header Host $host;
            proxy_pass http://development-elb1;
            proxy_set_header X-Forwarded-Proto https;
    }

    location /en {
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header Host $host;
            proxy_pass http://development-elb2;
            proxy_set_header    X-Forwarded-Proto https;
    }
Improve this question

2 Answers 2

Reset to default
6

Use a separate block.

# Redirect HTTP to HTTPS
server {
    listen       80 default_server;
    listen       [::]:80 default_server;
    server_name  localhost;
    return 301   https://$host$request_uri;
}

# HTTPS
server {
    listen       443 default_server;
    listen       [::]:443 default_server;
    server_name  localhost;
    root         /usr/share/nginx/html;       

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://development-elb1;
        proxy_set_header X-Forwarded-Proto https;
    }

    location /en {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://development-elb2;
        proxy_set_header    X-Forwarded-Proto https;
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Hi, thanks for the response. I tried using a separate block but I am still getting the "too many redirect error".
Do you have any HTTP/HTTPS redirection from the development servers?
no, the redirection we have on the development is when the user is not logged in. I am thinking that it may be because of the proxy? Not really sure, but we have 2 servers when a user access a link without /en then it will be redirected to server 1 but if it has a /en then it will go to server 2 elb.
I hit a "too many redirects" error because I forgot to separate the server block by port (e.g. one for 80, one for 443), causing it to infinitely redirect.
0

So you are using cloudflare as your DNS.

There is a very easy hack to force the users to https even if you are using free version of cloudflare at the cloudflare end. And just host http version at your Nginx.

1- Open cloudflare and choose your domain.

2- Go to Page Rules tab.

3- Create page rule

4- for the url, put http://www.example.com/*

5- for setting, choose always use https

6- Click Save and deploy

Now you have configured at your cloudflare to force user to redirect to https url.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.