Comment on Force SSL in Nginx Proxy Manager
loganb@lemmy.world 1 year ago
If my understanding of how “force SSL” works for most proxies, it just simply issues a HTTP 300 redirect message for all http traffic coming in on port 80. It then sends everything to port 443 https.
Do you get a 502 when you try to connect with the force SSL turned off? It might me less of an issue with SSL and more that your proxy is not pointing to the right host / port of your nextcloud server.
beppi@sh.itjust.works 1 year ago
When I connect with it off, I am able to connect. If I use cloud… It connects, when I use cloud… The address bar changes to https and connects like normal.
It just feels weird using it with force SSL off, as if even though I’m always connecting with https I’m still leaking passwords
Sndr@feddit.nl 1 year ago
“Force SSL” forces your browser to redirect example.com to example.com, it doesn’t “force” SSL into the connection. As long as you’re connecting through HTTPS, the traffic is encrypted.
If your browser redirects you from http to https after you turn off Force SSL, there could be two things going on, both related to caching:
You can check both of these by clearing your browser cache for example.com (or in general).
beppi@sh.itjust.works 1 year ago
Thanks for the reply, yeah that’s what I thought it was meant to do, sorry for the confusion
Do you have any idea why setting it on would lead to “this page isn’t redirecting properly” in firefox?
redcalcium@lemmy.institute 1 year ago
Usually it’s due to the webapp not knowing that the request is actually already served under https by the reverse proxy, it think the request is still served over http so it issues a redirect to https, which leads to a redirect loop.