Comment

Comment on Force SSL in Nginx Proxy Manager

<- View Parent

beppi@sh.itjust.works ⁨1⁩ ⁨year⁩ ago

Thanks for the reply, yeah that’s what I thought it was meant to do, sorry for the confusion

Do you have any idea why setting it on would lead to “this page isn’t redirecting properly” in firefox?

source

Sort:hotnew top

redcalcium@lemmy.institute ⁨1⁩ ⁨year⁩ ago
Usually it’s due to the webapp not knowing that the request is actually already served under https by the reverse proxy, it think the request is still served over http so it issues a redirect to https, which leads to a redirect loop.

source
- beppi@sh.itjust.works ⁨1⁩ ⁨year⁩ ago
  Alright that makes sense, do you know how to solve that if that webapp is nextcloud aio?
  
  source
  - redcalcium@lemmy.institute ⁨1⁩ ⁨year⁩ ago
    I just remember nextcloud has trusted_proxies option located in config/config.php file. Not configuring it (or configured it wrong) can cause nextcloud to not trust the HTTP_X_FORWARDED_PROTO header it received (it assumed to be spoofed).
    
    docs.nextcloud.com/…/reverse_proxy_configuration.…
    
    source
  - redcalcium@lemmy.institute ⁨1⁩ ⁨year⁩ ago
    I’m not sure what happened in your setup, but here is how https handling should works:
    
    users request example.com to your reverse proxy
    
    reverse proxy pass the requests to upstream server, but using http instead. It also add HTTP_X_FORWARDED_PROTO header to let the upstream server know that even though the request is over http, the end user actually served over https so it should assume the connection as https
    
    the upstream server return a response, it take into accounts that the request is already done via https (e.g. generating links with https:// prefix, etc).
    
    I think this chain is broken somewhere in your setup and cause nextcloud to not receive the HTTP_X_FORWARDED_PROTO header from nginx proxy.
    
    source