# Nginx proxy just returns 302 found and creates a loop

## 102039

Hi,

I recently migrated one Apache server to Nginx. The Apache server had one main domain, where several subfolders are forwarded to other servers, where Java applications are listening for incoming calls. The proxy is also used to deliver SSL encrypted connections to the clients accessing. With Apache everything worked fine, with Nginx I receive a 302 FOUND response including a location header, which refers to the hosted domain, which of course ends in a loop, because the client browser tries to follow the location redirection and ends up at the same domain.

Here are both configs (Apache and Nginx):

```

<VirtualHost *:80>

ServerAdmin <admin_mail_here>

ServerName <local_server_domain>

RewriteEngine on

RewriteCond %{SERVER_PORT} !=443

RewriteCond %{REQUEST_URI} !^/rpc

RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [NC,R=301,L]

ProxyPass /rpc http://<local_server_ip>:7777/rpc

ProxyPassReverse /rpc http://<local_server_ip>:7777/rpc

</VirtualHost>

Listen <local_server_ip>:443

<VirtualHost <local_server_ip>:443>

ServerAdmin <admin_mail_here>

ServerName <local_server_domain>

SSLEngine On

SSLCertificateFile /etc/apache2/ssl/<certificate_name>.crt

SSLCertificateKeyFile /etc/apache2/ssl/<certificate_name.key

SSLCipherSuite ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

ProxyPass /server1 http://local_server_ip>:7777

ProxyPassReverse /server1 http://<server1_ip>:7777

ProxyPass /server2 http://<remote_server_ip>:7777

ProxyPassReverse /server2 http://<remote_server_ip>:7777

ProxyPass /server1 !

ProxyPass /server2 !

ProxyPass / http://<local_server_ip>:7777/

ProxyPassReverse / http://<local_server_ip>:7777/

</VirtualHost>

```

```

server {

listen <local_server_ip>;

server_name <local_server_domain>;

location / {

rewrite ^ https://$server_name$request_uri? permanent;

}

location /rpc {

proxy_pass http://<local_server_ip>:7777/rpc;

}

}

server {

listen <local_server_ip>:443;

server_name <local_server_domain>;

ssl on;

ssl_certificate /etc/nginx/ssl/<certificate_name>.chained.crt;

ssl_certificate_key /etc/nginx/ssl/<certificate_name>.key;

location / {

proxy_pass http://local_server_ip>:7777

}

location /server1 {

proxy_pass http://<local_server_ip>:7777;

}

location /server2 {

proxy_pass http://remote_server_ip>:7777;

}

}

```

Proxy parameters for Nginx:

```

# proxy settings

proxy_redirect off;

#client_max_body_size 10m;

client_body_buffer_size 128k;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-Host $host;

proxy_set_header X-Forwarded-Server $host;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_max_temp_file_size 0;

proxy_connect_timeout 90;

proxy_send_timeout 90;

proxy_read_timeout 90;

proxy_buffer_size 4k;

proxy_buffers 4 32k;

proxy_busy_buffers_size 64k;

proxy_temp_file_write_size 64k;

```

Any idea why this could be happening?

----------

## nativemad

Hi,

Nginx doesn't know about ProxyPassReverse...  :Wink: 

http://wiki.nginx.org/LikeApache

HTH, Cheers

----------

## 102039

Hi nativemad,

thanks for your answer. I checked that Wiki entry already and tried to insert something like

```
proxy_redirect http://<local_server_ip>:7777 /server1;
```

but it didnt work either. Any other idea?

----------

## nativemad

I've got the following working for a http/s redirection (not all options are really necessary, but sometimes also useful):

```
        server {

                listen          172.18.1.21:80;

                server_name     mail.nativenet.ch;

                rewrite ^(.*) https://mail.nativenet.ch$1 redirect;

                access_log      /var/log/nginx/mail.access_log main;

                error_log       /var/log/nginx/mail.error_log info;

}

        server {

                listen          172.18.1.21:443;

                server_name     mail.nativenet.ch;

                ssl on;

                ssl_certificate         /etc/ssl/nginx/mail.crt;

                ssl_certificate_key     /etc/ssl/nginx/mail.key;

                access_log      /var/log/nginx/mail.ssl_access_log main;

                error_log       /var/log/nginx/mail.ssl_error_log info;

location / {

                proxy_pass         http://10.0.0.31/;

                proxy_set_header   X-Real-IP        $remote_addr;

                proxy_set_header   Host             $host;

                proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;

                client_max_body_size       10m;

                client_body_buffer_size    128k;

                client_body_temp_path      /var/nginx/client_body_temp;

                proxy_connect_timeout      360;

                proxy_send_timeout         360;

                proxy_read_timeout         360;

                proxy_buffer_size           4k;

                proxy_buffers            4 32k;

                proxy_busy_buffers_size    64k;

                proxy_temp_file_write_size 64k;

                proxy_temp_path            /var/nginx/proxy_temp;

            }

        }
```

A simpler config for http looks like this (but be aware that i use /etc/hosts to tell nginx that www.DOMAINNAME.ch [from the proxy-_pass option] is an internal ip... [i have to use hostnames instead of directly the internal ip]}:

```
server {

        listen 172.18.1.22;

        server_name www.DOMAINNAME.ch DOMAINNAME.ch;

        access_log      /var/log/nginx/DOMAINNAME.ch.access_log main;

        error_log       /var/log/nginx/DOMAINNAME.ch.error_log info;

        location / {

            proxy_pass http://www.DOMAINNAME.ch;

        }

        location /awstats {

            proxy_pass http://10.0.0.60/DOMAINNAME.ch;

        }

        location /myadmin {

            proxy_pass http://www.myadmin1.DOMAINNAME.ch/myadmin;

        }

 location /edit/ {

    proxy_pass http://www.DOMAINNAME.ch/edit/;

    auth_basic "Hello, please login";

    auth_basic_user_file /etc/nginx/DOMAINNAMEpasswords;

 }

}

```

----------

