Hi!
Can we please do something to cause lines such as this to work properly in production?
rewrite ^/themes/([^/]+)$ /themes/$1/ permanent;
The problem is that using a relative redirect like that causes nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. to prefix it with $scheme://$http_host
, which is fine, but now with forced-httpsHTTPS HTTPS is an acronym for Hyper Text Transfer Protocol Secure. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted. This is especially helpful for protecting sensitive data like banking information., is causing extra redirects. On web nodes, It happens because $scheme
is 'http'
. It appears that the correct way of fixing this is to use proxy_redirect
on the SSLSSL Secure Socket Layer - Encryption from the server to the browser and back. Prevents prying eyes from seeing what you are sending between your browser and the server.-terminating load balancers.
I’m unable to test LB changes, but it looks like this line should do the job
proxy_redirect http://$http_host/ https://$http_host/;
I’ve tested it on my own nginx install, in the reverse (rewriting ssl Location headers to httpHTTP HTTP is an acronym for Hyper Text Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands.), and it appears to work as expected, but I’ve never used it before.
Using the $http_host
variable seems safe, since any relative redirects have to be to the current domain anyway.
A curl request to duplicate:
curl -I 'https://wordpress.org/themes/twentyfourteen?'
Actual: Location: http://wordpress.org/themes/twentyfourteen/
Expected: Location: https://wordpress.org/themes/twentyfourteen/