nginx proxy_set_header x-forwarded-proto seemingly not working
As it turned out my preferred method of reloading the nginx config is broken:
/etc/init.d/nginx reload
It just didnt reload the config.
After restarting the proxy though, it worked as expected.
Also reloading via the binary directly also does work:
nginx -s reload
I am at a loss as to why that would be so i am going to ask another question about that.
Related videos on Youtube
logicBV
Updated on September 18, 2022Comments
-
logicBV over 1 year
Since i am a beginner in nginx proxying i have a question.
The gist of it:
Where does an nginx proxy set defaults for php's
$_SERVER["HTTP_X_FORWARDED_HOST"],
$_SERVER["HTTP_X_FORWARDED_SERVER"] and
$_SERVER["HTTP_X_FORWARDED_FOR"]?More Info:
This is a development environment.
I have a vhost entry on my nginx proxy:server { listen 192.168.1.17:443 ssl; server_name foo.bar.com; ssl_certificate /etc/nginx/ssl/boerse.de.crt; ssl_certificate_key /etc/nginx/ssl/boerse.de.key; location / { proxy_pass http://foo_cluster/; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
foo_cluster only upstreams one server:
upstream foo_cluster { ip_hash; server 192.168.5.33:80 fail_timeout=30s; server 192.168.5.34:80 fail_timeout=30s down; }
On my apache webserver at 192.168.5.33 i have another vhost:
<VirtualHost *:80> ServerName foo.bar.com ServerAdmin [email protected] DocumentRoot /var/www/foo-bar-com <Directory /var/www/foo-bar-com/> Options Indexes FollowSymLinks MultiViews AllowOverride ALL Order allow,deny allow from all </Directory> LogLevel warn ErrorLog /var/log/apache2/foo.bar.com_error.log CustomLog /var/log/apache2/foo.bar.com_access.log combined ServerSignature On SetEnv ApplicationConfigFiles "/var/ApplicationConfigFiles/" php_value include_path ".:/var/www/baz/global/php/base:/var/www/foo-bar-com/vendor/library/:/var/www/foo-bar-com/vendor/models/model/:" php_value auto_prepend_file /var/www/foo-bar-com/class/functions/prepend.php php_value auto_append_file /var/www/foo-bar-com/class/functions/append.php </VirtualHost>
In my hosts file on my local machine i have added the server:
... 192.168.1.17 foo.bar.com ...
In my prepend.php i just output superglobal $_SERVER and stop:
<?php var_dump($_SERVER); exit; ...
Alright. Now with all that set up i open the wesite on my browser at https://foo.bar.com
Here an excerpt of the output source code:
array(32) { ... ["HTTP_HOST"]=> string(11) "foo.bar.com" ["HTTP_X_FORWARDED_HOST"]=> string(11) "foo.bar.com" ["HTTP_X_FORWARDED_SERVER"]=> string(11) "foo.bar.com" ["HTTP_X_FORWARDED_FOR"]=> string(13) "192.168.2.131" ["HTTP_CONNECTION"]=> string(5) "close" ...
Since i am missing expected X-Forwarded-Proto i comment out all proxy_set_header in the nginx vhost file (and reload the service):
server { listen 192.168.1.17:443 ssl; server_name foo.bar.com; ssl_certificate /etc/nginx/ssl/boerse.de.crt; ssl_certificate_key /etc/nginx/ssl/boerse.de.key; location / { proxy_pass http://foo_cluster/; #proxy_set_header Host $host; #proxy_set_header X-Forwarded-Host $host; #proxy_set_header X-Forwarded-Server $host; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-Forwarded-Proto $scheme; } }
Yet, the result output remains the same.
I have searched google for why this might be the case all day.
nginx documentation for proxy_set_header states:This directive allows to redefine and to add some request header lines which will be transferred to the proxied server.
I wonder why it says exactly "redefine". I have found no answer as to what is predefined here to be redefined via proxy_set_header.
I have searched /etc/nginx/nginx.conf for proxy_set_header, in fact i greped the whole /etc/nginx directory with
grep -ri x-forwarded-host *
Only results found where in sites-available and sites-enabled.
I searched the same on the apache webserver with no useful results (i thought they may be set in php code but i was wrong).
I am doubtful as to whether my nginx vhost file is even the used one.
Thank you for your time.
Tldr:
Where does an nginx proxy set defaults for php's
$_SERVER["HTTP_X_FORWARDED_HOST"],
$_SERVER["HTTP_X_FORWARDED_SERVER"] and
$_SERVER["HTTP_X_FORWARDED_FOR"]?