Question
How can I prevent my server from redirecting to HTTPS when using my domain name?
- Posted August 27, 2019
- Node.jsDNSInitial Server SetupNetworkingSecurityUbuntu 18.04
I’m having an issue with my server application where all of my HTTP requests are being redirected to HTTPS, even though I have not set anything up to do so, but only when accessing the server via my domain name, not directly via the server IP address.
To eliminate my application as the source of the issue, I’ve rebuilt my droplet with a fresh Ubuntu 18.04.3 image, installed nothing but NodeJS + NPM, and tried running the sample express (which my application is based on) “Hello World” application here:
https://expressjs.com/en/starter/hello-world.html
When I direct my browser to http://<server_IP>:3000, the application returns a “Hello World!” page as expected. However, when navigating to http://<mydomain>.com:3000, my browser gets redirected to https://<mydomain>.com:3000, resulting in an “Secure Connection Failed” error (as I have not set anything up to handle HTTPS).
My DNS appears to be set up properly, as I can ping the server just fine using the domain name, nslookup indicates it is pointing to the correct IP address, and I’m able to connect over SSH just fine using the domain name. My domain is registered with namecheap in case that matters. I also have not set up any sort of firewall.
Can anyone help me figure out what’s going on here?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi Bobby,
You were spot on that it was my browser. Fetching a page through curl works just fine, but for some reason Firefox continues switching to https even after clearing the cache…
I was trying to get everything working over regular HTTP before setting up SSL, but it looks like it will be easier to just set up SSL from the beginning.
Thanks so much for the help!
Hello,
It is most likely your browsers cache. To test that you could run the following command from your terminal:
This would give you the headers and you will be able to see if your domain name is actually being redirected to https. It would look something like this:
If you don’t see the 301, then it is definitely your browser.
On the other side, nowadays it is more or less a must to have a secure connection, so I would strongly recommend implementing something like Nginx to proxy your connections to your Node app and also do the SSL termination for you. You could take a look at this guide here on how to do that:
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-ubuntu-16-04
Hope that this helps! Regards, Bobby