By tjpotts5
I’m having an issue with my server application where all of my HTTP requests are being redirected to HTTPS, even though I have not set anything up to do so, but only when accessing the server via my domain name, not directly via the server IP address.
To eliminate my application as the source of the issue, I’ve rebuilt my droplet with a fresh Ubuntu 18.04.3 image, installed nothing but NodeJS + NPM, and tried running the sample express (which my application is based on) “Hello World” application here:
https://expressjs.com/en/starter/hello-world.html
When I direct my browser to http://<server_IP>:3000, the application returns a “Hello World!” page as expected. However, when navigating to http://<mydomain>.com:3000, my browser gets redirected to https://<mydomain>.com:3000, resulting in an “Secure Connection Failed” error (as I have not set anything up to handle HTTPS).
My DNS appears to be set up properly, as I can ping the server just fine using the domain name, nslookup indicates it is pointing to the correct IP address, and I’m able to connect over SSH just fine using the domain name. My domain is registered with namecheap in case that matters. I also have not set up any sort of firewall.
Can anyone help me figure out what’s going on here?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello,
It is most likely your browsers cache. To test that you could run the following command from your terminal:
curl -IL yourdomain.com
This would give you the headers and you will be able to see if your domain name is actually being redirected to https. It would look something like this:
curl -IL yourdomain.com
HTTP/1.1 301 Moved Permanently
Date: Thu, 29 Aug 2019 04:50:23 GMT
Server: Apache/2.4.38 (Ubuntu)
Location: https://yourdomain.com/
Content-Type: text/html; charset=iso-8859-1
HTTP/2 200
date: Thu, 29 Aug 2019 04:50:23 GMT
server: Apache/2.4.38 (Ubuntu)
cache-control: no-cache, private
If you don’t see the 301, then it is definitely your browser.
On the other side, nowadays it is more or less a must to have a secure connection, so I would strongly recommend implementing something like Nginx to proxy your connections to your Node app and also do the SSL termination for you. You could take a look at this guide here on how to do that:
Hope that this helps! Regards, Bobby
Hi Bobby,
You were spot on that it was my browser. Fetching a page through curl works just fine, but for some reason Firefox continues switching to https even after clearing the cache…
I was trying to get everything working over regular HTTP before setting up SSL, but it looks like it will be easier to just set up SSL from the beginning.
Thanks so much for the help!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.