Question
Load Balancer sending incorrect X-Forwarded-Proto header to droplet
- Posted on November 17, 2022
- DigitalOcean DropletsDigitalOcean Managed Load BalancersLoad BalancingNginx
Asked by Charles Fahey
Hello all,
I am running up against the following scenario:
-
Using a load balancer with SSL termination, and Proxy Protocol enabled, directing traffic to a droplet running nginx;
-
nginx has been configured to accept the proxy protocol
server {
listen 80 proxy_protocol;
[...]
location ~ / {
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
- When looking at the raw headers as relayed by nginx to express, I always see the “X-Forwarded-Proto” reported as “http”, even though the “x-forwarded-port” is properly relayed as “443”.
This is breaking my attempts to set a secure session cookie from within my app.
Does anyone have any suggestions? Is this perhaps a bug in the Digital Ocean load balancer?
Thanks to all who have ideas!
- Charles
Submit an answer
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!