Nginx as Reverse Proxy for Apache - too many redirects

June 5, 2018 988 views
Nginx Apache Ubuntu 16.04
harmonherring
By:
harmonherring

I followed this guide to have Nginx function as a forward proxy for apache.. However, when I attempt to allow Nginx to serve static files and pass php stuff off to Apache, I get an error about being redirected too many times.

My nginx server block for apache proxy-ing looks like this

server {
    listen 80;
    listen 443 ssl;
    server_name harmonherring.win www.harmonherring.win;
    root /var/www/harmonherring.win;
    index index.php index.html index.html;

    #ssl on;
    ssl_certificate /etc/letsencrypt/live/www.harmonherring.win/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.harmonherring.win/privkey.pem;

    location / {
        try_files $uri $uri/ /index.php;
    }

    location ~ \.php$ {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://159.65.176.109:8080;
    }

    location ~ /\. {
        deny all;
    }
}

Any help would be much appreciated, thanks!

Log In to Comment
1 Answer
miroslavmimokuhajda June 6, 2018
Accepted Answer

Hi,

try to specify all possible extensions and everything else ( non static files ) proxy_pass to Apache2 to handle it. Something like this:

server {
    listen 80;
    listen 443 ssl;
    server_name harmonherring.win www.harmonherring.win;
    root /var/www/harmonherring.win;
    index index.php index.html index.html;

    #ssl on;
    ssl_certificate /etc/letsencrypt/live/www.harmonherring.win/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.harmonherring.win/privkey.pem;

    location ~ /\. {
        deny all;
    }

    location ~* \.(bmp|gif|ico|jpeg|jpg|pict|png|svg|swf|tif)$ {
        try_files $uri =404;
    }

    location ~* \.(class|css|csv|doc|docx|ejs|eot|eps|jar|js|mid|midi|otf|pdf|pls|ppt|pptx|ps|svgz|tiff|ttf|txt|webp|woff|woff2|xls|xlsx)$ {
        try_files $uri =404;
    }

    location / {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        ### use localhost:8080 and firewall for public network to port 8080 to disable access from internet;
        proxy_pass http://127.0.0.1:8080;
    }
}
Reply
Have another answer? Share your knowledge.

Related Questions