DigitalOcean

Report this

What is the reason for this report?
Question

Nginx reverse proxy to another nginx loop

Posted on December 22, 2019
Nginx
akaiispam

By akaiispam

Hi there, I want to install Prestashop on a dedicated Nginx server called “presta” (192.168.1.19). Not used to nginx and I wonder why I get redirection cycle, would need your advice.

On my front end nginx let’s call it “rproxy” 192.168.1.5 I have this configuration :

server {
    if ($host = www.mydomain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
        listen   80;
        server_name     www.mydomain.com;
                return 301 https://www.mydomain.com$request_uri;
}
server {
    listen 443;
    server_name www.mydomain.com;
    error_log /var/log/nginx/mydomain.error.log;
    access_log /var/log/nginx/mydomain.access.log;

    ssl on;
    ssl_certificate /etc/letsencrypt/live/www.mydomain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/www.mydomain.com/privkey.pem; # managed by Certbot
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    set $upstream 192.168.1.19;
    location / {
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass_header Authorization;
        proxy_pass http://$upstream;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
        proxy_buffering off;
        client_max_body_size 0;
        proxy_read_timeout 36000s;
        proxy_redirect off;
    }
}

and on my dedicated nginx server I get this :

server {
        listen   80;
        server_name     www.mydomain.com;

        root /var/www/mydomain;
                index index.php index.html index.htm;

                if ($http_host != "www.mydomain.com") {
                rewrite ^ https://www.mydomain.com$request_uri permanent;
                }
                location = /favicon.ico {
                log_not_found off;
                access_log off;
                }
                location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
                }
                # deny access to .htaccess files, if Apache's document root
                # concurs with nginx's one
                location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
                }
                location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ /index.html;
                #try_files $uri $uri/ =404;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
                }

                rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
                rewrite ^/([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$1$2$3.jpg last;
                rewrite ^/([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
                rewrite ^/([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
                rewrite ^/([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
                rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
                rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
                rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
                rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
                rewrite ^/c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/c/$1$2$3.jpg last;
                rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ /img/c/$1$2.jpg last;
                rewrite ^/images_ie/?([^/]+)\.(jpe?g|png|gif)$ /js/jquery/plugins/fancybox/images/$1.$2 last;

                try_files $uri $uri/ /index.php$is_args$args;
                error_page 404 /index.php?controller=404;

                location ~* \.(gif)$ {
                expires 2592000s;
                }
                location ~* \.(jpeg|jpg)$ {
                expires 2592000s;
                }
                location ~* \.(png)$ {
                expires 2592000s;
                }
                location ~* \.(css)$ {
                expires 604800s;
                }
                location ~* \.(js|jsonp)$ {
                expires 604800s;
                }
                location ~* \.(js)$ {
                expires 604800s;
                }
                location ~* \.(ico)$ {
                expires 31536000s;
                }

                # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
                #
                location ~ \.php$ {
                        include snippets/fastcgi-php.conf;
                #fastcgi_pass 127.0.0.1:9000;
                #fastcgi_index  index.php;
                        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
                }
}

I always got the following error :

2019/12/22 15:44:56 [error] 3031#3031: *9 open() "/var/www/mydomain/img/app_icon.png" failed (2: No such file or directory), client: 192.168.1.5, server: www.mydomain.com, request: "GET /img/app_icon.png HTTP/1.1", host: "www.mydomain.com"
2019/12/22 15:45:03 [error] 3031#3031: *82 open() "/var/www/mydomain/img/app_icon.png" failed (2: No such file or directory), client: 192.168.1.5, server: www.mydomain.com, request: "GET /img/app_icon.png HTTP/1.1", host: "www.mydomain.com"

Would appreciate your help on this guys!



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Bobby
Bobby
December 22, 2019

Hi @akaiispam,

The configuration looks quite good! I could suggest a couple things:

  • Try disabling the HTTP to HTTPS redirect rule on your dedicated Nginx server, so change this:
...
                if ($http_host != "www.mydomain.com") {
                rewrite ^ https://www.mydomain.com$request_uri permanent;
                }
...

To this:

...
               # if ($http_host != "www.mydomain.com") {
               # rewrite ^ https://www.mydomain.com$request_uri permanent;
               # }
...

After that run a config test:

sudo nginx -t

And if you get a Syntax OK message restart Nginx:

sudo systemctl restart nginx
  • I could also suggest making sure that your document root /var/www/mydomain and the files and folders in it are owned by Nginx so that Nginx could read the files in there. To do that first find out which user is your Nginx service running with:
ps aux | grep nginx

You should see something like this:

ps aux | grep nginx
www-data 5131  0.0  1.1 1063424 11428 ?       Sl   00:00   0:02 nginx

So in my case, it is the www-data user. This means that I would need to run the following command:

sudo chown -R www-data:www-data /var/www/mydomain

Then test your site again.

  • If both of those suggestions do not work, what I could suggest next is trying to access your site directly on the dedicated Nginx server and see if you get that redirect loop there as well, that way you should be able to narrow it down and see if it is a problem with the reverse proxy or the Nginx server itself.

Hope that this helps! Regards, Bobby

0
akaiispam
akaiispam
December 22, 2019

Hi@bobbyiliev

I followed your advice and I still get the same error message

0
akaiispam
akaiispam
December 23, 2019

even passing directly to the destination server is not working

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.