Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
When Redirecting to Folder Path, Force SSL Setting is Ignored
See original GitHub issueBackground
I have an existing web server which serves applications at folder paths - for example, http://192.168.1.105/something, http://192.168.1.105/differentthing . I would like to use Nginx Proxy Manager to point a subdomain directly to these paths, i.e. https://something.mywebsite.com --> http://192.168.1.105/something (without having to go to something.mywebsite.com/something). The ability to do this was discussed and implemented on issue #104 , with these steps provided by @jc21 :
- Create a proxy host
- On the details tab, enter any ip address and port, it’s required for the form but it won’t actually be used, so it can be anything
- On the Custom Locations tab, create a location with
/as the location path and for the Forward Hostname / IP enter192.168.0.10/phpmyadmin/making sure you have that trailing slash, it’s important.- Save, and test.
The Problem
When you actually do this, something.mywebsite.com will respond on http (port 80), even if you configure an SSL certificate and enable the “Force SSL” setting. It should instead respect the setting, and not respond on unencrypted http when the setting is enabled.
Reproduction
Simply set up a configuration like the one described above, and enable the Force SSL setting (screenshots also provided below). This bug was also reported in #104 by @gmag11 and @meichthys, so I’m confident that it isn’t just me.
Screenshots (actual domain and path redacted, and even though you can’t see it in the screenshot, I promise you I didn’t forget the trailing slash in the Forward Hostname / IP box)
Issue Analytics
- State:
- Created 2 years ago
- Reactions:1
- Comments:6
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I think I understand the point you’re making, @3Dscrewer , but this is a “human factors” issue if nothing else. Most users will expect that the “Force SSL” setting will force SSL unconditionally in all scenarios. If it doesn’t, that’s unexpected and frustrating. Unexpected and unintuitive behavior is as much a bug as anything else.
The setting should either be made to work in all scenarios, or the UI should change so that users won’t be surprised. For example, there could be a link to an explanation of the toggle’s actual capabilities, or, if the proxy host is configured as I described above, the toggle could be grayed out. There are any number of possible solutions, but the bottom line is that for this particular scenario, the toggle is not functioning as most users would expect and therefore something should change.
@dgsharpe In my opinion it is not an issue. It’s a wrong setup and misunderstanding. The SSL certificate is dropped at nginx and not your site. If you’re forwarding port 443 the SSL certificate must be at your site and not at nginx. Have a look at the pictures. As you can see, cloud and airsonic is the same IP, ldap is for a future project I have just disabled. They are all SSL even if airsonic is forwarded as http. If you don’t believe, ask by PM for the links and try by your self. Airsonic was before used as custom path /airsonic, but then I found, as mentioned above, the context_path. Since that time I don’t need the custom path. BTW also HSTS is working.