Apache2 behind NGINX: MOD_REWRITE only works without HTTPS

Question

For days I can't get my head around the following problem:

We have an application (Faveo) which has two requirements for going through the setup wizard:

HTTPS & MOD_REWRITE.

Faveo is running on Apache2 with a ReverseProxy in front of it in our DMZ.

If I run our ReverseProxy with a simple

location / {
          proxy_pass http://XXX.XXX.XXX.XXX;
}

mod_rewrite (which is enabled Apache-Side, which serves Faveo) seems to work and the Faveo-Wizard turns green.

However - The Application is not served with HTTPS.

Therefore I can't click "Continue": Click me! (http; mod_rewrite)

If I now loop through the following arguments:

location / {
          proxy_pass http://xxx.xxx.xxx.xxx;

          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header host $http_host;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

Faveo is now called with HTTPS, but mod_rewrite does not work this time: Click me! (HTTPS; no mod_rewrite) This does not allow a click on "continue" either.

Do you have any ideas? How can I pass HTTPS down to Apache and still be able to use mod_rewrite on the Apache side of things?

NGINX-Config:

server {
        listen       80;
        server_name helpdesk.someurl.de;
        return 301 https://$server_name$request_uri;
}

server {
        listen       443 ssl http2;
        ssl_protocols TLSv1.2;
        server_name helpdesk.someurl.de;

        # Enable SSL
        ssl                     on;
        ssl_certificate      /etc/letsencrypt/live/someurl.de/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/someurl.de/privkey.pem;

        client_max_body_size    50M;
        ssl_session_timeout     5m;

        # Set global proxy settings
        proxy_read_timeout      360;

       location / {
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header Host $http_host;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_pass http://XXX.XXX.XXX.XXX/;
        }

        error_log /var/log/nginx/helpdesk-ssl-error.log;
        access_log /var/log/nginx/helpdesk-ssl-access.log;
}

Apache2:

<VirtualHost *:80>
    ServerName helpdesk.someurl.de

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/faveo/public

    <Directory /var/www/faveo/public>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

If I now delete

proxy_set_header Host $http_host;

From the NGINX-Config, HTTPS is disabled but mod_rewrite works.

If it's enabled I get HTTPS served, but no mod_rewrite.

You have to configure Nginx to accept TLS connections as well. — vidarlo, Apr 21 '22 at 10:39
@vidarlo You mean adding `ssl_protocols TLSv1.2 TLSv1.3;` to the NGINX-config? — HeadKnockr, Apr 21 '22 at 10:40
please share the full configuration of apache and nginx else this question is at the moment not on topic — djdomi, Apr 21 '22 at 17:19

Apache2 behind NGINX: MOD_REWRITE only works without HTTPS

0 Answers0