0

I have nginx as proxy for apache2 + php5-fpm. I've decided to add letsencrypt cert to have a https. I've reconfigured my vhost in nginx and edited apache2 config. Everything seems to work fine, except for one thing - for some reason _SERVER["SERVER_PORT"] shows 80 and I can't figure out where it comes from.

My configs:

NGINX

server
{
    server_name domain.com www.domain.com;
    listen 80;
    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
    add_header Strict-Transport-Security "max-age=31536000" always;

    charset utf-8;
    disable_symlinks if_not_owner from=$root_path;
    set $root_path /var/www/flyer/data/www/domain.com;
    if ($scheme = http) {
    return 301 https://$server_name$request_uri;

    }
    location ~* ^.+\.(html|jpg|ico|jpeg|gif|txt|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$
    {
        root $root_path;
        error_page 404 = @fallback;
    }
    location /
    {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        root $root_path;
    }
    location @fallback
    {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

APACHE2

<Directory /var/www/flyer/data/www/domain.com>
    Options -ExecCGI -Includes
    Require all granted
    AllowOverride All
</Directory>
<VirtualHost 127.0.0.1:8080 >
    ServerName domain.com
    Options -Indexes
    SetEnvIf X-Forwarded-Proto https HTTPS=on
    CustomLog /var/www/flyer/data/logs/domain.com.access.log combined
        DocumentRoot /var/www/flyer/data/www/domain.com
        ErrorLog /var/www/flyer/data/logs/domain.com.error.log
        ServerAdmin owner@domain.com
        ServerAlias www.domain.com
    ProxyPassMatch ^/(.*\.php(/.*)?)$ unix://var/run/phpfpm_domain_com.sock|fcgi://localhost/var/www/flyer/data/www/domain.com/
</VirtualHost>

phpinfo

_SERVER["HTTP_X_FORWARDED_PROTO"]   https
_SERVER["HTTP_CONNECTION"]  close
_SERVER["HTTP_UPGRADE_INSECURE_REQUESTS"]   1
_SERVER["SERVER_NAME"]  domain.com
_SERVER["SERVER_ADDR"]  127.0.0.1
_SERVER["SERVER_PORT"]  80
_SERVER["REQUEST_SCHEME"]   http
_SERVER["GATEWAY_INTERFACE"]    CGI/1.1
_SERVER["SERVER_PROTOCOL"]  HTTP/1.1

Question is, where does this 80 port come from and why no joy for me?

Igor Yavych
  • 195
  • 2
  • 11
  • You're talking about phpinfo right? What problem is this causing? – Tim Mar 14 '16 at 21:24
  • @Tim yes. For one, phpmyadmin takes this port and redirects there upon authorization – Igor Yavych Mar 15 '16 at 01:58
  • But what problem are you having? Something being on port 80 is a fact, not a statement of problem. Is this piece of metadata just concerning you because of the feng shui, or is it causing an actual technical problem? – Tim Mar 15 '16 at 03:02
  • @Tim it is in fact causing problem. explicit redirect to domain.com:80/phpmyadmin results in `This site can’t provide a secure connection` `domain.com sent an invalid response.` – Igor Yavych Mar 15 '16 at 03:08
  • We finally get to the actual problem :) Now, what happens if you configure phpMyAdmin to work on port 80, does it work ok? Suggest you configure an nginx location pointing to a folder, see if SSL works when you request that URL. If you need help with that I'll have to post an answer, for formatting, but Google for "nginx config host static html" should find something. – Tim Mar 15 '16 at 05:58
  • @Tim if works fine if I just remove :80 from the url but doing it on every login is rather annoying – Igor Yavych Mar 15 '16 at 06:38

0 Answers0