On 29 June 2012 08:10, henn1nk <
[email protected]> wrote:
> I am always redirect to
https://mydomain .... How can i STOP this?
Nothing in the nginx config you posted is doing this. It's almost
certainly your application that's choosing to issue the redirect.
If I had to guess, I'd suggest that your app is redirecting you, a
non-logged-in user, to a login page, which it insists on serving over
HTTPS so your login creds can't get sniffed.
You can verify that it's the app that's doing this by either
* watching your app's (*not* nginx's) per-request logs and seeing a
301/302 get issued or
* doing a "curl -v" against the URI you're hitting in your browser,
and looking out for response headers that let you know it's definitely
app responding, not nginx (for example "X-Powered-By:", etc) or
* doing a "curl -v" against the app *directly*, without involving
nginx, and seeing the 301/302 get issued.
Something like that, anyway; I hope you get the idea.
To stop this being a problem, you either need to
* set up an SSL nginx server which informs the app that it's a secure
connection or
* lie to the app, and tell it that the HTTP connection is actually secure
* tell the app not to insist on an SSL login.
I'd suggest you do the first of these. The "X-Forwarded-Proto" header
may be your friend. Have a google.
HTH,
Jonathan
--
Jonathan Matthews
Oxford, London, UK
http://www.jpluscplusm.com/contact.html
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx