1

I'm using nginx to proxy traffic to Docker containers, but I'm having problems with a container running WordPress over Apache.

Blog works fine, I see posts, pictures... But I can't access the admin page because the redirection to wp-login.php is returning a 302 and never is done, so after some tries the browser throws an error about too many redirects.

Proxy config:

server {
    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;

    # HSTS
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;


    location /newWeb {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_cookie_path / "/; secure; HttpOnly";
    }
    location /blog {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_cookie_path / "/; secure; HttpOnly";
    }
}

server {
    listen 80;
    location /.well-known {
        alias /usr/local/etc/letsencrypt-webroot/.well-known;
    }
    return 301 https://$host$request_uri;
}

Notice that I'm not looking for the try_files directive to prevent the loop, I'm trying to find the solution to successfully redirect to wp-login.php.

UPDATE:

This is from the Docker host. 8080 is the port I'm forwarding to Apache's 80.

wget http://127.0.0.1:8080/blog/wp-login.php
--2016-10-25 11:35:34--  http://127.0.0.1:8080/blog/wp-login.php
Connecting to 127.0.0.1:8080... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://127.0.0.1:8080/blog/wp-login.php [following]
--2016-10-25 11:35:35--  https://127.0.0.1:8080/blog/wp-login.php
Connecting to 127.0.0.1:8080... connected.
OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Unable to establish SSL connection.

I understand the error is because Apache is not listening on HTTPS, just HTTP. Which leads me to two questions:

  • How the hell can I have SSL offloading with Nginx and Apache? In theory, Apache doesn't need to expect HTTPS.

  • In the wgetexample, why is it being redirected to HTTPS? It's not going through nginx, but directly to the Apache container, and VirtualHost is just the simple:

    <VirtualHost *:80>
    DocumentRoot /var/www/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

    There is no .htaccess either

Improve this question

1 Answer 1

Reset to default
2

I found the answer in this question https://wordpress.stackexchange.com/questions/170165/wordpress-wp-admin-https-redirect-loop

I was missing $_SERVER['HTTPS'] = 'on'. I don't know why it isn't commented in the wp-config.php...

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.