Comments (9)
OK, I see what is wrong. I think nginx proxy must be configured also send X-Forwarded-scheme: https
in addition to X-Forwarded-proto: https
, just drop X-Forwarded-scheme: https
should fix this. do not need to have both.
from openlitespeed.
OK, I see what is wrong. I think nginx proxy must be configured also send
X-Forwarded-scheme: https
in addition toX-Forwarded-proto: https
, just dropX-Forwarded-scheme: https
should fix this. do not need to have both.
A HUGE thank you because after 4 days of fruitless searching it works FINALLY !!!!
No more headaches, too good :D
from openlitespeed.
I find a clue.
I've another project with same nginx proxy manager and nginx in backend and php8.1 from apt.
When i display "var_dump($_SERVER)", i've in return:
HTTP_X_FORWARDED_PROTO
But, in the same project, when i replace backend nginx by OLS 1.7.17 and lsphp8.1, i've:
HTTP_X_FORPROTO__PROTO
And if i use OLS 1.7.18, error 400 as described already.
So, i think that there is a problem in OLS or LSPHP, won't you?
from openlitespeed.
@popallo OK, so I am using this same setup and after having released my new arm64 Docker image with 1.7.18 this is not the problem. However I am not configuring NPM to send either X-Forwarded-scheme: https
or X-Forwarded-proto: https
in the proxy host configurations. Where did you manage to "fix" this?
@litespeedtech The fact that it was working before on 1.7.16 & 1.7.17 without problems and now is broken on 1.7.18 to me means that something has changed in OLS that is a breaking change.
from openlitespeed.
@popallo OK, I found it(/etc/nginx/conf.d/include/proxy.conf
), however, it's a problem because I run NPM as a Docker container.
add_header X-Served-By $host;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass $forward_scheme://$server:$port$request_uri;
@litespeedtech this is a problem with OLS as we shouldn't need to reconfigure Nginx to fix this when it wasn't an issue before. I can't modify the core NPM/nginx configuration in my case as I run the Nginx Proxy Manager from their Docker image which has always had this configuration setup out-of-the-box.
from openlitespeed.
this is a problem with OLS as we shouldn't need to reconfigure Nginx to fix this when it wasn't an issue before. I can't modify the core NPM/nginx configuration in my case as I run the Nginx Proxy Manager from their Docker image which has always had this configuration setup out-of-the-box.
Hi @timnolte. They made a change in OPLS since v1.7.18 which is:
"[Security] Apply more strict request header validation."
And i think the problem starts from here.
I also use the Nginx Proxy Manager docker and to work around the situation I therefore modified the file you mentioned above (/etc/nginx/conf.d/include/proxy.conf
) by mapping it directly from the host.
This is probably not the ultimate solution and a short post on NginxPM's github is likely to help.
from openlitespeed.
@popallo ah, yeah, good call on mapping that file so that it can be overridden. I'll probably have to go that route temporarily as well.
from openlitespeed.
This should be fixed in the latest 1.7.18.1 update.
from openlitespeed.
@litespeedtech when will the binary Debian packages be updated with this version? I had to switch to the binary arm64 packages instead of building from source due to build errors that I couldn't resolve.
from openlitespeed.
Related Issues (20)
- No request delivery notification has been received from LSAPI application, possible dead lock. HOT 12
- Compiling on macos reports errors HOT 4
- percona the infamous one HOT 1
- Please get packages included in all mainstram OS distros.
- FreeBSD support? HOT 1
- cannot run an ESM app HOT 6
- Documentation: Lack of ESI Support Causes issues with WordPress Nonces HOT 2
- v.1.7.19 dowload bug and some errors HOT 6
- Don't support this system? CentOS Stream 8? HOT 3
- QUIC library is ignoring error log settings HOT 3
- Segmentation fault HOT 2
- OLS, Mediawiki, and LiteSpeedCache HOT 1
- FreeBSD: Compilation warnings again with 1.8.0 HOT 2
- Does an expired session ticket key file just get renewed if unchanged? HOT 2
- Requesting security contact HOT 15
- File ".rtreport" affects the useful life of an SSD - WRITE I/O HOT 1
- webp replacment problem HOT 2
- SSL issue with binding multiple alias domains in vhost.conf HOT 1
- wrong header set when loading pre compressed js or css files HOT 1
- How to upgrade to 1.8.0 using apt? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openlitespeed.