Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HTTP from public interface reported by NGINX

    Firewalling
    1
    1
    143
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      prdufresne
      last edited by prdufresne

      My firewall is configured as follows:

      • The administration interface is configured for HTTPS only with HSTS enabled
      • I use HAProxy to redirect all HTTP requests from the public interface to HTTPS (http/https offloading) in the frontend
      • There are no backends configured in HAProxy
      • There is a NAT port forward from port 443 to an internal server
      • Port 80 is open on the firewall to allow the requests to be redirected

      The intent here was to have all HTTP requests redirected to HTTPS before they ever get to the server, but since nginx is reporting the requests, I'm confused.

      I am seeing, in the logs, HTTP requests from the Internet getting a response of 301 (redirect), so the requests are being redirected, but I wouldn't have expected nginx to see them at all. I expected HAProxy to handle those.

      Does HAProxy sit behind nginx in pfsense, or am I missing something?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post