Debian 9 Nginx - Too many redirects and 522 error

Site: martoph.com

I have cloudflare redirecting the DNS stuff, I’ve tried setting the SSL certificates to “Full (strict)” but that only gives me a 522 error. I don’t really know what to supply beyond this point, but I can get you configs and such.

ssllabs reports its fine (without full strict on CF)

(To be clear: it gives me “too many redirects” without CF, and a 522 with)

Thanks!

Well, you’ve got a HTTP to HTTPS redirect set up. Which is GOOD! Because with TLS configured, you’d automatically want people to go to the secure site, obviously.

But you also have a HTTPS to HTTPS redirect! Which is BAD! Because when people already are on your secure site, there’s no need to redirect them again… You just want them to see your site!

So you’ve got to check your webservers configuration which is responsible for the HTTP to HTTPS redirect and see if it’s working properly. It should only redirect when people are surfing to the HTTP site.

@Osiris thanks for the support! I’m currently running NGinx, is there something in specific I should be looking for in the “default” file?

Can you please share the portion of you config file that redirects http to https? Below is an example of such a redirect. You config file might be the reason why you are getting too many redirects.

server {
    listen 80;
    server_name www.domain.com domain.com;

    # redirects both www and non-www to https
    return 301 https://domain.com$request_uri;
}

server {
    listen 443 ssl http2;
    server_name www.domain.com;

    # redirects www to non-www
    return 301 $scheme://domain.com$request_uri;
}
1 Like

I wasnt able to copy the code directly
image

I believe I know whats going on, but I don’t know the fix.

You have to find a server-block with port 443/ssl in it. There must be the wrong redirect.

I found this in a server block.
image

Have a look into /etc/letsencrypt/options-ssl-nginx.conf, maybe the redirect is there.

Nothing is there that includes server/redirect information.

Does the redirect block I showed earlier redirect me even if I’m on https?

Hmm, I don’t really know that cloudflare thing, but it seems it does a redirect by itself:

$ openssl s_client -connect martoph.com:443 -servername martoph.com

GET / HTTP/1.1
Host: martoph.com

HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Feb 2018 13:21:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=de1e71bb4060a7aaba3d859914687ca731519046487; expires=Tue, 19-Feb-19 13:21:27 GMT; path=/; domain=.martoph.com; HttpOnly
Location: https://martoph.com/
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 3ef98775ca4f2d71-TXL

Could you check your settings there?

Can you clarify? I’m confused about what needs checking.

You’ve got CloudFlare enabled. Perhaps they have additional redirect settings in their control panel.

I’ve gotten closer than what I was. Currently google shows the site as “unsafe” and when I proceed, it gets me to my router login (not where I want to go)

turns out I didn’t port forward 443.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.