Proper Nginx Config

[ghost]

Hey guys, I have tried everything that I can read online about SSL::Enforcer, Nginx and Unicorn, but no matter what I try, I always get an infinite loop. If I use Nginx to enforce SSL, it works just fine, but I would really prefer a software based solution. Is there a recommended example Nginx ssl confg? I appreciate any and all help!

[ariejan]

This is not a bug in rack-ssl-enforcer, but rather your Nginx setup. Nginx proxies the incoming request to Rails, but Rails is not notified about the protocol that's being use.

If you check https://github.com/tobmatth/rack-ssl-enforcer/blob/master/lib/rack/ssl-enforcer.rb#L59 you'll notice that a HTTP header is inspected to see if SSL was used or not.

In your Nginx config add the following to your location-block:

proxy_set_header   X-Forwarded-Proto https;

Restart Nginx and you're good to go.

[ghost]

ariejan, thanks for your reply. I made the nginx server configuration you suggested, but I am still getting the infinite loops. Here is the location stanza: https://gist.github.com/dad787fae02fed95fe1c any suggestions?

[rymai]

@ariejan, @creativeallies Is there any news/solutions for this? I'd like to close the issue since it's not related to the gem anymore. :)

Thanks!

[flaviogranero]

Hey guys, it's working for us with this nginx config:

proxy_set_header  X-Forwarded-Proto $scheme;

[rymai]

Awesome, thanks for the tip! I close the issue now. :)

[jeffutter]

I know this is an old issue but I ran into it again when deploying to a new environment. Apparently I also need to have:

proxy_redirect off;

in my nginx config or the non-https urls will get a redirect loop.