Add new comment
ERR_TOO_MANY_REDIRECTS with Synology Application Portal
I run a few websites from a VM on my Synology NAS. The VM has the typical LAMP setup for running Wordpress and Drupal sites. As it is not exposed directly to the internet, Apache serves up all sites on port 80 and I configured the Synology "Application Portal" to forward both port 80/443 requests to it. Application Portal (nginx behind the curtain) also provides handling of SSL Certs on port 443.
So I created 2 Synology Application Portal entries - one to for serving up incoming 80 to ApacheHost:80, and one for serving up incoming 443 to ApacheHost:80.
With this setup I encountered a problem when trying to do a typical redirect from port 80 to 443 using a .htaccess on the Apache server. If I do a simple redirect from port 80 to 443 everything works as designed... but my design was wrong! Since I set up the Reverse Proxy to do all comms to Apache on port 80, Apache always redirects to 443... which Proxy sends to 80 and in short order we have a redirect mess - an endless loop that gave me an ERR_TOO_MANY_REDIRECTS.
After a few false starts I now have a way to provide http -> https rewriting.
1) Create a separate site to serve up custom content for port 80 requests
ServerAdmin webmaster@ba6.us DocumentRoot /var/www/html/redir/ba6.us ServerName ba6.us ServerAlias ba6.us ErrorLog logs/ba6.us-redir-error_log CustomLog logs/ba6.us-redir-access_log common RewriteEngine On RewriteOptions inherit Options -Indexes AllowOverride All Order allow,deny Allow from all
Create a separate stub site on my ApacheHost:8888 that only serves up the following .htaccess file /var/www/html/redir/ba6.us/.htaccess :
RewriteEngine On RewriteRule ^(.*)$ https://ba6.us/$1 [R,L]
This will simply rewrite any http:// request to https:// requests.
Set up Application Portal (nginx) entries to Proxy appropriately
ba6.us HTTP Proxy
- Source Protocol : HTTP
- Source Hostname: ba6.us
- Source Port : 80
- Destination Protocol: HTTP
- Destination Hostname: ApacheHost
- Destination port: 8888
ba6.us HTTPS Proxy
- Source Protocol : HTTP
- Source Hostname: ba6.us
- Source Port : 443
- Destination Protocol: HTTP
- Destination Hostname: ApacheHost
- Destination port: 80
Note: Also make sure you have a cert set up for your domain in Control Panel -> Security -> Certificate tab.
How it works
- Visit unsecured site http://ba6.us
- nginx receives communication on port 80, proxies to ApacheHost:8888
- ApacheHost:8888 responds for VirtualHost ba6.us:8888. The only thing this virutal host has the ability to server up is the special .htaccess with redirect.
- Redirect to https URL is sent to browser
- Browser requests https://ba6.us
- nginx receives communication on port 443, proxies to ApacheHost:80
- ApacheHost:80 serves up the normal site
- All access is now secure!