amazon-web-servicesnginxaws-application-load-balancertrailing-slash

AWS ALB Redirects HTTPS to HTTP without trailing slash

I have an nginx server running on port 8080 that sits behind an AWS Application Load Balancer. I have the following location block in the nginx.conf,

location / {
            limit_except GET { deny all; }
            root /root/of/project/;
            index index.html;
            try_files $uri $uri/ /index.html;
}

When I run the server locally, I am able to hit /some/path/ and /some/path and get the same response, i.e. the trailing slash doesn't affect anything. I would expect the same behavior when I deploy the application.

I set up the AWS ALB with an HTTP listener on port 80 that redirects all traffic to the HTTPS listener on port 443. The HTTPS listener simply forwards to the target group where the nginx server lives. Those are the only two load balancer rules I have, nothing else.

After I deploy the app, when I hit a url with a trailing slash (say, https://example.com/about/), everything is fine. It loads as expected. No redirects or anything. I can see the request come through in the nginx logs.

However, if I hit a URL without a trailing slash, e.g.

https://example.com/about

The ALB redirects to

http://example.com:8080/about/

and then never loads. I never see any logs on the nginx server for that request, which means it never got passed from the ALB to the target group. The request times out after a few minutes.

It seems like the ALB might be trying to forward the request to the target group, since 8080 is the port the nginx server runs on, but I'm not sure why the request never arrives. It doesn't seem like the trailing slash should affect whether or not the request is forwarded, but I'm not sure.

I thought maybe I could set up a rule that redirects a route without a trailing slash to the same route with a trailing slash on the ALB level, but load balancer rules only have wildcards, no regular expressions. So, that's a deadend. I'm not sure that would even solve the problem, though, since the problem seems to be on the ALB level, not the application level.

Does anyone have any idea what's going on?

EDIT: Load balancer rules: http load balancer rule https load balancer rule

Solution

  • Had this problem yesterday, I only have an ALB listener on 443 and nginx is open on 80, I think I fixed it with "absolute_redirect off;" in nginx config. My full conf file:

    server {
listen       80;
absolute_redirect off;

location / {
    root   /usr/share/nginx/html;
    index  index.html index.htm;
    try_files $uri $uri/ $uri/index.html =404;
}

error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   /usr/share/nginx/html;
}
}