Avoid landing page redirects


(Danil Antoshkin) #1

%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA

code.mauladen.ru {
    proxy / https://code.mauladen.ru:3000
    header / {
	    Strict-Transport-Security "max-age=15768000;"
	    X-XSS-Protection "1; mode=block"
	    X-Content-Type-Options "nosniff"
	    X-Frame-Options "DENY"
        Cache-Control "max-age=2592000;"
    }
}

http://www.code.mauladen.ru, https://www.code.mauladen.ru {
  redir / https://code.mauladen.ru
}

How can I solve this problem?


(Matthew Fay) #2

Hi @Mauladen,

The first redirect is HTTP->S, and you especially want visitors to use HTTPS if there’s a login form involved.

The second redirect must have been issued by the app running on port 3000. It looks like it’s directing unauthorized users to the login page.

A good strategy to avoid this would be to redesign your website to have a HTTP-accessible landing page that doesn’t require the client to be logged in. Other than doing that, it’s not a problem that needs solving.


(system) #3

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.