Redirect http to https on non 80 and 443 port

(NC) #1

Hello,
My VPS has no 80 and 443 ports available for me.
I have to use two non-standard ports for http and https.
I’ve installed the latest caddy with DNS changeling plugin.
I want to realize, all http traffic redirect to https
Here’s my caddyfile.

http://mydomain:8080 {
tls off
gzip
redir https://mydomain:8081{uri}
}

https://mydomain:8081 {
tls {
dns cloudflare
}
gzip
timeouts none
proxy / https://google.com {

}

}

import sites/*

I use caddy -conf /etc/caddy/Caddyfile -http-port 8080 to start caddy service
dnow,
the http request returns 500 internal privoxy error
the https works fine with google displays.

So could anyone help me out http request?
I hope http request will goes automaticlly to https8081, which should return google
thanks,
Jane

(Matthew Fay) #2

Hi @tarkky, welcome to the Caddy community.

What’s the output when you run curl -IL http://mydomain:8080 ?

(NC) #3

Hi @Whitestrake
here’s the output

curl -IL http://mydomain:8080

HTTP/1.1 301 Moved Permanently
Connection: close
Content-Type: text/html; charset=utf-8
Location: https://mydomain:8081/
Server: Caddy
Date: Mon, 13 May 2019 05:54:53 GMT

HTTP/2 200
age: 771733
cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2019 07:32:43 GMT
etag: “a689665c0fa374b5ee7a63cb030e0d0b-ssl”
link: </static/css/style.d6daa8a167d72ec0d64c155c70d5a6be.css>; rel=preload; as=style, </static/js/bundle.min.135568517fe511bf4317aac5e56fb8e3.js>; rel=preload; as=script
server: Caddy
server: Netlify
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dns-prefetch-control: on
x-nf-request-id: 2c86588f-de74-4714-9cdf-2b06d2fd60c7-216371876
content-length: 4989

(NC) #4

And when I tries in browser,
http://mydomain:8080
it seems redirects to https://mydomain:8080
why the port is not redirected to 8081?

(Matthew Fay) #5

Could be a bad browser cache. The cURL results look pretty good.

Try with another browser.

(NC) #6

Hi @Whitestrake
I tried with IE, the first time it works fine, but I opened another tab, tried again, this time,
the http://mydomain:8080 goes to https://mydomain:8080
same error.

(Matthew Fay) #7

What’s in import sites/*?

Edit: Actually, I don’t need to know that. I know why your browser goes to https://mydomain:8080.

  1. The first time you connect, everything works. You connect to HTTP on port 8080, Caddy tells you to go to HTTPS on port 8081, all working.
  2. Caddy tells your browser never to connect over HTTP, always use HTTPS. (this is Strict-Transport-Security at work)
  3. You browse to http://mydomain:8080 for the second time.
  4. Your browser remembers not to bother with HTTP. It changes the scheme automatically.
  5. However, you’ve manually specified the port. Normally, the port is unspecified, so changing scheme implies changing port. But not in this case. Your browser doesn’t change the port to 8081 because it doesn’t remember which port HTTPS is on for this specific site.

This is going to keep happening as long as you use HSTS on non-standard ports.

(NC) #8

thanks @Whitestrake for your so kindly help. it’s really very clear for me now.

1 Like
(Matthew Fay) #9

No worries! Glad I could help.