Strange Redirect issue with Reverse Proxy

Goutham_J · May 3, 2023, 10:15am

1. The problem I’m having:

So I’m using the Reverse proxy in caddy to direct a custom domain with SSL using Caddy. The original site looks something like this:

The original site is hosted at page.example.com/dashboard1, page.example.com/dashboard2 and so on and if a user visits page.example.com (the root without /path), they’re automatically directed to www.example.com

And so with the caddy, I wish to accomplish Reverse proxy with SSL with the domain abc.firstdomain.com where abc.firstdomain.com directs to page.example.com/dashboard1 and xyz.seconddomain.com redirects to page.example.com/dashboard2

(Caddyfile attached below)

The SSL works successfully and is issued but for some strange reason, when abc.firstdomain.com is entered in the browser, instead of displaying contents from page.example.com/dashboard1, the page is redirected to www.example.com

Since I’m using a React JS app with React router configured as follows, is this an expected issue?

2. Error messages and/or full log output:

No errors but page redirects

3. Caddy version:

v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=

4. How I installed and ran Caddy:

I installed on EC2 using serverless:

 #!/bin/bash -xe
 sudo wget -O /usr/bin/caddy "https://github.com/tobilg/aws-caddy-build/raw/main/releases/aws_caddy_v2.6.2_linux"
sudo chmod +x /usr/bin/caddy
sudo groupadd --system caddy
sudo useradd --system --gid caddy --create-home --home-dir /var/lib/caddy --shell /usr/sbin/nologin --comment "Caddy web server" caddy

a. System environment:

Amazon 2 Linux

b. Command:

Command above

c. Service/unit/compose file:

See the commands above

d. My complete Caddy config:

{
        debug
        order rewrite after forward_auth
        admin off
        on_demand_tls {
                ask {env.DOMAIN_SERVICE_ENDPOINT}
        }

        storage_clean_interval 90d

        log
}

:80 {
        respond /health "Im healthy" 200

        log
}

:443 {
        tls {env.EMAIL} {
                on_demand
        }

        forward_auth {env.ENDPOINT} {
                uri /?sourceHost={host}&extraUri={uri}
                header_up Host {upstream_hostport}
                copy_headers Pathroute Domainroute Domainhttpsroute

        }

        rewrite * {header.Pathroute}

        try_files {path} /index.html

        reverse_proxy {header.Domainroute}:443 {
                header_up Host {http.reverse_proxy.upstream.host}
                header_up User-Custom-Domain {host}

                header_down Cache-Control max-age=5184000

                health_timeout 5s


                transport http {
                        tls
                }
        }

        log
}

forward_auth endpoint file with hardcoded values for testing:

exports.handler = async (event) => {
    let statusCode;

    let pathRoute = '';


    if (event.queryStringParameters && event.queryStringParameters.hasOwnProperty('sourceHost')) {
     
     
      const extraUri = event.queryStringParameters.extraUri;
      if(extraUri==='/' || !extraUri || extraUri===''){
        pathRoute = '/dashboard1';
      }
      else{
        pathRoute = extraUri
      }

      statusCode = 200;
    } else {
      statusCode = 400;
    }

  
    return {
        headers: {
          'Pathroute': pathRoute,
          'Domainroute': 'page.example.com',
          'Domainhttpsroute': 'https://page.example.com',
        },
        statusCode: 200,
      };
  };

francislavoie · May 3, 2023, 6:41pm

If your JS is redirecting, then obviously it’ll redirect. Don’t do that then.

Goutham_J · May 3, 2023, 6:55pm

But based on my assumption when doing a reverse proxy with caddy for a site page.example.com/dashboard1, does it not fetch the results from that page and directly send it over to abc.firstdomain.com or it only builds after fetching?

francislavoie · May 3, 2023, 7:00pm

I don’t understand the question.

Goutham_J · May 4, 2023, 3:45am

Okay to put it more elaborately, in the above code, I’ve ensured that when a request to the caddy server comes from abc.firstdomain.com, for the first time the page should be proxied to page.example.com/dashboard1, it must serve that specific route in the React application (as you can see in the forward_auth config, I append /dashboard1 for the first request)

But the opposite seems to happen, the result appears the same regardless of whether I do the condition check and by default the React app seems to serve the page for ‘/’ path instead of doing it for ‘/:wallUrl’ since the first time the rewritten URI would be page.example.com/dashboard1

TLDR; Both page.example.com & page.example.com/dashboard1 when proxied through Caddy show the same page while it should present different results. Is this peculiar to React since React-Router is used? Or is it the default behavior of Caddy?

francislavoie · May 4, 2023, 6:43pm

Do you see debug logs for rewrite happening?

Goutham_J · May 4, 2023, 7:29pm

Yeah I do but never mind I found a workaround for this just by writing the appropriate “Route” logic in the React app since the routing happens on client side