redirectScheme returns URLs with port 80


I user Traefik 2.2.11 with Docker to host about 15 of my projects.
Everything works fine except of one container.

This one sometimes responds with a port number 80 even though the request was made over https port 443.

I setup a redirect-to-https file provider which is used by all my projects

        scheme: https
        permanent: true

The container in question uses the following labels:

      - "traefik.enable=true"
      - ""
      - "traefik.http.routers.xentral_insecure.entrypoints=web"
      - "traefik.http.routers.xentral_insecure.rule=Host(``)"
      - "traefik.http.routers.xentral_insecure.middlewares=redirect-to-https@file"
      - "traefik.http.routers.xentral.entrypoints=web-secure"
      - "traefik.http.routers.xentral.rule=Host(``)"
      - "traefik.http.routers.xentral.tls.certresolver=default"
      - ""

When I request sometimes it redirects me to which of course does not exist.

Shouldn't redirectSchema also redirect this request from 80 to 443?

Do I need another extenstion to prevent such port issues?

Hi @geeks-r-us,

From experience this is being returned from the app/container. You may require specific configuration for use behind a proxy.

1 Like

yes that's right. It's an application issue. I can add a url and port to the configuration but this ends up in a too many redirects message. The supports help on this issue was that there is also a hosted version for just 40€ a month extra. Not very helpfull....

It looks like they do not handle the X-Forward* flags. And due to the php code is encrypted by ioncube I'm unable to add the handling it on code side by my self.

So what other options are available?

rewrite module ?
configure apache to accept unencrypted traffic on port 443?

This is really something that has to be untangled from the application end. If you can clearly articulate what you want traefik to do, we probably can tell you if it's possible or not. I personally do not see how configuring apache to accept unencrypted traffic on port 443 would help, but then you probably understand the problem better than I do.