Hi I'm using traefik2 and in the process of trying some test reverse proxy configurations. I'm coming from nginx so my limited knowledge is really from nginx.
With nginx, I usually add the following headers for my reverse proxies :
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Ssl on;
proxy_pass https://nextcloud.xxxx.com;
}
Testing my reverse proxy using a browser, I see that the original URL within the browser address bar seems to be preserved. So if my reverse proxy is located at test.xxxx.com and my backend server is located at nextcloud.xxxx.com, the url always shown in the browser address bar is https://test.xxxx.com/
Within traefik the URL displayed in the browser bar seem to be always rewritten or maybe the correct term is altered. An equivalent section for a traefik would be:
http:
routers:
test.xxxx.com:
rule: "Host(`test.xxxx.com`)"
entryPoints:
- web
- websecure
middlewares:
- mw_compress_headers
service:
- sv_proxy_pass_nextcloud.xxxx.com
tls:
options: modern@file
certResolver: le
domains:
- main: test.xxxx.com
middlewares:
mw_compress_headers:
compress: {}
services:
sv_proxy_pass_nextcloud.xxxx.com:
loadBalancer:
servers:
- url: https://nextcloud.xxxx.com
passHostHeader: false
So with this setup I'm seeing a rewrite of the URL within the browser address bar. What is displayed --> test.xxxx.com--->nextcloud.xxx.com/
The only way to avoid the "rewrite" is to turn passHostHeader: true but then within the backend server (nginx) you need to add test.xxx.com to the list or server names. You can change the host header with a middleware with something like the following and use service parameter passHostHeader:true--:
mw_nextcloud_host_header:
headers:
customRequestHeaders:
Host: nextcloud.xxxx.com
But when doing this -- you again get the URL being displayed in the address bar as https://nextcloud.xxxx.com/ rather than the reverse proxy address https://test.xxxx.com/
In summary
- with nginx the URL displayed is not altered when reverse proxying (using the headers above), but
- with traefik the URL displayed is altered.
Researching the topic it seems that the nginx headers some posts on stack exchange have suggested the nginx headers (shown below) are responsible for difference:
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
I guess the purpose of this post was to confirm what I'm observing is actually "intended" or normal and it wasn't some strange way I've configured my reverse proxies.