Magento Admin Error Redirects Too Many times when configuring Varnish with SSL

Keywords: Magento - AWS - Technical issue - Secure Connections (SSL/HTTPS)

bnsupport ID: 8064bd87-cbe1-dfb5-8409-048188cc4024

bndiagnostic output:

? Apache: Found possible issues
? Resources: Found possible issues
https://docs.bitnami.com/general/apps/wordpress/troubleshooting/debug-errors-apache/
https://docs.bitnami.com/bch/apps/moodle/troubleshooting/deny-connections-bots-apache/

bndiagnostic failure reason: The documentation did not make any significant change

Description:
Hello Everyone,
I’m trying to configure Varnish with SSL.I followed the bitnami’s documentation for that:
https://docs.bitnami.com/aws/apps/wordpress/administration/configure-use-varnish/

Now Apache is running on port 81 & Varnish on port 80.

I added the required lines in my /opt/bitnami/apache2/conf/bitnami/bitnami.conf file
specified in the above guide. Here’s my bitnami.conf file:

# Default Virtual Host configuration.

<IfVersion < 2.3 >
  NameVirtualHost *:80
  NameVirtualHost *:443
</IfVersion>


<VirtualHost _default_:80>
  DocumentRoot "/opt/bitnami/apache2/htdocs"
  # BEGIN: Support domain renewal when using mod_proxy without Location
  <IfModule mod_proxy.c>
    ProxyPass /.well-known !
  </IfModule>

  # END: Support domain renewal when using mod_proxy without Location


  # BEGIN: Enable HTTP to HTTPS redirection
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteCond %{HTTP_HOST} !^localhost
  RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known
  RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
  # END: Enable HTTP to HTTPS redirection


  # BEGIN: Enable non-www to www redirection
  RewriteCond %{HTTP_HOST} !^www\. [NC]
  RewriteCond %{HTTP_HOST} !^localhost
  RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known
  RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=permanent,L]



  # END: Enable non-www to www redirection
  <Directory "/opt/bitnami/apache2/htdocs">
    Options Indexes FollowSymLinks
    AllowOverride All
    <IfVersion < 2.3 >
      Order allow,deny
      Allow from all
    </IfVersion>

    <IfVersion >= 2.3 >
      Require all granted
    </IfVersion>
  </Directory>

Error Documents
ErrorDocument 503 /503.html

Bitnami applications installed with a prefix URL (default)
Include “/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf”

BEGIN: Support domain renewal when using mod_proxy within Location
<Location /.well-known>

ProxyPass !

END: Support domain renewal when using mod_proxy within Location
Protocols h2 h2c http/1.1
H2Direct on
Default SSL Virtual Host configuration.
<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP$
SSLPassPhraseDialog builtin
SSLSessionCache “shmcb:/opt/bitnami/apache2/logs/ssl_scache(512000)”
SSLSessionCacheTimeout 300

BEGIN: Support domain renewal when using mod_proxy without Location
Error Documents
ErrorDocument 503 /503.html

Bitnami applications installed with a prefix URL (default)
Include “/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf”

BEGIN: Support domain renewal when using mod_proxy within Location
<Location /.well-known>

ProxyPass !

END: Support domain renewal when using mod_proxy within Location
Protocols h2 h2c http/1.1
H2Direct on
Bitnami applications that uses virtual host configuration
Include “/opt/bitnami/apache2/conf/bitnami/bitnami-apps-vhosts.conf”

Then I restarted the apache & varnish but after that both frontend and admin shows Error Redirects too many times.

After reading about some 20 forums ,I followed this one :
Keywords: Magento - Microsoft Azure - Technical issue - Secure Connections (SSL/HTTPS) bnsupport ID: 251bd42b-7f01-882a-c1e5-98e5df0c8353 Description: I have just changed to ssl running the bncert-tool, front end works fine but I get the redirect error when trying to access the admin site. Have uploaded a support package: 251bd42b-7f01-882a-c1e5-98e5df0c8353
And Commented out these lines from in bitnami.conf file:

BEGIN: Enable HTTP to HTTPS redirection
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^localhost
RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+$
RewriteCond %{REQUEST_URI} !^/.well-known
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
END: Enable HTTP to HTTPS redirection

After this frontend started working but admin was still showing Error Redirects too many times.
For admin ,it was told in above forum that I have to disable http to https redirection by running bncert-tool again.But when I ran it, it gave this warning :

Warning: Custom redirections are not supported in the Bitnami Magento Stack. This tool will not be able to enable/disable redirections.

Now I am stuck and can’t move forward.I hope that bitnami team will help me with this.
Eagerly waiting for your response

Sorry for missing this one above .This was the forum I refered to:

Hi @dynamicstudio03,

You need to configure Varnish to use SSL:

https://docs.bitnami.com/aws/apps/wordpress/administration/configure-use-varnish/#use-varnishtm-with-ssl

Regards,
Michiel

Thanks Michiel for your reply

As I said in my post earlier, I already tried changes shown in the forum you sent but following this forum led to the Error Redirect too many times

Then to solve this issue I followed this forum

According to the forum I commented out these life from bitnami.conf

BEGIN: Enable HTTP to HTTPS redirection
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^localhost
RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+$
RewriteCond %{REQUEST_URI} !^/.well-known
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
END: Enable HTTP to HTTPS redirection

After this frontend started working but admin is still showing Error Redirects too many times

Please guide me further how to solve this issue
Thank again

This is the link for my admin
https://www.saleonlinefashion.com/admin

And this is my latest bitnami.conf file, you can check If I did something wrong.

https://drive.google.com/file/d/1BcF35a7sDrqwzf3YO6CFvqtklVS9-jt5/view?usp=sharing

Hi @dynamicstudio03,

It seems you are proxying all HTTPS requests to Apache instead of Varnish:

  ProxyPreserveHost On
  RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
  ProxyPass "/"  "http://127.0.0.1:80/"
  ProxyPassReverse "/"  "http://127.0.0.1:80/"

Can you change to port 81?

  ProxyPreserveHost On
  RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
  ProxyPass "/"  "http://127.0.0.1:81/"
  ProxyPassReverse "/"  "http://127.0.0.1:81/"

Regards,
Michiel

Thanks again
But sir I have clearly written in my first post that my Apache is running on port 81 and Varnish on port 80.Then according to this ,isn’t my code correct? Please look into my issue seriously.

Moreover ,I thought of a solution to my problem , it goes like this -

If I change my
Varnish port to 81
Apache port to 80
and then proxy all Http and Https requests to port 81 using this code

ProxyPreserveHost On
RequestHeader set “X-Forwarded-Proto” expr=%{REQUEST_SCHEME}
ProxyPass “/” “http://127.0.0.1:81/
ProxyPassReverse “/” “http://127.0.0.1:81/

Will Varnish work correctly with this method? and if not please help me find another solution.

Turns out that this method didn’t worked and resulted in Error 503 Backend fetch failed.
Please help me find another solution.
Waiting for your response

Hi @dynamicstudio03,

Sorry for not reading that correctly.

Can you check if varnish is running?

sudo /opt/bitnami/ctlscript.sh status

It should say “varnish already running”

If it’s not running, can you try starting it?

sudo /opt/bitnami/ctlscript.sh varnish start

Regards,
Michiel

This is the result
Capture

Sir I have tried almost all common troubleshooting method but none of them worked.
This problem would not be solved without taking a close look at all configuration files and finding what is causing Redirection loop.
Please atleast take a closer look into my problem ,I will provide you every required detail.
Waiting for your response

Hi @dynamicstudio03,

Can you run the bnsupport again so I can check your latest configuration?

Regards,
Michiel

Sir I have updated bnsupport.Please check that.

Also while running bnsupport tool ,found these apache issues:

Please let me know if they are causing the problem.
Thanks again

This is the support id :slight_smile:
9e941d95-5ada-9be3-bdea-42d616e4d449

Hi @dynamicstudio03,

You have both Apache and Varnish configured to listen to port 81:

Apache:

51  #Listen xx.xx.xx.xx:80
52  Listen 81

Varnish:

  8 backend default {
  9     .host = "127.0.0.1";
 10     .port = "81";
 11     .first_byte_timeout = 600s;
 12     .probe = {

Could you try configuring Varnish to use port 80:

  8 backend default {
  9     .host = "127.0.0.1";
 10     .port = "80";
 11     .first_byte_timeout = 600s;
 12     .probe = {

And then proxy HTTPS requests to Varnish:

  <VirtualHost _default_:443>
      ...
      ProxyPreserveHost On
      RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
      ProxyPass "/"  "http://127.0.0.1:80/"
      ProxyPassReverse "/"  "http://127.0.0.1:80/"

Best regards,
Michiel

But sir bitnami’s document - https://docs.bitnami.com/aws/apps/magento/administration/configure-use-varnish/#use-varnishtm-with-ssl
Says that Varnish™ configuration file at /opt/bitnami/varnish/etc/varnish/magento.vcl contains the port that Apache is listening on. Update it to reflect the new Apache port.

And my apache port is 81 ,so it put that in magento.vcl
Please let me know if this is wrong .
Thanks again

Hi @dynamicstudio03,

You are absolutely right, sorry for that. Could you try running these commands?

cd /opt/bitnami/apps/magento
php bin/magento config:set web/secure/use_in_adminhtml 1
php bin/magento cache:clean 

And then try again? Please let me know if it works.

Regards,
Michiel


Please click on :heart: if you think my answer was helpful.


Sir this option Use Secure URLs in Admin was already Yes in admin panel.
I think error is with apache ,can you please check this apache error log file as I’m unable to understand it:
https://drive.google.com/file/d/1fZZ3L2LOcK8XQiIGJz978vVmpOPFhjnb/view?usp=sharing

Hi @dynamicstudio03,

Did you clean the cache?

php bin/magento cache:clean

Could you try it?

Regards,
Michiel

Yes sir I cleared cache multiple times but through this command:
sudo /opt/bitnami/apps/magento/htdocs/bin/magento-cli cache:clean

But this doesn’t changed anything,please help me get out this problem
Waiting for a genuine reply

Hi @dynamicstudio03,

Did you run the command with sudo?

cd /opt/bitnami/apps/magento
sudo php bin/magento cache:clean 

Could you try executing the same steps I followed:

- launch a fresh Magento instance
- Configure the DNS to point to the new IP
- Run the bncert tool to configure SSL
- Run the following commands:
cd /opt/bitnami/apps/magento
sudo php bin/magento config:set web/secure/use_in_adminhtml 1
sudo php bin/magento cache:clean 

After that you should be able to login.

Regards,
Michiel