Http redirected to https when using fqdn name

Question

I have configured my DNS service (bind9) on an Ubuntu server that has a public IP address. I have added in /etc/bind/db.mydomain.com (my domain zone) as an "A" record (with a public IP address) of a machine: machine1.mydomain.com A 153.203.52.35.

I can ping machine1.mydomain.com from the internet. I can also SSH to it without issue. The problem is that any attempt to reach the website hosted on this machine with a browser (http://machine1.mydomain.com) is automatically redirected to https (https://machine1.mydomain.com) and this gives the following error: "An error occurred during a connection to machine1.mydomain.com. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG".

Telnet to port 80 of the machine works fine:

$ telnet machine1.mydomain.com 80
Trying 153.203.52.35...
Connected to machine1.mydomain.com.
Escape character is '^]'.

My http server (nginx) configuration is configured with port 80 and no https redirection is configured. When I try to reach the website using the IP address of the server (http://153.203.52.35) the webpage displays with no issue and no redirection to https is done.

I am sure that the https redirection in my case has nothing to do with my nginx (see below my enabled site in nginx)

server {
        listen 80 default_server;
        listen [::]:80 default_server;
        root   /var/www/mydomain.com;
        index index.php index.html index.htm ;
        server_name mydomain.com;
        location / {
                try_files $uri $uri/ =404;
        }
                location ~ \.php$ {
        include snippets/fastcgi-php.conf;
       fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_param   SCRIPT_FILENAME  /var/www/mydomain.com$fastcgi_script_name;
}
}

I spent 2 days trying to figure out what is happening without success. Http redirection is usually done at http server level not in the DNS server. I am confused.

Any remark or advice that solve this issue will save me time and money.

What TLD is your domain under (if you don't want to reveal the whole thing)? What results do you get from `curl -k -L -i http://machine1.mydomain.com`? — u1686_grawity, May 01 '19 at 13:18
hello,Thank you for your message. the TLD is ".life" I am trying with apache now but still the same issue. The output of curl -k -L -i http://machine1.mydomain.com is: HTTP/1.1 200 OK Date: Wed, 01 May 2019 14:10:36 GMT Server: Apache/2.4.35 (Unix) OpenSSL/1.0.2m mod_ftp/1.0.1-dev Last-Modified: Sat, 27 Apr 2019 05:15:31 GMT ETag: "454-5877c23e22a2a" Accept-Ranges: bytes Content-Length: 1108 Content-Type: text/html HTTP Server powered by Apache — user2959348, May 01 '19 at 14:14
I can see the following: Request done with browser (firefox, chrome): client (browser) ------TLSv1 Client Hello---> http server http server -----400 Bad Request-------> client (browser) Request done with curl : client (browser) ------ HTTP GET / HTTP/1.1------> http server http server ----- HTTP HTTP/1.1 200 OK-------> client (browser) — user2959348, May 02 '19 at 09:00

score 0 · Accepted Answer · answered May 04 '19 at 13:16

Since the website could be shown with curl command, the only remaining thing was to clear the DNS and cache from the browser using the following post: How to stop an automatic redirect from “http://” to “https://” in Chrome. The problem is solved.

Http redirected to https when using fqdn name

1 Answers1