From 411d0064e2b6e1602ea1510491a942598418f681 Mon Sep 17 00:00:00 2001 From: Abel Ferreira Date: Sat, 12 Dec 2020 21:13:00 -0300 Subject: [PATCH] update readme with DEFAULT_HTTPS_REDIRECT_PORT --- README.md | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 834afd8..3f5a0d5 100644 --- a/README.md +++ b/README.md @@ -128,11 +128,11 @@ backend container. Your backend container should then listen on a port rather than a socket and expose that port. ### FastCGI Backends - + If you would like to connect to FastCGI backend, set `VIRTUAL_PROTO=fastcgi` on the backend container. Your backend container should then listen on a port rather than a socket and expose that port. - + ### FastCGI File Root Directory If you use fastcgi,you can set `VIRTUAL_ROOT=xxx` for your root directory @@ -144,6 +144,12 @@ To set the default host for nginx use the env var `DEFAULT_HOST=foo.bar.com` for $ docker run -d -p 80:80 -e DEFAULT_HOST=foo.bar.com -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy +### Default https redirect port + +When `HTTPS_METHOD=redirect` defined in container, the default https redirect port will be 443 for all conteiners, set the env var `DEFAULT_HTTPS_REDIRECT_PORT=443` in nginx container to change this behavior, for example: + + $ docker run -d -p 80:80 -e DEFAULT_HTTPS_REDIRECT_PORT=8443 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy + ### Separate Containers @@ -292,17 +298,17 @@ site after changing this setting, your browser has probably cached the HSTS poli redirecting you back to HTTPS. You will need to clear your browser's HSTS cache or use an incognito window / different browser. -### HTTPS External redirect port +### HTTPS External redirect port per container config -By default when `HTTPS_METHOD=redirect`. nginx will redirect connections on port HTPP 80 to default HTTPS 443 port, with `HTTPS_REDIRECT_PORT=port` you can change this behavior to another port, for example `HTTPS_REDIRECT_PORT=8443` +By default when `HTTPS_METHOD=redirect` nginx will redirect connections on port HTPP 80 to 443 port or value defined in `DEFAULT_HTTPS_REDIRECT_PORT`, with `HTTPS_REDIRECT_PORT=port` you can change this behavior to another port, for example `HTTPS_REDIRECT_PORT=8443` ### HSTS -By default, [HTTP Strict Transport Security (HSTS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) -is enabled with `max-age=31536000` for HTTPS sites. You can disable HSTS with the environment variable -`HSTS=off` or use a custom HSTS configuration like `HSTS=max-age=31536000; includeSubDomains; preload`. -*WARNING*: HSTS will force your users to visit the HTTPS version of your site for the `max-age` time - -even if they type in `http://` manually. The only way to get to an HTTP site after receiving an HSTS +By default, [HTTP Strict Transport Security (HSTS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) +is enabled with `max-age=31536000` for HTTPS sites. You can disable HSTS with the environment variable +`HSTS=off` or use a custom HSTS configuration like `HSTS=max-age=31536000; includeSubDomains; preload`. +*WARNING*: HSTS will force your users to visit the HTTPS version of your site for the `max-age` time - +even if they type in `http://` manually. The only way to get to an HTTP site after receiving an HSTS response is to clear your browser's HSTS cache. ### Basic Authentication Support