HTTP 497 Status Code 😱

By Meabed on 2018-08-12 #webserver #nginx #http #ssl

Problem

While deploying SSL web application I came across HTTP 497 Status Code googling it shows that nginx says The plain HTTP request was sent to HTTPS port

Explanation

The HTTP server know that connection is SSL by the URI scheme and the default is http, so you have to define https in URI to access SSL content URI Component

scheme://host:port/path
http[s]://127.0.0.1:[80,8080,443,8443,...]/path

This unwanted behaviour exist in almost every website on the internet except my website :) because i fixed it.

Example

Trying google - http://google.com:443
$ curl -Iv http://google.com:443
* Rebuilt URL to: http://google.com:443/
*   Trying 216.58.207.14...
* TCP_NODELAY set
* Connected to google.com (216.58.207.14) port 443 (#0)
> HEAD / HTTP/1.1
> Host: google.com:443
> User-Agent: curl/7.54.0
> Accept: */*
>
* Recv failure: Connection reset by peer
* stopped the pause stream!
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
Trying amazon - http://amazon.com:443
$ curl -Iv http://amazon.com:443
* Rebuilt URL to: http://amazon.com:443/
*   Trying 176.32.98.166...
* TCP_NODELAY set
* Connected to amazon.com (176.32.98.166) port 443 (#0)
> HEAD / HTTP/1.1
> Host: amazon.com:443
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 400 Bad Request
HTTP/1.1 400 Bad Request
< Server: Server
Server: Server
< Date: Sat, 11 Aug 2018 21:19:56 GMT
Date: Sat, 11 Aug 2018 21:19:56 GMT
< Content-Type: text/html
Content-Type: text/html
< Content-Length: 265
Content-Length: 265
< Connection: close
Connection: close

<
* Closing connection 0
Trying nginx - http://nginx.com:443
$ curl -Iv http://nginx.com:443
* Rebuilt URL to: http://nginx.com:443/
*   Trying 95.211.80.227...
* TCP_NODELAY set
* Connected to nginx.com (95.211.80.227) port 443 (#0)
> HEAD / HTTP/1.1
> Host: nginx.com:443
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 400 Bad Request
HTTP/1.1 400 Bad Request
< Server: nginx/1.13.11
Server: nginx/1.13.11
< Date: Sat, 11 Aug 2018 21:47:34 GMT
Date: Sat, 11 Aug 2018 21:47:34 GMT
< Content-Type: text/html
Content-Type: text/html
< Content-Length: 272
Content-Length: 272
< Connection: close
Connection: close

<
* Closing connection 0

The Fix

In nginx you can handle error with error_page directive as below:

// replace the scheme with https and change port if needed etc..
error_page 497 https://$host:$server_port$request_uri;
Trying meabed - http://meabed.com:443
$ curl -Iv http://meabed.com:443
* Rebuilt URL to: http://meabed.com:443/
*   Trying 51.255.79.52...
* TCP_NODELAY set
* Connected to meabed.com (51.255.79.52) port 443 (#0)
> HEAD / HTTP/1.1
> Host: meabed.com:443
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
HTTP/1.1 302 Moved Temporarily
< Server: nginx
Server: nginx
< Date: Sat, 11 Aug 2018 21:24:09 GMT
Date: Sat, 11 Aug 2018 21:24:09 GMT
< Content-Type: text/html
Content-Type: text/html
< Content-Length: 154
Content-Length: 154
< Connection: close
Connection: close
< Location: https://meabed.com:443/
Location: https://meabed.com:443/
< Strict-Transport-Security: max-age=31536000;
Strict-Transport-Security: max-age=31536000;

<
* Closing connection 0
Reading list:
...