seo Question posted in
Some basic information to get you started with this can be found here.

403 response when trying to redirect using nginx to API Gateway – SEO

I have the following API: https://kdhdh64g.execute-api.us-east-1.amazonaws.com/dev/user/${user-id} which proxies to a Lambda function.

When the user hits /user/1234 the function checks if 1234 exists and return the info for that user or a redirection to /users

What I want is to create is a redirection with nginx. For SEO, I want a simple 302: return 302 the-url. If someone goes to mySite.com it should redirect to https://kdhdh64g.execute-api.us-east-1.amazonaws.com/dev

No matter what I do, I always receive a 403 with the following:

x-amzn-errortype: MissingAuthenticationTokenException
x-amz-apigw-id: QrFd6GByoJHGf1g=
x-cache: Error from cloud-front
via: 1.1 dfg35721fhfsgdv36vs52fa785f5g.cloudfront.net (CloudFront)

I will appreciate help.

Tags:

2

Answers


  1. 0

    If you are using the reverse proxy set up in nginx, add the below line in the config file and restart or reload the nginx configuration.

    proxy_set_header Host $proxy_host;
    Login or Signup to reply.
  2. 0

    I run into the same issue trying to run a proxy on Nginx towards an API Gateway which triggers a Lambda function on AWS. When I read the error logs on Nginx, I noticed that it had to do with the SSL version which Nginx was using to connect to API Gateway, the error was the following:

    *1 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to upstream

    I managed to fix it by adding this line:

    proxy_ssl_protocols  TLSv1.3;

    I attach the complete Nginx configuration in case anyone wants to build a static IP proxy on Nginx that redirects traffic towards a Lambda function:

    server {
listen 443 ssl;
server_name $yourservername;

location / {
    proxy_pass https://$lambdafunctionaddress;
    proxy_ssl_server_name on;
    proxy_redirect off;
    proxy_ssl_protocols  TLSv1.3;
}
ssl_certificate /home/ubuntu/.ssl/ca-chain.crt;
ssl_certificate_key /home/ubuntu/.ssl/server.key;

    }

    Also it is important to consider that all required information must be included on the request:

    curl -X POST https://$yourservername/env/functionname -H "Content-Type: application/json" -H "x-api-key: <yourapikey>" -d $payload
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search