Issue with Nginx Proxy Passing to Strapi for Authentication on EC2 Instance

loick · April 11, 2024, 4:57pm

Hello Strapi Community,

I am encountering an issue with my Strapi application, which is running alongside a Next.js project on an AWS EC2 instance. Both applications are running locally on the instance, managed by PM2. The Next.js project runs on port 3000, and the Strapi CMS runs on port 1337.

I’ve set up Nginx on the EC2 instance to serve both applications, with specific routes proxying to the Strapi CMS. The Nginx configuration allows access to the Strapi admin panel through a /admin route and API requests through an /api route. Direct access to Strapi via its port (http://:1337/admin) works perfectly, including logging in, indicating that Strapi and PM2 are correctly configured.

However, when I try to access the Strapi admin panel through the Nginx proxy (http:///admin), I face issues logging in. The login page loads, but upon submitting my credentials, it seems to fail without any specific error message that points to the root cause.

Here is the relevant part of my Nginx configuration:

server {
    listen 80;
    server_name <public-ip>; # Public IP address of the EC2 instance

    location /admin {
        proxy_pass http://localhost:1337/admin;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    location /api {
        proxy_pass http://localhost:1337/api;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

Direct access (bypassing Nginx) to the Strapi instance works fine, including authentication. This leads me to believe the issue lies in how Nginx is handling the proxy or cookie/session forwarding.

I’ve tried various adjustments to the Nginx configuration, such as adding headers for forwarding IP and protocol, without success. I’m looking for insights or suggestions on how to resolve this login issue through the Nginx proxy. Is there a known compatibility issue or a required configuration that I might be missing?

Any help or guidance would be greatly appreciated. Thank you in advance for your time and assistance.

Best regards,