HTTP 400 error returned by Bitbucket Server 5.5.x, 5.6.x behind nginx Edited

Observed during fresh install of Bitbucket Server 5.5.x and 5.6.x.  Earlier versions up to 5.4.4 are not affected. 

Operating system - CentOS 7.4

nginx version: nginx/1.12.2

Bitbucket Server bitbucket.properties

cat /var/atlassian/application-data/bitbucket/shared/bitbucket.properties

server.proxy-port=443
server.proxy-name=bitbucket.domain.com
server.scheme=https

 Nginx configuration:

cat /etc/nginx/conf.d/bitbucket.conf 

server {
listen 80;
server_name bitbucket.domain.com;
return 301 https://$server_name$request_uri;
}
server {
    listen       443 ssl;
    server_name  bitbucket.domain.com;
    error_log /var/log/nginx/bitbucket_error.log info;
    ssl                  on;
    ssl_dhparam /path/to/dhparam;
    ssl_certificate      /path/to/ssl/cert;
    ssl_certificate_key  /path/to/ssl/key;
    resolver 8.8.8.8;
    ssl_session_timeout  5m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers AES256+EECDH:AES256+EDH:AES128+EECDH:!aNULL;
    ssl_session_cache shared:SSL:10m;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_prefer_server_ciphers   on;
    add_header Strict-Transport-Security "max-age=63072000; preload";

location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Host $http_host;
proxy_ssl_session_reuse off;
proxy_redirect off;
proxy_pass http://localhost:7990;
client_max_body_size 1024M;
  }
}

 

2 answers

1 accepted

0 votes
Accepted answer

 

Hi Alexander! A 400 error is basically a bad http request. Looking at the config details in there, seems like the port forwarding might be wrong. You can revisit your setup according to the details on the page Securing Bitbucket Server behind Nginx using SSL.

 

Let us know if this fixed the issue!

Best regards,

Ana

 

Then why 5.4.4 works on the same server exactly with the same settings?

The error was caused by excessive proxy_set_header directives in nginx configuration below:

    proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Host $http_host;
proxy_ssl_session_reuse off;
proxy_redirect off;

Error is gone after removing extra proxy_set_header Host as per Securing Bitbucket Server behind nginx using SSL

proxy_set_header Host $host;
proxy_set_header Host $http_host;
 

So, the final correct configuration is documented at the above Atlassian link

Hi Alexander, 

 

it will be nice if you provide error logs from nginx and bitbucket app.

Because I have checked on other instances Bitbucket 5.6.1 behind nginx.

And other instances, e.g. I have googled with nginx/1.10.3 (Ubuntu) and bitbucket.

It works.

Could we check it together? 

 

Thanks

Cheers,

Gonchik Tsymzhitov

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 06, 2018 in Bitbucket

Upgrade Best Practices

Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...

433 views 6 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you