HTTP 400 error returned by Bitbucket Server 5.5.x, 5.6.x behind nginx Edited

Observed during fresh install of Bitbucket Server 5.5.x and 5.6.x.  Earlier versions up to 5.4.4 are not affected. 

Operating system - CentOS 7.4

nginx version: nginx/1.12.2

Bitbucket Server bitbucket.properties

cat /var/atlassian/application-data/bitbucket/shared/bitbucket.properties

server.proxy-port=443
server.proxy-name=bitbucket.domain.com
server.scheme=https

 Nginx configuration:

cat /etc/nginx/conf.d/bitbucket.conf 

server {
listen 80;
server_name bitbucket.domain.com;
return 301 https://$server_name$request_uri;
}
server {
    listen       443 ssl;
    server_name  bitbucket.domain.com;
    error_log /var/log/nginx/bitbucket_error.log info;
    ssl                  on;
    ssl_dhparam /path/to/dhparam;
    ssl_certificate      /path/to/ssl/cert;
    ssl_certificate_key  /path/to/ssl/key;
    resolver 8.8.8.8;
    ssl_session_timeout  5m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers AES256+EECDH:AES256+EDH:AES128+EECDH:!aNULL;
    ssl_session_cache shared:SSL:10m;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_prefer_server_ciphers   on;
    add_header Strict-Transport-Security "max-age=63072000; preload";

location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Host $http_host;
proxy_ssl_session_reuse off;
proxy_redirect off;
proxy_pass http://localhost:7990;
client_max_body_size 1024M;
  }
}

 

2 answers

1 accepted

0 votes

 

Hi Alexander! A 400 error is basically a bad http request. Looking at the config details in there, seems like the port forwarding might be wrong. You can revisit your setup according to the details on the page Securing Bitbucket Server behind Nginx using SSL.

 

Let us know if this fixed the issue!

Best regards,

Ana

 

Then why 5.4.4 works on the same server exactly with the same settings?

The error was caused by excessive proxy_set_header directives in nginx configuration below:

    proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Host $http_host;
proxy_ssl_session_reuse off;
proxy_redirect off;

Error is gone after removing extra proxy_set_header Host as per Securing Bitbucket Server behind nginx using SSL

proxy_set_header Host $host;
proxy_set_header Host $http_host;
 

So, the final correct configuration is documented at the above Atlassian link

Hi Alexander, 

 

it will be nice if you provide error logs from nginx and bitbucket app.

Because I have checked on other instances Bitbucket 5.6.1 behind nginx.

And other instances, e.g. I have googled with nginx/1.10.3 (Ubuntu) and bitbucket.

It works.

Could we check it together? 

 

Thanks

Cheers,

Gonchik Tsymzhitov

Suggest an answer

Log in or Join to answer

Stay in touch

Be the first to know what's trending on Atlassian Community

Community showcase
Piotr Plewa
Published Dec 27, 2017 in Bitbucket

Recipe: Deploying AWS Lambda functions with Bitbucket Pipelines

Bitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda&nbsp...

239 views 0 2
Read article