From 4efb0365c8eac78b2f54420bb957f8ac286695fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=80=81=E5=91=A8=E9=83=A8=E8=90=BD?=
 <31075951+laozhoubuluo@users.noreply.github.com>
Date: Sat, 21 Feb 2026 20:06:20 +0800
Subject: [PATCH 1/2] fix: host header should use $http_host on nginx

Related Issue: https://github.com/rustfs/rustfs/issues/460
---
 docs/installation/docker/index.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/installation/docker/index.md b/docs/installation/docker/index.md
index f875ea8..927b9f5 100644
--- a/docs/installation/docker/index.md
+++ b/docs/installation/docker/index.md
@@ -325,7 +325,7 @@ server {
 
     # 反向代理 RustFS S3 API
     location / {
-        proxy_set_header Host $host;
+        proxy_set_header Host $http_host;
         proxy_set_header X-Real-IP         $remote_addr;
         proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
@@ -386,7 +386,7 @@ server {
 
     # 反向代理 RustFS 控制台
     location / {
-        proxy_set_header Host $host;
+        proxy_set_header Host $http_host;
         proxy_set_header X-Real-IP         $remote_addr;
         proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;

From 4b8e54589c56a6e795d323e1e9d87af204a1dbb0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=80=81=E5=91=A8=E9=83=A8=E8=90=BD?=
 <31075951+laozhoubuluo@users.noreply.github.com>
Date: Sat, 21 Feb 2026 20:10:19 +0800
Subject: [PATCH 2/2] fix: enable proxy_cache_convert_head off and add tips at
 nginx config

Add important note about 'proxy_cache_convert_head off' in Nginx configuration to prevent S3 V4 signature verification failures.
Related Issue: https://github.com/rustfs/rustfs/issues/717
---
 docs/integration/nginx.md | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/docs/integration/nginx.md b/docs/integration/nginx.md
index 362a380..95b673c 100644
--- a/docs/integration/nginx.md
+++ b/docs/integration/nginx.md
@@ -61,7 +61,7 @@ server {
       proxy_set_header X-Forwarded-Proto $scheme;
 
       # Disable Nginx from converting HEAD to GET
-      # proxy_cache_convert_head off;
+      proxy_cache_convert_head off;
 
       proxy_connect_timeout 300;
       # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
@@ -101,7 +101,7 @@ server {
       proxy_set_header X-Forwarded-Proto $scheme;
 
       # Disable Nginx from converting HEAD to GET
-      # proxy_cache_convert_head off;
+      proxy_cache_convert_head off;
 
       proxy_connect_timeout 300;
       # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
@@ -122,6 +122,18 @@ server {
 
 ~~~
 
+#### 重要说明
+
+> [!WARNING]
+> **关键配置项**
+> 
+> 在 Nginx 配置中**必须添加** `proxy_cache_convert_head off` 指令，原因如下：
+> 
+> - Nginx 默认会将 HEAD 请求转换为 GET 请求以便缓存
+> - 这种转换会导致 S3 V4 签名验证失败
+> - 症状表现为访问存储桶时报错 `Bucket not found` 或 `403 AccessDenied`
+> 
+> 参考 [Nginx 官方文档](http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_convert_head)。
 
 ## 三、多机负载均衡
 
@@ -215,4 +227,4 @@ server {
       proxy_pass http://127.0.0.1:9001; 
    }
 }
-~~~
\ No newline at end of file
+~~~