I am really stumped. I am trying to send all https traffic from an upstream server to the client through a reverse-proxy server:

CLIENT <=> PROXY <=> UPSTREAM

The upstream server is apache. When the proxy server is nginx everything works fine. But when I try using AWS API Gateway as the proxy server and the URI points to a directory, the upstream server refuses to perform redirects internally in order to get to the directory's index.html file. As a result, a 301 gets sent to the client and thus the client's url bar ends up showing the upstream's url (giving away its secret location!). I am stumped why this is happening. I don't see any obvious headers present in the request from the AWS API Gateway proxy that would cause Apache to refuse internal redirects. I upped my apache logs to level trace5, and I see that I get this log (with addresses replaced with X's):

... [Timestamp] [core:trace3] [pid 3954] request.c(310): [client X.X.X.X:29756] request authorized without authentication by access_checker_ex hook: /about [Timestamp] [core:trace3] [pid 3954] request.c(367): [client X.X.X.X:29756] fixups hook gave 301: /about [Timestamp] [http:trace3] [pid 3954] http_filters.c(1125): [client X.X.X.X:29756] Response sent with status 301, headers: ...

So the decision to perform an external redirect seems to happen at the stage reading "fixups hook gave 301". My questions in summary: