localhost

Summary

This documentation introduces four main types of health check endpoints.

https://docs.gitlab.com/administration/monitoring/health_check/

GET http://localhost/-/health
GET http://localhost/health_check
GET http://localhost/-/readiness
GET http://localhost/-/liveness

Among these, /health_check cannot be accessed using http://localhost, and a redirect with status code 301 occurs. This redirect destination is https://hostname:443/health_check . And the /health_check endpoint works if accessing to this URL. (However, depending on DNS or network settings, IP address allowlist settings may be needed.)

The remaining three can be accessed using the methods described in the documentation.

Steps to reproduce

Spin up the GitLab instance. This instance should use HTTPS and Redirect HTTP requests to HTTPS should be enabled.
Run the following commands from console
1. curl http://localhost/-/health
2. curl http://localhost/health_check
3. curl http://localhost/-/readiness
4. curl http://localhost/-/liveness

What is the current bug behavior?

$ curl http://localhost/-/health
GitLab OK

$ curl http://localhost/-/health_check
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

$ curl http://localhost/-/readiness
{"status":"ok","master_check":[{"status":"ok"}]}

$ curl http://localhost/-/liveness
{"status":"ok"}

$ curl http://localhost/health_check -iL
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 17 Nov 2025 05:55:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://<hostname>:443/health_check

HTTP/2 200 
server: nginx
date: Mon, 17 Nov 2025 05:55:46 GMT
content-type: text/plain; charset=utf-8
content-length: 7
cache-control: max-age=1, private, must-revalidate
last-modified: Mon, 17 Nov 2025 05:55:44 GMT
nel: {"max_age": 0}
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-gitlab-meta: {"correlation_id":"01KA864BH805EBQ5Y3GZHRM9Q2","version":"1"}
x-permitted-cross-domain-policies: none
x-request-id: 01KA864BH805EBQ5Y3GZHRM9Q2
x-xss-protection: 0
strict-transport-security: max-age=63072000
referrer-policy: strict-origin-when-cross-origin

success

What is the expected correct behavior?

http://localhost/health_check is accesible without redirection.

Relevant logs


  127.0.0.1 - - \\\\\\\[17/Nov/2025:05:59:24 +0000\\\\\\\] "GET /\\\*\\\*health\\\*\\\*\\\\\\\_check HTTP/1.1" 301 162 "" "curl/8.11.1" -

Details of package version

Provide the package version installation details


  $ sudo rpm -qa | grep 'gitlab'  \\\*\\\*gitlab\\\*\\\*-ee-18.5.2-ee.0.amazon2023.x86_64

Edited Nov 19, 2025 by Kosuke Kamiya