I have no idea why after Jenkins is updated to version 1.591 (Ubuntu Server 12.04), the originally correctly set up reverse proxy now becomes broken. My current setting is exactly the same as said in Jenkins wiki:

ProxyPass /jenkins http://localhost:8081/jenkins nocanon
ProxyPassReverse /jenkins http://localhost:8081/jenkins
ProxyPreserveHost On
ProxyRequests Off
AllowEncodedSlashes NoDecode
<Proxy http://localhost:8081/jenkins*>
Order deny,allow
Allow from all
</Proxy>

also --prefix=/jenkins has been added into /etc/default/jenkins file

Is that a bug in Jenkins?

I was faced with this issue with Jenkins as a Windows Service Package.

According to their wiki:

Make sure the Jenkins URL configured in the System Configuration matches the URL you're using to access Jenkins.

To reach the System Configuration:

1. Go to your Jenkins page
2. Click Manage Jenkins
3. Click Configure System
4. Scroll to Jenkins Location and find Jenkins URL.

Ensure that port value matches with the port value set in the <arguments> section of the jenkins.xml file located in the Jenkins folder on your machine.

For me, the fix was to add:

RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"

This made it stop complaining.

It turns out everything works fine even though the annoying message persistently appears. I think it is a minor bug of the version.

Here's a link clearly states somethings are changed after 1.552 so adding these new lines;

 nocanon and AllowEncodedSlashes

Solved my issue and warning gone.

For nginx, this also helped me:

proxy_redirect      http://localhost:8080 https://your.ssl.domain.name

Don't include any trailing slashes to the above urls, and also not to the proxy_pass url.

Jenkins has proactive monitoring to make sure forward and reverse proxy is configured correctly. In version 1.552, these tests were improved so that incorrect proxy setups that were previously not flagged as broken are now detected. Starting with version 1.572, even Jenkins instances that do not rely on reverse proxy will display this warning.

Fixing a broken reverse proxy configuration is highly dependent on your web server and web application container, which is why there are so many other answers posted to your question. The Jenkins Wiki article on this topic, "Jenkins says my reverse proxy setup is broken", describes several ways to fix this in the comments.

From the above article:

For a reverse proxy to work correctly, it needs to rewrite both the request and the response.

But correct reverse proxying also involves one of two options, either:

1. rewriting the response; or
2. setting the X-Forwarded-Host (and perhaps X-Forwarded-Port) header on the forwarded request.

In my case, it was actually a problem with the first option, where my response rewriting was not properly encoding slashes. If you are using Apache HTTPD with Tomcat, you need to add support for encoded slashes to both servers, not just Apache HTTPD.

These are the instructions for resolving this problem in my specific case: Jenkins 2.1.41 on an Amazon Linux EC2 instance, with Apache 2.4, Tomcat 8.5 and Tomcat Connector.

In /etc/httpd/conf.d/ssl.conf add the following line for your Jenkins Host or VirtualHost:

AllowEncodedSlashes NoDecode

Add the following line to /usr/share/tomcat8/conf/catalina.properties:

org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true

Restart both services:

service httpd restart
service tomcat8 restart

Refresh your Manage Jenkins page. The warning message will be gone.

An example of implementing the second option in Apache HTTPD:

RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"

and for NGINX:

proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;