Redirecting one subdomain in Nginx - nginx

I'm a bit stuck on this one and any assistance would be amazing. I'm very much an Nginx noob.
We have an existing Nginx setup with lots of redirections already configured.
I'm trying to only redirect one subdomain in Nginx to an external url, however no matter what I try it redirects all subdomains.
I've reviewed our existing configs to get some understanding of how things are setup but the life of me I just can't work this one out and all the search results I seem to find are for redirecting all subdomains or sub sites not for redirecting just one subdomain of many.
This subdomain didn't have an existing config and I've had to create one (copy one of our others and edit it) it looks like previously the subdomain was configured under a catch all.
Example:
I need https://foo-bar.test.com.au to redirect to https://externalURL.com
However I don't want https://other-site.test.com.au to redirect to https://externalURL.com
This is the current config
server {
server_name foo-bar.test.com.au;
rewrite ^ https://externalURL.com;
root /opt/nginx-static/foo-bar;
}
server {
listen 443 ssl http2;
server_name foo-bar.test.com.au;
rewrite ^/(.*)$ https://externalURL;
ssl_certificate /etc/ssl/foo-bar.crt;
ssl_certificate_key /etc/ssl/foo-bar.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_timeout 30m;
root /opt/nginx-static/foo-bar;
location / {
root /opt/nginx-static/foo-bar;
index index.html foo-bar.html;
autoindex on;
}
}

I got this figured out.
Turns out the order of the .conf files matters
Renamed the config to zz.foo-bar.conf so it comes after default.conf
Also the permissions weren't set correctly on /opt/nginx-static/foo-bar
The other piece of the puzzle was DNS, I'd altered it earlier in my troubleshooting, turns out I needed to revert it back to the original DNS entry.

Related

nginx + apache, redirect from a non-existent subdomain to a specific subdomain

Nginx + apache is running. One subdomain was liquidated and its articles moved to the same addresses, but a new subdomain.
In the .conf of the old subdomain, I have prescribed the following settings, they work fine.
server
{
listen 80;
root /var/www/old.site.ru;
server_name old.site.ru www.old.site.ru;
return 301 https://new.site.ru$request_uri;
}
server
{
listen 443;
ssl on;
ssl_certificate /etc/ssl/wildcard.crt;
ssl_certificate_key /etc/ssl/wildcard.key;
server_name old.site.ru www.old.site.ru;
return 301 https://new.site.ru$request_uri;
}
Now it is planned to delete several more subdomains with the transfer of their articles to new ones, and I decided to delete unnecessary old subdomains. I want to redirect from specific (but already non-existent) subdomains to specific new ones in the general config. How can I do that?
I got into nginx.conf - something doesn't start in any way.
What do I need to do? Thanks!

How to configure nginx to redirect to https ... except for one directory

I'm setting up an nginx webserver to support multiple virtual hosts. Following best practice, I want any http:// request to be redirected to the equivalent https://.
That much is straightforward, but I want to have one exception: any request for any file under /.well-known/ should be served as http, without the https redirect. Anyone who's worked with LetsEncrypt will recognize the '.well-known' directory as the place that LetsEncrypt looks for verification files. These must be served over HTTP.
So far, I have a configuration file for 'default' that looks like:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/default/www;
index index.php index.html index.htm;
location ^~ /.well-known/ {
allow all;
}
location / {
return 301 https://$host$request_uri;
}
}
Then, for each virtual host, I have a separate file that looks like:
server {
listen 443 ssl;
server_name myexamplevirtualhost.com;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# lots more SSL-related stuff
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 80;
server_name myexamplevirtualhost.com;
location / {
return 301 https://$server_name$request_uri;
}
location /.well-known/ { }
}
If I request, for example, http://myexamplevirtualhost.com/, I get redirected to https://myexamplevirtualhost.com/ -- which is what I want. Similarly, a direct request for https://myexamplevirtualhost.com/ works as intended.
However, if I try: http://myexamplevirtualhost.com/.well-known/foo123, instead of the server simply serving up http://myexamplevirtualhost.com/.well-known/foo123 (which is the goal), it does a redirect to https://myexamplevirtualhost.com/.well-known/foo123.
I've tried a lot of different things -- changing the order of location rules, etc. -- but I still can't seem to get the behaviour I want.
What am I doing wrong?
If you have HSTS (HTTP Strict Transport Security) enabled you won't be able to "turn off" https for certain pages, since https will be forced for the whole domain. You might be able to use some convoluted setup of HTTP 302 redirects to make this work, but I'm not sure why you would want to. Let's Encrypt will have no trouble renewing certs if your .well-known directory is served over HTTPS.

Nginx www redirect not working for https.

# nginx -v
nginx version: nginx/1.2.1
I've tried everything I can findI cannot get the http://www.mysite.com to direct to https://mysite.com.
What I have right now will redirect http://mysite.com to https://mysite.com.
http://www.mysite.com does not work at all. It returns a Oops! Google Chrome could not find www.mysite.com Here is my current half working configuration:
vim /etc/nginx/sites-available/default
server {
listen 80;
server_name www.mysite.com;
return 301 $scheme://mysite.com$request_uri;
}
server {
listen 443;
allow all;
root /home/jacob/mysite;
server_name mysite.com;
ssl on;
ssl_certificate /etc/nginx/ssl/mysite_com.pem;
ssl_certificate_key /etc/nginx/ssl/server.key;
...
No matter what I try, the non www will always work and the www will not work at all. I am not sure if I need to reset something else. Every time I change the config file I restart the nginx server.
You need to set the www. subdomain to point at your server in DNS.

Nginx redirect if isn't wp-admin or wp-login.php

I want my nginx to redirect everything which isn't poiting to the wp-admin folder or to wp-login.php from https:// to http:// (If is https). My vhost config just says
server{
listen 80;
listen 443 ssl;
and then some things about the server name, the certi info and error pages. Can anyone tell me how to force the use of http instead of https to every folder that isn't wp-admin and every file that isn't wp-login.php ?
My current solution to this is to not rewrite urls in nginx at all, but let Wordpress itself do the job.
My nginx is configured to allow both http and https, like yours, so people can choose which they want as I use CAcert certificates which are not trusted by everyone. Then I make Wordpress forcing login and admin sessions to redirect to https by adding this to wp-config.php:
define('FORCE_SSL_ADMIN', true);
This doesn't redirect https to http on non-admin pages, though. But that doesn't really make sense, as it doesn't avoid certificate warnings: The redirection will only happen after the warning. And on the other hand, some people (e.g. the admins) actually have imported the certificate and might want to use the rest of the site with https, too.
More details can be found at http://codex.wordpress.org/Administration_Over_SSL. I stumbled over this via http://www.surlyjake.com/blog/2011/12/20/wordpress-https-secure-login-with-nginx/.
In your server block, use location rules to match the /wp-admin/ and /wp-login.php requests and rewrite those to use https, and for everything else -- if that's what you want -- rewrite to use http. For example:
server {
listen 80;
listen 443;
server_name your.domain.name;
# your ssl configurations here...
# example:
ssl_session_timeout 10m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
rewrite ^ http://$server_name$request_uri? last;
}
location /wp-admin/ {
rewrite ^ https://$server_name$request_uri? last;
}
location = /wp-login.php {
rewrite ^ https://$server_name$request_uri? last;
}
# your other rules here...
}

Nginx redirect if cookie present

I've seen some limited resources on checking for cookies with Nginx, but I couldn't really find the answer I was looking for, hopefully some of you Nginx masters can give me a hand.
Essentially I have a vhost that I'd like to redirect to a different domain unless the user has a cookie, here is what I've created:
server {
listen 80;
server_name example.com;
if ($http_cookie ~* "dev_cookie" ) {
root /home/deploy/apps/example/current/public;
passenger_enabled on;
rack_env production;
break;
}
rewrite ^/(.*) http://beta.example.com/$1 permanent;
}
But it doesn't seem to work, I get the error:
[emerg]: "root" directive is not allowed here in /opt/nginx/conf/nginx.conf:45
I'm not sure how to proceed here, any ideas guys?
That makes sense.
I would define another virtual host (beta.example.com) with that different root folder
and upon encountering cookie - do a rewrite
You can't set different roots for a domain conditionally, but you can redirect (rewrite) to another domain conditionally
This guy's example helped me a bit ago
http://nicknotfound.com/2009/01/12/iphone-website-with-nginx/

Resources