I'm moving some small websites in production to DDEV and, some of them has multiple domains with a 301 redirection to the main HTTPS site.
This config was working well with the "natural" Nginx when I was using a .conf file to manage the domains that should be redirect to the main site on this way:
server {
listen 80;
server_name .domain1.com
.domain2.com
.domain3.com
;
return 301 https://www.maindomain.com;
}
I tried to create a new domains.conf file and add it inside the .ddev/nginx_full directory to be loaded in the restart process but seems the Nginx didn't recognize such file.
In the main "natural" Nginx config file I has this server to redirect all requests coming from HTTP to HTTPS:
server {
listen 80;
access_log off;
error_log off;
server_name maindomain.com www.maindomain.com;
return 301 https://www.$host$request_uri;
}
I tried to add these configs inside the .ddev/nginx_full/nginx-site.conf file but the server start to be crazy, doing sometimes infinite redirections and sometimes, not recognize the domains.
Inside the config.yaml file I have:
additional_fqdns:
- domain1.com
- domain2.com
- domain3.com
- maindomain.com
- www.maindomain.com
use_dns_when_possible: false
I'm sure that's a "right way" to handle this situation but, looking the docs, I didn't find and answer for that. On this way, I ask if someone here have the catch for that.
Thanks a lot
I think this will work for you.
Add the file .ddev/nginx/redirect.conf with these contents:
if ($http_x_forwarded_proto = "http") {
return 301 https://$host$request_uri;
}
This uses a DDEV nginx snippet, it could also be done with a full nginx config.
The ddev-router acts as a reverse proxy that terminates SSL/443 and passes along requests on port 80 to the web container.
You see the infinite redirects because it sees the request always on port 80.
Related
i don't understand what i'm doing wrong so i hope somebody can help :)
When i access http://10.0.0.54/index.html i get the right page but if i try to access http://10.0.0.54 instead of showing the index file it redirects me to https://10.0.0.54 showing error 502 bad gateway.
This is the configuration /etc/nginx/sites-available/default
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html/salvaderi;
index index.html;
server_name _;
location ~ /.well-known/acme-challenge {
allow all;
root /var/www/html/salvaderi;
}
location / {
root /var/www/html/salvaderi;
index index.html;
}
}
I am running nginx 1.18.0 on ubuntu 22.04
i tried changing parameters inside location /{} but i always get the same result. I also changed the root directory and made sure permission where set right. Searching on for the solution i saw other people having problems about PHP and FastCGI but i am not using it.
Your configuration about to be right.
Possible there is some kind of proxy or load-balancer is placed between you and nginx you configuring since you got redirect to HTTPS whether there is no any redirection instructions in your config and, in the same time, there is no listen 443 ssl in config, but you still got response on HTTPS request.
I'd check next:
Is 10.0.0.54 in fact IP of your server?
Is there any return 301, return 302 or rewrite instructions in your nginx config (the better
way is to dump config with nginx -T command and look over).
Didn't
you previously have configured some redirects that may have been
cached by your web client previously? Try to send GET request with
curl instead of web browser (if browser been used for tests).
I can rewrite some specific http folders to https folders, but i can't rewrite all https except these specific folders from https to http; i'm stuck in a loop
Using NGinx 1.12 as a proxy, handling both http and https
i have one server section to handle http 80 and one server section to handle https (i know they can be together in the same section).
both of them are beginning that way
location / {
proxy_pass
server {
listen 80;
i have
location ~ ^/(xxx|yyy|zzz)/.*$ {
rewrite ^ https://www.example.com$uri permanent;
}
and anytime i'm in http, it is redirecting to https fine for the xxx,yyy and zzz folders. so far, so good.
but under server {
listen 443 ssl;
, i would like to redirect everything except the xxx,yyy,zzz folder to go back to http.
I did try to do the reverse in the https section meaning :
location / {
rewrite ^ http://www.example.com$uri permanent;
}
and
location ~ ^/(xxx|yyy|zzz)/.*$ {
#do nothing
}
but it is not working, either i get a 404 error or a loop
The only solution i found as Nginx is a proxy is making Apache handling the redirect on its side.
so,
a. nginx 80 is redirecting to nginx 443 specific folders.
b. all https is redirect by nginx 443 to apache 443, and then in apache 443 conf i do a test, if it the specific folders, i stop, and otherwise i redirect to nginx 80.
It's working, but i'm sure it is possible to make nginx handle it and avoid this 1 loop. if someone as a beautiful answer :-)
I've recently been trying to set up a reverse proxy that would forward certain 4th-level subdomains to particular locations. So, for example, this is what I'm trying to accomplish (configuration in my nginx file):
server {
listen 80;
server_name *.server.domain.com;
rewrite ^ https://$server_name$request_uri;
}
The goal here being that if someone went to, for example, http://item1.server.domain.com, they would be re-routed to https://item1.server.domain.com. However, with this configuration, the URL gets rewritten to https://%2A.server.domain.com.
Is there a way to fix this so that the full domain (item1) gets added correctly to the rewritten URL? Ideally, I wanted it to eventually be able to rewrite any subdomain on server.domain.com directly to https.
Thanks!
The $server_name variable contains the text from the value of the server_name directive. The %2A is a URL encoded representation of the leading *.
Use $host or $http_host to obtain the hostname actually requested by the client. See this document for more.
For example:
server {
listen 80;
server_name *.server.domain.com;
return 301 https://$host$request_uri;
}
Note: Restart nginx and clear the browser cache between each test. Check the configuration using nginx -T.
I'm having trouble configuring my nginx proxy despite reading a number of guides and trying for three consecutive evenings.
Here is my topology:
(From internet) All traffic from port 80 is redirected to 192.168.1.4, a ubuntu-server virtual running nginx.
I have a NAS which has a subdomain myName.surname.com which connects to the admin page. On that NAS, I have apache webserver running hosting a couple of sites on port 81, 82,
The NAS uses virtualhosts, so domains successfully redirect (without using nginx).
I also have an ASP.NET website running on IIS on another 192.168.1.3:9810.
Now here is my NGINX configuration. I tried configuring it a few times but broke it so I've put it back to its default state:
server {
listen 80 default_server;
root /usr/share/nginx/html;
index index.html index.htm;
server_name localhost;
location / {
proxy_pass http://192.168.1.1; #WORKS OK
}
}
If I go on myName.surname.com or wordpressWebsite.co.uk or myIISSiteDomain.co.uk I am with config above greeted with the correct page at 192.168.1.1:8080 OR 192.168.1.1:81.
It's a start.
First problem is When I navigate to any other page (not home page) like wordpressWebsite.co.uk/blog, it breaks giving 404. So I have tried to differentiate between URLs? I read that the config should be something like:
server {
listen 80;
server_name wordpressWebsite.co.uk;
location / {
proxy_pass http://192.168.1.1:81;
}
}
server {
listen 80;
server_name myName.surname.com;
location / {
proxy_pass http://192.168.1.1;
}
}
server {
listen 80 myIISSiteDomain.co.uk
location / {
proxy_pass http://192.168.1.3:9810;
}
}
But this is not quite right.
1) wordpressWebsite.co.uk loads up the page, but as soon as I go to any other link like wordpressWebsite.co.uk/blog it breaks, giving me my NAS error message like its trying to access 192.168.1.1/blog rather than the virtualhost ~/blog. It actually changes my URL in navbar to 192.168.1.1 so why is it behaving like this?
2) if I'm using virtual host, I don't think I should need to pass in the port via nginx for 192.168.1.1:81 (wordpressWebsite.co.uk). Surely I just need to point it to 192.168.1.1, and then virtualhost should detect that the url maps to 81? I'm not sure how to to do this as I don't fully understand what actually gets passed from nginx to the server?
You can add try_files $uri $uri/ /index.php?$args;
See this https://www.geekytuts.net/linux/ultimate-nginx-configuration-for-wordpress/
I want to prevent people from using my site via http and force them to use a secure connection. My https certificate is issued by letsencrypt (via the webroot option), which means they connect via http where I serve the static content from /.well-known/acme-challenge/. All other requests should be redirected to use https. Following the relevant part of my nginx.conf
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com admin.example.com;
location /.well-known/acme-challenge {
root /app;
access_log on;
try_files $uri $uri/ =418;
}
return 301 https://$server_name$request_uri;
}
This https upgrade works fine and all users get an https connection as intended. The Problem is, that nginx upgrades EVERY request made, even those from letsencrypt, which cause letsencrypt to fail - it doesn't even try to serve the file (the file exists!).
How can I ensure that if a request comes via http to example.com/.well-known/acme-challenge/[HASH] it will serve the file if found or return a 418 error while simultaneously upgrading all other requests to https which dont start with /.well-known/acme-challenge? Thanks for any suggestions
The return 301 is in server scope, which is not what you want. Place the return inside a default location:
location / {
return 301 https://$server_name$request_uri;
}