I'm trying for hours to put SSL to work on nginx without success. I have already setup all things correct but i'm getting blank page when i trying to access in https. website on http work fine.
I got certificate and key from cloudflare (i already setup with it some time ago and i remember this part).
I have setup the certificate and key on /etc/nginx/ssl and my configuration of server looks like:
server {
listen 443 default default_server;
listen [::]:443 ssl default_server;
server_name myhost.com;
ssl_certificate /etc/nginx/ssl/certificate.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
root /var/www;
index index.php index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
}
I got blank page when access on https, and i don't get any erros and logs on erros/access.logs from nginx..
could someone help me?
Related
I have a domain which work only in our VPN network.
Recently we enabled the SSL on that and its working fine with https, but now i want to redirect all my http traffic also to https.
For this i added below block along with ssl block but still http request is not re-directing to https.
server {
listen 80;
server_name domain_name.com www.domain_name.com;
return 301 https://$domain_name$request_uri;
}
server {
server_name example.com;
access_log /var/log/nginx/example-access.log;
error_log /var/log/nginx/example-error.log;
root /var/www/html/web;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ /index.php$uri?$args;
}
}
I tried with my domain_name,localhost with port number also, nothing works for me.
Sorry for limited understanding on Nginx, Iam new to Nginx.
I have a webapp running on React and Nginx. Recently I received the SSL certificates for my website. I tried to configure the website and it worked partially. The problem is when I tried to open "https://example.com", the SSL certificates are visible here but its showing nginx default home page. While when I open "http://example.com" it shows all the webcontent.
I attempted to:
change the port from 80 to 443
Reinstall nginx.
But nothing seems to work. Here is my nginx confs at the moment:
/etc/nginx/sites-available/example.org
server {
listen 443;
listen [::]:443;
ssl on;
ssl_certificate /etc/nginx/ssl/bundle.cer;
ssl_certificate_key /etc/nginx/ssl/example.key
root /var/www/html;
server_name example.org;
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 80;
listen [::]:80;
server_name _;
return 301 https://example.org;
}
/etc/nginx/conf.d/www/example.org.conf
server {
listen 80 default_server;
server www.example.org;
location / {
root /usr/share/nginx/html;
index index.htm; index.html;
}
}
Note: I reload nginx at every new attempt.
Please help where am I going wrong.
Keeping just 1 file for config works for the above problem. I kept the "default" conf at "/etc/nginx/sites-available"
I host a site in compute engine in google cloud with Nginx on Debian, I use a Bluehost domain and a Cloudflare SSL.
My site web sometimes works and sometimes not and show me this message: Your connection is not private.
what is the solution?
example.com file:
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 302 https://$server_name$request_uri;
}
server {
# SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /etc/ssl/certs/cert.pem;
ssl_certificate_key /etc/ssl/private/key.pem;
server_name example.com www.example.com;
root /var/www/example.com/html;
index index.html index.htm index.php;
ssl_client_certificate /etc/ssl/certs/cloudflare.crt;
ssl_verify_client on;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
I think John H nailed it, seems you have a mixed content issue. You may end up having to edit as suggested, but I'd first recommend trying to enable "Automatic HTTPS Rewrites" on the Crypto tab. Other mixed content suggestions here, https://community.cloudflare.com/t/community-tip-fixing-mixed-content-errors/42476.
If you have more questions about Cloudflare, visit the Cloudflare Community, https://community.cloudflare.com/t/community-tip-welcome-stackoverflow-visitors/99529."
I just transferred a site to a DO server provisioned by Forge. I installed an SSL certificate and noticed that navigating to https://www.example.com results in a Server Not Found error, while http://example.com returns 200. I attempted to force non-WWW in the Nginx config file but cannot seem to make anything work. I also restarted Nginx after every attempt.
Here is my current Nginx config file:
server {
listen 80;
server_name example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
server_name .example.com;
root /home/forge/default/current/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/default/56210/server.crt;
ssl_certificate_key /etc/nginx/ssl/default/56210/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
The server was set up with the default site - default, rather than example.com. I realized this after launching the site to production and installing the SSL cert, I am trying to avoid any downtime by trying to change this after the fact. I am not sure if the site being called default makes any difference here, but it's key to note.
So, https:// or http://example.com works fine. www.example.com returns a Server Not Found error on all browsers I've tested. I also noticed that there is a www.default file in /etc/nginx/sites-enabled, I tried changing it to the following and restarting nginx:
server {
listen 80;
server_name www.example.com;
return 301 $scheme://example.com/$request_uri;
}
Still receiving Server Not Found no matter what. Here is the error on Chrome:
The server at www.example.com can't be found, because the DNS lookup failed. DNS is the network service that translates a website's name to its Internet address. This error is most often caused by having no connection to the Internet or a misconfigured network. It can also be caused by an unresponsive DNS server or a firewall preventing Google Chrome from accessing the network.
Well, apparently I just needed to take a break. After I finished off my lunch, it occurred to me that Chrome was giving me the answer all along - it was a DNS issue. I added an A record for www pointing to my IP address on Digital Ocean, problem solved.
I believe www is missing by default on DO servers provisioned by Laravel Forge.
Please help as explicitly as possible. I have set up a domain on a home server running nginx on Ubuntu 15, and I have the dns pointed to it. I can use the domain to access the site and if I append /subdirectory to it, I am able to launch the pages inside the subdirectories. What I am trying to do is get the subdomains to go directly to the correct root. Ie: mysite.com = /index.htm, subdomain.mysite.com = ./subdirectory where files are located.
I have tried every suggestion including those popular and those criticized, and either I get an error restarting Nginx or I get a "server not found" error. I´ve tried setting up cname aliases with my DNS server, and that doesn´t work either.
The working config file is below:
##
server {
server_name "~^(?<sub>.+)\.domain\.tld$";
index index.php index.html index.htm;
root //media/user/ednet/$sub;
ssl_certificate REMOVED FOR SECURITY
ssl_certificate_key REMOVED FOR SECURITYY
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!Anull:!md5;
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
# root //media/user/ednet;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm;
#=========================Locations=============================
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
# root /usr/share/nginx/html;
}
#============================================================PHP=========================================================
location ~ \.php$ {
try_files $uri =404;
# fastcgi_split_path_info ^(.+\.php) (/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
====================
I´ve tried proxies, redirects, and everything else I can think of--including reading the instructions in the Nginx manual and the wiki.
Thanks
A quick "server not found" by the browser suggests that DNS is not set up. Your subdomains need to resolve to your server's public IP address using either:
specific CNAME record pointing to the main domain specific A record
pointing to the server's IP address wild (catch-all) A record
pointing to the server's IP address
Changes to DNS can take many hours to propagate.
An error restarting nginx suggests a syntax error in the configuration file.
Your configuration file contains no obvious syntax errors, but there are a few strange elements:
root directive appears twice
index directive appears twice
root directive has two leading // where usually one will do
You have IPv4 and IPv6 configured which is fine if you have an IPv6 connection.
You have this server marked as a default_server which means that it will be used even if the server_name regex does not match. Therefore, if you present to the server with a subdomain that returns files from the root, this implies that the regex failed to match but the server block was used by default. In which case, check the regex.
In summary, the first priority is to fix the DNS. Nothing will work unless the subdomains resolve to the IP address of the server.