I have a http website (with Flask and nginx) which is up and running. I'm trying to install ssl with certbot and following their steps leads to a successful installation message (congratulations...) but refreshing my webpage leads to 404 Not Found nginx/1.18.0 (Ubuntu).
This is the nginx.conf file after sudo certbot --nginx
server {
server_name www.mydomain.com;
location /static {
alias /home/ubuntu/adviser/flaskblog/static;
}
location / {
proxy_pass http://localhost:8000;
include /etc/nginx/proxy_params;
proxy_redirect off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.mydomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name www.mydomain.com;
return 404; # managed by Certbot
}
any help is really appreciated.
First, just remove this line:
return 404; # managed by Certbot
which causes 404 error to be returned.
If it doesn't help, change whole this block:
server {
if ($host = www.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name www.mydomain.com;
return 404; # managed by Certbot
}
to this:
server {
listen 80;
server_name www.mydomain.com;
return 301 https://$host$request_uri;
}
UPDATE
Also, you can try to change
return 301 https://$host$request_uri;
to
return 301 https://www.yourdomain.com$request_uri;
(I had to replace mydomain with yourdomain due to some strange StackOverflow restrictions.)
I finally figured out what is the problem.
I was creating certificate for www.mydomain.com, but in reality I my domain was set to mydomain.com (no www). I was redirecting to www but either I was doing it wrong or certbot does not like redirects of that nature.
Long story short, I (re)issued certificate for mydomain.com and certificate worked like a charm!
Related
I get a 404 Not Found nginx/1.18.0 (Ubuntu) error when I look up my domain without having www in the domain name I searched. It finds nginx so it obviously finds my server but I can't find someone not being able to load gunicorn just without www. My name servers all points to the write ip address the ones with my domain name on the left are where I've either left it blank or put # in the field. I've gone through the guides I've used to make sure I've done every step is there some config I might've messed up?
My error logs in /var/log/nginx don't show anything relevant and neither do my logs at the /var/log/webapp so I can't figure out why gunicorn wouldn't bee loading without www
I found it might have to do with my config file in nginx itself so here is my /etc/nginx/sties-enabled/webapp
server {
server_name www.websitename.com;
location /static {
alias /home/sai/webapp/website/static;
}
location / {
proxy_pass http://localhost:8000;
include /etc/nginx/proxy_params;
proxy_redirect off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.websitename.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.websitename.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.websitename.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name www.websitename.com;
return 404; # managed by Certbot
}
I've found that my error might be that certbot is only redirecting www.websitename.com to https so I'm gonna try and figure out how to add websitename.com to that because just adding another if under makes my nginx not be able to restart
Make this your conf then run sudo certbot --nginx -d websitename.com -d www.websitename.com and it should create ssl certs for both your domains and work
server {
server_name websitename.com www.websitename.com;
location /static {
alias /home/sai/webapp/website/static;
}
location / {
proxy_pass http://localhost:8000;
include /etc/nginx/proxy_params;
proxy_redirect off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.websitename.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.websitename.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}```
So if you look here they do everything in seperate server blocks. I'm uncomfortable with the differences between their code and mine and I don't fully understand what the differences mean so any comments or other answers would be helpful, BUT this should fix it for you following the format of your file. Just add it to the bottom
server {
if ($host = websitename.com) {
return 301 https://$host$request_uri;
} #managed by Certbot
listen 80;
server_name websitename.com;
return 404;
}
I have installed NGINX reverse proxy with certbot through Docker but i t is not showing the welcome page for Nginx rather it is taking me to a 404 error. when i did the below command nginx -t
it gave me the following result
> nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
this is what is in my domain config file
server{
server_name domainname.com www.domainname.com;
location / {
proxy_pass http://172.17.0.2:80;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domainname.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domainname.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
if ($host = www.domainname.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domainname.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name domainname.com www.domainname.com;
return 404; # managed by Certbot
Please any advice in resolving this issue will be appreciated. Thank You
Hello I have hard times to configure nginx properly. I would like redirect from https://example.com to https://www.example.com I found a lot of tutorials how to do it but not a single one worked with mine configuration files.
I used letsencrpyt to configure the SSL for me.
Here is the nginx conf file:
server {
server_name IP_ADDRESS example.com www.example.com;
location /static/ {
root /home/user/pyapps/ks_g;
}
location /media/ {
root /home/user/pyapps/ks_g;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name IP_ADDRESS example.com www.example.com;
return 404; # managed by Certbot
}
Add redirect on condition to the server block with SSL or both:
if ($host != www.example.com) {
return 301 https://www.example.com$request_uri;
} # managed by Stack Overflow (sorry cannot hold myself)
This works as the following: if the Host HTTP header not equals www.example.com make permanent redirect to https://www.example.com$request_uri.
Need help with NGINX rewrite, I have a WordPress blog, which converted into Asp.net Core. It hosted on linux machine, webserver as NGINX.
Previously url were https://example.com/2015/06/hello-world, now I want to remove date part from url and redirect it to https://example.com/hello-world
Below in my nginx cofig file
proxy.conf
server {
server_name codepedia.info;
location / {
proxy_pass http://blogmenia;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/codepedia.info/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/codepedia.info/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = codepedia.info) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name codepedia.info;
listen 80;
return 404; # managed by Certbot
}
You can prepend a rewrite rule to your first server block like this
location / {
rewrite "/([0-9]{4})/([0-9]{2})/(.*)" /$3 permanent;
proxy_pass http://blogmenia;
}
This rule will permanently remove the date from your url it will look like this https://example.com/hello-world and then it serves the proxy
Note : you can update the regular expression in case of any date modifications in your url
I have a domain https://secondubly.tv setup with SSL that redirects to another website - this portion works perfectly fine. I also have a subdomain that I haven't setup with SSL - bot.secondubly.tv but every time I try to access it, I end getting redirected to https://secondubly.tv which in turn redirects me to another website. I imagine it's just ignoring the first block adn going to the block below it. I'm really struggling on how to get this working without SSL, and could use some help.
# Server that handles sending non-SSL traffic to SSL.
server {
listen 80;
listen [::]:80;
server_name bot.secondubly.tv www.bot.secondubly.tv;
location / {
proxy_pass http://localhost:25000;
}
}
server {
server_name secondubly.tv www.secondubly.tv;
return 301 https://twitch.tv/secondubly$request_uri;
listen 443 ssl; # managed by Certbot
ssl_certificate key; # managed by Certbot
ssl_certificate_key key; # managed by Certbot
include ...nginx.conf; # managed by Certbot
ssl_dhparam ...dhparams.pem; # managed by Certbot
}
server {
if ($host = www.secondubly.tv) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = secondubly.tv) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name secondubly.tv www.secondubly.tv;
listen 80;
return 404; # managed by Certbot
}
I feel like I'm just not understanding something really basic here? Why is it skipping the proxy_pass section? The server names are there and they're accurate, so what gives?