What I want to do ?
I have two application on local ports and I want to access them like that :
maindomain.com -> node.js app
sub.maindomain.com -> .net core app
My DNS config
maindomain.com (A Record) 11.111.11.111
sub.maindomain.com (A Record) 11.111.11.111
Nginx config
/etc/nginx/sites-enabled/maindomain.com (linked from ./sites-available/)
upstream node_app{
# node.js running
server 127.0.0.1:8000;
}
server{
listen 80;
server_name www.maindomain.com maindomain.com;
#Redirige toutes les requêtes http vers https
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/maindomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/maindomain.com/privkey.pem;
server_name www.maindomain.com maindomain.com;
location / {
include proxy_params;
proxy_pass http://node_app;
}
}
/etc/nginx/sites-enabled/sub.maindomain.com (linked from /sites-available/)
upstream core_api{
# Asp.net core API running in background
server 127.0.0.1:5000;
}
server{
listen 80;
server_name www.sub.maindomain.com sub.maindomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/maindomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/maindomain.com/privkey.pem;
server_name www.sub.maindomain.com sub.maindomain.com;
location / {
include proxy_params;
proxy_pass http://core_api;
}
}
Result :
After that, I have restarted my nginx service.
Requests on sub.maindomain.com just redirect on maindomain.com.
What did I missed ?
Well it looks like you forgot:
server_name www.api-accropolis.maindomain.com api-accropolis.maindomain.com;
... in SSL server in /etc/nginx/sites-enabled/sub.maindomain.com
And you also forgot:
server_name www.maindomain.com maindomain.com;
... in SSL server in /etc/nginx/sites-enabled/maindomain.fr
Related
Nginx is 1.14.1 version
have several virtual hosts and default in the /etc/nging/sites-enabled:
I've tried to configure using this doc: http://nginx.org/en/docs/http/request_processing.html
default
server {
listen 80;
server_name "";
return 444;
}
server {
listen 443 ssl http2 default_server;
server_name _;
ssl_certificate ....
ssl_certificate_key .....
add_header Strict-Transport-Security 'max-age=31536000';
return 444;
}
domain1
server{
listen 80;
server_name domain1;
return 301 https://$server_name;
}
server {
server_name domain1;
listen 443 ssl;
..................
}
but when tried to get access using server IP nginx redirect to domain1. please help what's wrong here. I'd like to deny access by IP to sites and leave only requests with domain name
My webstie is hosted on aws EC2 instance and I have nginx 1.12.2 and Ec2 Operating system is centos, how do I redirect http://example.com and https://example.com to https://www.example.com .
Thanks
You will need 3 server sections (and I'm almost sure you forgot to handle http://www.example.com case)
server {
listen 80;
server_name example.com;
location / {
return 301 https://www.example.com$request_uri;
}
...
server {
listen 443 ssl;
server_name example.com;
ssl_certificate ...
location / {
return 301 https://www.example.com$request_uri;
}
...
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate ...
location / {
#your configuration here
}
...
I have a wordpress website with https protocol by configuring the nginx 301 redirect:
server {
listen 80;
server_name xxx.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name xxx.com;
ssl_certificate conf.d/xxx.crt;
ssl_certificate_key conf.d/xxx.key;
}
And my article has some image links with static server like:
http://yyy.com/1.png
But when i access this article: it will be https://yyy.com/1.png, How do I configure the nginx that can still use http for the image static server?
You would do that using below config
server {
listen 80;
server_name xxx.com;
location ~* \.(png|ico|jpeg)$ {
root <your root folder>;
try_files $uri =404;
}
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
server_name xxx.com;
ssl_certificate conf.d/xxx.crt;
ssl_certificate_key conf.d/xxx.key;
}
I have a rule that rewrites all pages and subdomains from port 80 to 443 ssl
server {
listen xx.xx.xx.xx:80 default;
server_name *.xx.net;
return 301 https://xx.net;
}
This is nginx configuration that you see above
how can I add similar one that directs all 443 (https) subdomains (*.xx.net) to just xx.net?
this is for the https (443) listening part
server {
listen xx.xx.xx.xx:443 ssl;
server_name *.xx.net xx.net;
location / {
proxy_pass http://xx.xx.xx.xx:8080;
}
}
Create a separate server block :
server {
listen xx.xx.xx.xx:443 ssl;
server_name *.xx.net;
return 301 https://xx.net;
}
server {
listen xx.xx.xx.xx:443 ssl;
server_name xx.net;
location / {
proxy_pass http://xx.xx.xx.xx:8080;
}
}
I own a website, like example.com by HTTP. Considering the secure stuff, now I want to change the HTTP to HTTPS. And I hope all the old customers could still be able to visit my website even they use example.com which will be redirect to https via Nginx.
Of course, I googled a lot, then my solution is:
upstream www {
server 127.0.0.1:4000;
}
server {
listen 80;
listen 443 ssl;
server_name localhost www example.com;
ssl on;
ssl_certificate /usr/local/etc/docs/example.crt;
ssl_certificate_key /usr/local/etc/docs/example.key;
if ($ssl_protocol = "") {
rewrite ^ https://$host$request_uri? permanent;
}
# below are some other stuff
# ...
}
But when I visit example.com, I got:
400 Bad Request The plain HTTP request was sent to HTTPS port
Then I change the nginx.conf, after reading Redirect in nginx , and config the error_page by 497:
upstream www {
server 127.0.0.1:4000;
}
server {
listen 80;
listen 443 ssl;
server_name localhost www example.com;
ssl on;
ssl_certificate /usr/local/etc/docs/example.crt;
ssl_certificate_key /usr/local/etc/docs/example.key;
error_page 497 https://$host$request_uri;
# below are some other stuff
# ...
}
Then it works, everything is fine. But I just don't know why and the solution of error_page just seems werid. So
after reading Dealing with nginx 400 “The plain HTTP request was sent to HTTPS port” error, I add the default and remove the ssl on.
upstream www {
server 127.0.0.1:4000;
}
server {
listen 80;
listen 443 default ssl;
server_name localhost www example.com;
ssl on;
ssl_certificate /usr/local/etc/docs/example.crt;
ssl_certificate_key /usr/local/etc/docs/example.key;
if ($ssl_protocol = "") {
rewrite ^ https://$host$request_uri? permanent;
}
# below are some other stuff
# ...
}
Great! It works again. But I am not for sure:
Which solution is correct?
If both correct, which is more friendly for SEO?
Solution 1st is really wired, from http://moz.com/learn/seo/redirection, can find that permanent redirection is more friendly.
server {
listen 80;
server_name www.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 default ssl;
server_name www example.com;
ssl on;
ssl_certificate /usr/local/etc/docs/example.crt;
ssl_certificate_key /usr/local/etc/docs/example.key;
# below are some other stuff
# ...
}