I host a site in compute engine in google cloud with Nginx on Debian, I use a Bluehost domain and a Cloudflare SSL.
My site web sometimes works and sometimes not and show me this message: Your connection is not private.
what is the solution?
example.com file:
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 302 https://$server_name$request_uri;
}
server {
# SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /etc/ssl/certs/cert.pem;
ssl_certificate_key /etc/ssl/private/key.pem;
server_name example.com www.example.com;
root /var/www/example.com/html;
index index.html index.htm index.php;
ssl_client_certificate /etc/ssl/certs/cloudflare.crt;
ssl_verify_client on;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
I think John H nailed it, seems you have a mixed content issue. You may end up having to edit as suggested, but I'd first recommend trying to enable "Automatic HTTPS Rewrites" on the Crypto tab. Other mixed content suggestions here, https://community.cloudflare.com/t/community-tip-fixing-mixed-content-errors/42476.
If you have more questions about Cloudflare, visit the Cloudflare Community, https://community.cloudflare.com/t/community-tip-welcome-stackoverflow-visitors/99529."
Related
I wish to serve two or more of my domain names from a single instance of nginx running on a raspberry pi, however something is not working alright.
Nginx was compiled with SNI support enabled:
> nginx -VC
nginx version: nginx/1.18.0
built with OpenSSL 1.1.1n 15 Mar 2022
TLS SNI support enabled
However I suspect that SNI is not in effect. I am trying to access my domains from multiple modern browsers guaranteed to have SNI support (firefoxes, chromes, opera and more).
My configurations are as follows:
/etc/nginx/sites_enabled/domain1.conf contains the following:
server {
listen 443 ssl;
server_name domain1.com www.domain1.com;
root /var/www/domain1.com/html;
index index.html index.htm;
ssl_certificate /var/www/domain1.com/ssl/cert.pub;
ssl_certificate_key /var/www/domain1.com/ssl/cert.key;
location / { try_files $uri $uri/ $uri.html =404; }
}
server {
listen 80;
server_name domain1.com www.domain1.com;
return 301 https://$server_name$request_uri;
}
whereas /etc/nginx/sites_enabled/domain2.conf containsthe following:
server {
listen 443 ssl;
server_name domain2.net www.domain2.net;
root /var/www/domain2.net/html;
index index.html;
ssl_certificate /var/www/domain2.net/ssl/cert.pub;
ssl_certificate_key /var/www/domain2.net/ssl/cert.key;
location / { try_files $uri $uri/ $uri.html =404; }
}
server {
listen 80;
server_name domain2.net www.domain2.net;
return 301 https://$server_name$request_uri;
}
The HTTP to HTTPS redirecting works as expected i.e. in a browsers http://domain1.com correctly redirects me to https://domain1.com, however only one of the domains are actually accessible (namely domain2.net).
What could be the cause of my problem?
Do I have to manually enable SNI somehow?
Note that when I set up both domains only through HTTP they both worked as expected.
Sorry for limited understanding on Nginx, Iam new to Nginx.
I have a webapp running on React and Nginx. Recently I received the SSL certificates for my website. I tried to configure the website and it worked partially. The problem is when I tried to open "https://example.com", the SSL certificates are visible here but its showing nginx default home page. While when I open "http://example.com" it shows all the webcontent.
I attempted to:
change the port from 80 to 443
Reinstall nginx.
But nothing seems to work. Here is my nginx confs at the moment:
/etc/nginx/sites-available/example.org
server {
listen 443;
listen [::]:443;
ssl on;
ssl_certificate /etc/nginx/ssl/bundle.cer;
ssl_certificate_key /etc/nginx/ssl/example.key
root /var/www/html;
server_name example.org;
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 80;
listen [::]:80;
server_name _;
return 301 https://example.org;
}
/etc/nginx/conf.d/www/example.org.conf
server {
listen 80 default_server;
server www.example.org;
location / {
root /usr/share/nginx/html;
index index.htm; index.html;
}
}
Note: I reload nginx at every new attempt.
Please help where am I going wrong.
Keeping just 1 file for config works for the above problem. I kept the "default" conf at "/etc/nginx/sites-available"
I'm trying for hours to put SSL to work on nginx without success. I have already setup all things correct but i'm getting blank page when i trying to access in https. website on http work fine.
I got certificate and key from cloudflare (i already setup with it some time ago and i remember this part).
I have setup the certificate and key on /etc/nginx/ssl and my configuration of server looks like:
server {
listen 443 default default_server;
listen [::]:443 ssl default_server;
server_name myhost.com;
ssl_certificate /etc/nginx/ssl/certificate.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
root /var/www;
index index.php index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
}
I got blank page when access on https, and i don't get any erros and logs on erros/access.logs from nginx..
could someone help me?
I'm using the docker image from linuxserver called swag which contains an nginx reverse proxy and a Let's encrypt certbot. Quite some dockerized apps are not designed to be accessed via subdirectory proxying but instead need to be proxied to a subdomain (because otherwise js and css files are requested from the domain, not the subdirectory).
My goal is to make a service at 1.test.example.com available at example.com/1
The config for the subdomain looks like this and works fine:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
root /config/www;
index index.html index.htm index.php;
server_name 1.test.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# some app
location / {
include /config/nginx/proxy.conf;
proxy_pass http://172.2.0.2:1234/;
}
}
My try for proxying to the subdomain looks like this but doesn't work as my browser returns "400 Bad request":
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
root /config/www;
index index.html index.htm index.php;
server_name _;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# proxy to some app
location /1/ {
include /config/nginx/proxy.conf;
proxy_pass https://1.test.example.com;
proxy_set_header Host 1.test.example.com;
}
}
What is the correct way to do this using proxy_pass and without using rewrite?
I have website on nginx server! I want to make accessing the site by https by default(on specified port, I wrote in below)! I mean, when I write in browser - mysite.net:90, or www.mysite.net:90, it will go on https, instead of http! I've already tried to redirect requests with "rewrite" in server block, and "return", but it doesn't work.
This is how my server block looks now:
server {
listen 90;
listen 9090 ssl;
server_name example.com;
ssl on;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
root /var/www/path;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
......
}
You may find this forum post useful:
https://www.digitalocean.com/community/questions/http-https-redirect-positive-ssl-on-nginx
Basically you need to create a redirection from your HTTP instance where all requests are automatically redirected to HTTPS.
Like this:
server {
listen 90;
server_name example.com;
# Redirect all requests to https
return 301 https://$server_name$request_uri;
}
server {
listen 9090 ssl;
server_name example.com;
ssl on;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
root /var/www/path;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
}
Try that and see if that works for you.
But basically you for the first instance, you are simply creating a redirection and all the real configuration will be on the second one.