I'm trying to configure nginx with two domains, each with a different ssl certificate and a different root location.
The following code shows two times the exact same thing.
domain1.com should go to /home/ubuntu/web/html/domain1 and should use this: /etc/letsencrypt/live/domain1.com/fullchain.pem certificate. domain2.com should go to /home/ubuntu/web/html/domain2 and use this /etc/letsencrypt/live/domain2.com/fullchain.pem certificate.
I tried the following:
server {
listen 80;
server_name www.domain1.com;
return 301 https://domain1.com$request_uri;
}
server {
listen 80;
server_name domain1.com;
return 301 https://domain1.com$request_uri;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/letsencrypt/live/domain1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain1.com/privkey.pem;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
root /home/ubuntu/web/html/domain1;
index index.php index.html index.htm;
server_name domain1.com, www.domain1.com;
location / {
try_files $uri $uri/ $uri.html $uri.php?$query_string;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param MAGE_MODE "developer";
}
}
server {
listen 80;
server_name www.domain2.com;
return 301 https://domain2.com$request_uri;
}
server {
listen 80;
server_name domain2.com;
return 301 https://domain2.com$request_uri;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/letsencrypt/live/domain2.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain2.com/privkey.pem;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
root /home/ubuntu/web/html/domain2;
index index.php index.html index.htm;
server_name domain2.com, www.domain2.com;
location / {
try_files $uri $uri/ $uri.html $uri.php?$query_string;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param MAGE_MODE "developer";
}
}
It turns out that always one server block is chosen as default and also used for the the other domain.
Also adding an extra default server doesn't work.
Related
Can you please help me to edit my Nginx script.I have problem with access to https://myurl.wp-admin.php redirects to 404 not found nginx 1.10.0.
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
root /var/www/html;
index index.php index.html;
server_name _;
ssl_certificate /etc/nginx/ssl/csr/ssl_altr/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/csr/ssl_altr/nginx.key;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
i wanna redirect al to https://example.com
This redirections works fine:
http://www.example.com -> https://example.com
https://www.example.com -> https://example.com
but this dont work:
http://example.com -> https://example.com
this is my nginx complete config:
server {
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/laravel/public;
index index.php index.html index.htm;
server_name example.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/www;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443 ssl;
server_name example.com;
add_header Strict-Transport-Security "max-age=31536000";
ssl_certificate /home/user/example.com.chained.crt;
ssl_certificate_key /home/user/example.com.key;
}
i see a lot of example to redirect that but the server goes to the error 500 and too many redirections.
Add example.com to server_name
Hope that helps.
I need help with some nginx configuration. So please help. So here is my situation.
my domain: rtechmedia.com
1) I want all the request of http:// www.rtechmedia.com redirect to https:// www.rtechmedia.com
2) I want all the request of https:// rtechmedia.com to https:// www.rtechmedia.com
3) But i want that the style folder and its content located at www.rtechmedia.com/styles/* should redirect to http:// www.rtechmedia.com/styles/* instead of https:// www.rtechmedia.com/styles/*
I am noob in nginx so please give in details. And note i put space in url because of low reputation. So ignore it
I am able to achieve 1) and 2) but not 3 so help me with that.
server {
listen 80;
server_name www.rtechmedia.com;
return 301 https://www.rtechmedia.com$request_uri;
}
server {
listen 80;
server_name rtechmedia.com;
return 301 https://www.rtechmedia.com$request_uri;
}
server {
listen 443 ssl;
server_name www.rtechmedia.com;
root /home/forge/www.rtechmedia.com;
ssl_certificate /etc/nginx/ssl/www.rtechmedia.com/11369/server.crt;
ssl_certificate_key /etc/nginx/ssl/www.rtechmedia.com/11369/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/www.rtechmedia.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
I have two apps... wordpress and WHMCS (a billing app)
example.com is wordpress.
example.com/portal to be WHMCS.
On the nginx server here is how I have my folders
/example.com
|_ /wordpress
|_ /whmcs
root is wordpress, but when someone goes to /portal I want the root to be /whmcs instead.
I've tried both root and alias. I either get 404 or 403 forbidden.
Here is my current example.conf file
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 80;
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/nginx/ssl.crt;
ssl_certificate_key /etc/nginx/ssl.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'AES128+EECDH:AES128+EDH';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
root /usr/share/nginx/example/wordpress;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ^~ /portal/index.php {
autoindex on;
alias /usr/share/nginx/example/portal;
}
}
The solution is not to share the php location.
server {
listen 80;
server_name example.com;
root /usr/share/nginx/example;
location / {
root /usr/share/nginx/example/wordpress;
try_files $uri $uri/ /index.php?$query_string;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params; }
}
location /portal {
error_page 404 = #whmcs; }
location #whmcs {
rewrite ^(.*)$ /portal/index.php last;
root /usr/share/nginx/example/portal;
try_files $uri $uri/ /index.php?$query_string; }
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params; }
}
i'm new to nginx and i have a problem with virtual host. The virtual host didn't work when i try to access the vhost it'll be redirect to localhost "Welcome to nginx". Here are the contents of my config:
/etc/hosts config:
127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain
****Generated by Admin****
18.200.10.50 mail.testingweb.com
18.200.10.50 testingweb.com
SSL config on /etc/nginx/conf.d/ssl.conf:
server {
listen 443 default_server ssl;
server_name testingweb.com;
ssl_certificate /etc/nginx/sslcert/xxxx.crt;
ssl_certificate_key /etc/nginx/sslcert/xxxxx.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
keepalive_timeout 70;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNU$
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
root /usr/share/nginx/html;
index index.php index.html index.htm;
}
location ~ \.php$ {
try_files $uri =404;
# With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
/etc/nginx/sites-available/default config:
server {
listen 80 default_server;
# listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/xhtml;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name testingweb.com;
return 301 https://$host$request_uri;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri =404;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
server {
listen 80;
listen 443;
return 403;
}
I want to access another sites from new root directory, /usr/share/nginx/html/www on www directory there is a wordpress.
/etc/nginx/sites-available/testingweb config:
server {
listen 80 default_server;
# listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html/www;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name testingweb.com;
# rewrite ^ https://$http_host$request_uri? permanent;
return 301 https://$host$request_uri;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?q=$uri&$args;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules;
}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# location = /favicon.ico {
# alias /usr/share/nginx/html/favicon.ico;
# }
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
According the configs, what's wrong with my config ? i cannot access the wordpress file on /usr/share/nginx/html/www directory by domain testingweb.com ? its always redirect to default host instead of testingweb host ?
sorry for my bad english..
This is a revised version of the nginx configuration from your pastebin code:
server {
listen 80;
# listen [::]:80 default_server ipv6only=on;
# Make site accessible from http://devdev.com/
server_name devdev.com;
return 301 https://$host$request_uri;
}
# HTTPS server
#
server {
listen 443 default_server ssl;
server_name devdev.com;
root /var/www;
index index.php index.html index.htm;
# uncomment to add your access log path here
# access_log /var/log/nginx/devdev.com.access.log main;
ssl_certificate /etc/ssl/ssl-unified.crt;
ssl_certificate_key /etc/ssl/ssl-my-private-decrypted.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
keepalive_timeout 70;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS +RC4 RC4";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location #default {
rewrite ^/(.*) /index.php?uri=$request_uri last;
}
location / {
try_files $uri $uri/index.php #default;
}
location ~ \.php$ {
try_files $uri =404;
# With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
The first server block listening on port 80 just redirects to https://devdev.com/. This will redirect all http requests to https so you don't need any other processing rules.
The second server block listens on port 443 and will proxy requests with a path ending with .php to php-fpm (you want to double-check that it's running on a unix socket and your permissions are correct).
The location block matching the / prefix (location /) will try to match files in the request URI and handle the request appropriately. For example:
If the request is for /index.php and the file exists, the following block will match the .php suffix and proxy to php-fpm.
If the request is for /foo and there's no match for a file by that name, nginx will try to match /foo/index.php and then proxy to php-fpm.
If there is still no match, try_files will use the #default location block, which just sends the request to your top-level /index.php with the request URI as parameters.
If your WordPress site is located in /var/www -- the top-level entry point should be /var/www/index.php -- this configuration should work. You might need to tweak the configurations based on your WordPress settings -- though this is generic enough that it should work without a lot of changes.