How to turn off ssl for specific url? - http

Here is my config:
upstream example {
server unix:///home/deploy/apps/example/shared/tmp/sockets/example-puma.sock;
}
server {
listen 80 default_server;
server_name example.org;
location /non_https {
proxy_pass http://example;
}
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem;
include snippets/ssl-params.conf;
root /home/deploy/apps/example/current/public;
try_files $uri/index.html $uri #example;
location #example {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://example;
}
keepalive_timeout 10;
}
I need to turn off ssl for /non_https/* how to get it?

If you place the retuen 301 inside a location "/" block it should work:
server {
listen 80 default_server;
server_name example.org;
location /non_https {
proxy_pass http://example;
}
location / {
return 301 https://$server_name$request_uri;
}
}

Related

redirect http to https by using Nginx

I have my Nginx configuration like this:
server {
listen 80;
server_name my-domain.co.id;
listen 443 ssl;
return 301 https://$server_name$request_uri;
ssl_certificate /etc/ssl/certs/project_chained2022.crt;
ssl_certificate_key /etc/ssl/private/pkey2022.key;
location / {
proxy_pass http://localhost:54444;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
I tried to redirect using return 301 https://$server_name$request_uri but it doesn't work.
is there any other way to do the redirect?
You need to use two server blocks, for example:
server {
listen 80;
server_name my-domain.co.id;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name my-domain.co.id;
ssl_certificate ...;
ssl_certificate_key ...;
...
}

nginx redirect http to https domain

My application is running on AWS EC2 instance. I have a domain name using HTTPS from cloudflare. I have added "A record" at cloudflare to EC2 IP address
The following in the Nginx configuration i used
step 1)
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name inzack.com www.inzack.com;
rewrite ^\/[^\/]+\/(.*) /$1 redirect;
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443;
server_name inzack.com www.inzack.com;
ssl on;
ssl_certificate /home/ubuntu/certificates/inzack.crt;
ssl_certificate_key /home/ubuntu/certificates/inzack.key;
real_ip_header X-Forwarded-For;
set_real_ip_from 127.0.0.1;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:5000;
}
}
step 2) sudo nano /etc/nginx/sites-available/inzack.com
The following is the entry in the file:
upstream inzack.com {
server 127.0.0.1:5000;
}
server {
listen 80;
listen [::]:80;
server_name inzack.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarder-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass https://inzack.com;
proxy_redirect on;
}
}
I tried all these links:
http to https redirection on nginx
Node.js + Nginx - What now?
Any help on this would be really great...
Thanks
k
No need to change in etc/Nginx/Sites-available/ folder
Step 1) # cloudflare changed page rules to Https
Step 2)
server{
listen 80;
server_name inzack.com www.inzack.com;
location /
{
proxy_pass http://127.0.0.1:4000;
}
}
server {
listen 443;
server_name inzack.com www.inzack.com;
ssl on;
# copy these files from cloudflare save it as .crt and .key
# cop
ssl_certificate /home/ubuntu/certificates/inzack.crt;
ssl_certificate_key /home/ubuntu/certificates/inzack.key;
real_ip_header X-Forwarded-For;
set_real_ip_from 127.0.0.1;
location / {
proxy_pass http://127.0.0.1:4000;
}
}
Restart the Nginx server

Redirection www and non www to one server

I would like to redirect my website after entering www.lombo.pl to only lombo.pl (with SSL certificate).
Now when something write www.lombo.pl it does not redirect. I tried to change my nginx file but still to no avail. The user can visit my website via www.lombo.pl (which at the same time shows an error because I do not have a SSL certificate configured for this domain).
upstream app_server {
server unix:/home/app/run/gunicorn.sock fail_timeout=0;
}
server {
#listen 80;
# add here the ip address of your server
# or a domain pointing to that ip (like example.com or www.example.com)
listen 443 ssl;
server_name lombo.pl;
ssl_certificate /etc/letsencrypt/live/lombo.pl/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/lombo.pl/privkey.pem;
server_name 157.245.228.127;
keepalive_timeout 5;
client_max_body_size 4G;
access_log /home/app/logs/nginx-access.log;
error_log /home/app/logs/nginx-error.log;
location /static/ {
alias /home/app/static/;
}
# checks for static file, if not found proxy to app
location / {
try_files $uri #proxy_to_app;
}
location #proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
server {
listen 80;
server_name lombo.pl;
return 301 https://$host$request_uri;
}
server {
listen 80;
server_name www.lombo.pl;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name www.lombo.pl;
return 301 https://$host$request_uri;
}

[NGINX]Can't get proxy_pass and robots.txt to work

I'm running Kibana behind NGINX and I want to add a robots.txt. I added robots.txt to /var/www/example.com but no matter what I try, when I access example.com/robots.txt it redirects to Kibana.
server {
server_name example.com www.example.com;
location = /robots.txt {
root /var/www/example.com/;
}
location / {
if ($request_uri ~* "^/robots.txt") {
rewrite ^/robots.txt /robots.txt last;
}
proxy_pass http://localhost:5601;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
~
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
I've tried the following:
root /var/www/example.com/html;
under location /
location = /robots.txt {
alias /var/www/example/com/html/robots.txt ;
}
under server.
The closest I can get is with the root one, which will redirect example.com/robots.txt to example.com/var/www/example.com/html/robots.txt.
If the path of /robots.txt is /var/www/example.com/html/robots.txt, use:
server {
...
location = /robots.txt {
root /var/www/example.com/html;
}
location / {
...
}
}
The exact match location block will always take precedence. See this document for details.

Redirect all requests to https [duplicate]

I am trying to redirect all my traffic from http to https automatically. How can i do a 301 redirect to all my domain and subdomains?
This is NGINX Config file
upstream app_server {
server unix:/run/DigitalOceanOneClick/unicorn.sock fail_timeout=0;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name sprintsocial.io app.sprintsocial.io admin.sprintsocial.io;
# return 301 https://$server_name$request_uri;
}
server {
#listen 80;
listen 443;
root /home/rails/sprintsocial/public;
#server_name _;
server_name sprintsocial.io app.sprintsocial.io admin.sprintsocial.io;
ssl on;
ssl_certificate /home/sprintsocial.io.chained.crt;
ssl_certificate_key /home/sprintsocial.io.key;
index index.htm index.html;
# return 301 https://$server_name$request_uri;
# rewrite ^/(.*) https://app.sprintsocial.io/$1 permanent;
# rewrite ^/(.*) https://admin.sprintsocial.io/$1 permanent;
location / {
try_files $uri/index.html $uri.html $uri #app;
}
location ~* ^.+\.(jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|mp3|flv|mpeg|avi)$ {
try_files $uri #app;
}
location #app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
The default server will accept http connections for any server name (without an explicit server block). Use the $host variable to determine the name of the requested domain.
server {
listen 80 default_server;
listen [::]:80 default_server;
return 301 https://$host$request_uri;
}
See this document for more.

Resources