1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Nginx config

Discussion in 'Server Configuration and Hosting' started by Will, Jun 3, 2012.

  1. Will

    Will Active Member

    I have it pretty much all set up and stuff but need some help converting my redirects from my .htaccess file.

    Code:
    RewriteEngine On
    RewriteCond %{SERVER_PORT} 80
    RewriteCond %{REQUEST_URI} admin.php
    RewriteRule ^(.*)$ https://domain.com/$1 [R,L]
     
    RewriteCond %{HTTPS} on
    RewriteRule ^/?$ http://domain.com/ [R=301,L]
     
    RewriteCond %{HTTP_HOST} !^domain\.com$
    RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L]
    Any help would be appreciated.
     
  2. infis

    infis Well-Known Member

  3. Will

    Will Active Member

    I currently have the admin cp on https but trying to figure out a redirect back to http from the admin cp. The link posted above didn't help so I thought I'd ask to see if anyone has an idea.
     
  4. Floren

    Floren Well-Known Member

    That conversion tool got every single rewrite rule wrong. :)
    There is nothing better than Nginx documentation. I see a lot of people doing copy/paste without understanding the logic. The best approach is to study the Nginx documentation or hire a professional to do it for you. People have no idea how many bad Nginx tutorials are out there...
     
  5. infis

    infis Well-Known Member

    Any tool is not replace reading documentation :)
     
    Floren likes this.
  6. Floren

    Floren Well-Known Member

    Just run 2 server configs, one being SSL. On the non-SSL server, redirect traffic for location /admin.php to SSL server. On the SSL server, redirect all traffic to non-SSL server, except /admin.php location. Very simple.

    Example:
    https://www.axivo.com/ - redirects to http
    http://www.axivo.com/community/ - redirects to https

    As a side note, is useless to secure only the admin.php file. You should secure the entire forums. Nginx can cache the SSL keys for x minutes so there is no server strain. Also, I hope you use elliptic curves with Google forward secrecy enabled, for performance reasons. Read why, at the bottom of the page.
     
  7. Will

    Will Active Member

    Thanks for your input. At this time, I don't really want to run the entire forum on SSL.

    For some reason when I tried to setup the config, SSL wouldn't work in a separate server block so I have just one. Any idea why?
     
  8. Floren

    Floren Well-Known Member

    Just curious, why?
    Running SSL otherwise than how I described above is the wrong way to do it. :)
     
  9. Will

    Will Active Member

    Just because of the type of community which is a gaming community. We have a lot of people that post external links. I would rather not go through all that. :)

    Well I couldn't get it to work in two separate server blocks.
     
  10. Floren

    Floren Well-Known Member

    Good point. You could use camo to proxy all links through your server if you can afford the bandwidth.
    Start with that:
    https://www.axivo.com/community/threads/basic-nginx-configuration-file.128/
    Then, read the documentation on SSL, it will work like a charm. Have fun. :)
     
  11. Will

    Will Active Member

  12. Will

    Will Active Member

    How would you do this?
     
  13. Floren

    Floren Well-Known Member

    There is a thread where we discuss the solution. Search for camo on XenForo.
     

Share This Page