Nginx redirect loop

OldCoals · Jan 14, 2018

I have Xenforo 2 running on Centminmod Nginx.

I have tried to edit the domain files to redirect to https://www.mydomain.com

Once I save the files and restart Nginx I get the redirect loop.

I just cant see what is wrong.

Code:

# Centmin Mod Getting Started Guide
# must read http://centminmod.com/getstarted.html
# For HTTP/2 SSL Setup
# read http://centminmod.com/nginx_configure_https_ssl_spdy.html

# redirect from www to non-www  forced SSL
# uncomment, save file and restart Nginx to enable
# if unsure use return 302 before using return 301
 server {
   server_name therailwaymen.com www.therailwaymen.com;
    return 301 https://mydomain.com$request_uri;
 }

server {
  listen 443 ssl http2;
  server_name mydomain.com www.mydomain.com;

  ssl_dhparam /usr/local/nginx/conf/ssl/mydomain.com/dhparam.pem;
  ssl_certificate      /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com-acme.cer;
  ssl_certificate_key  /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com-acme.key;
  include /usr/local/nginx/conf/ssl_include.conf;

  http2_max_field_size 16k;
  http2_max_header_size 32k;
  # dual cert supported ssl ciphers
  ssl_ciphers     EECDH+CHACHA20-draft:EECDH+CHACHA20:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
  ssl_prefer_server_ciphers   on;
  #add_header Alternate-Protocol  443:npn-spdy/3;
  #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  #add_header X-Frame-Options SAMEORIGIN;
  #add_header X-Xss-Protection "1; mode=block" always;
  #add_header X-Content-Type-Options "nosniff" always;
  #spdy_headers_comp 5;
  ssl_buffer_size 1369;
  ssl_session_tickets on;
  
  ssl_certificate      /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com-acme.cer;
  ssl_certificate_key  /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com-acme.key;

  resolver 8.8.8.8 8.8.4.4 valid=10m;
  resolver_timeout 10s;
  ssl_stapling on;
  ssl_stapling_verify on;
  ssl_trusted_certificate /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com-acme.cer; 

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/mydomain.com/log/access.log combined buffer=256k flush=5m;
  error_log /home/nginx/domains/mydomain.com/log/error.log;

  root /home/nginx/domains/mydomain.com/public;

location / {
     index index.php index.html index.htm;
     try_files $uri $uri/ /index.php?$uri&$args;
}

location /admin.php {
     auth_basic "Private";
     auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
        include /usr/local/nginx/conf/php.conf;
        allow 127.0.0.1;
        allow 88.97.44.187;
        deny all;
}

location /install/ {
     auth_basic "Private";
     auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
        include /usr/local/nginx/conf/php.conf;
        allow 127.0.0.1;
        allow 111.111.111.111;
        deny all;
}     

location /internal_data/ {
     internal;
     allow 127.0.0.1;
     allow 111.111.111.111;
     deny all;
}

location /library/ {
     internal;
     allow 127.0.0.1;
     allow 111.111.111.111;
     deny all;
}  

  include /usr/local/nginx/conf/staticfiles.conf;
  include /usr/local/nginx/conf/php.conf;
  #include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;
}

eva2000 · Jan 15, 2018

FYI for Centmin Mod Nginx based issues might also ask on Centmin Mod community forums https://community.centminmod.com/forums/forum-software-usage.34/

and for Centmin Mod http to https redirect documentation at https://centminmod.com/nginx_domain_dns_setup.html#httpsredirect

I would test in incognito or private web browser session first on your local PC that accesses the site so to ensure that HTTP to HTTPS redirect works well before change 302 temporarily redirect to 301 permanent redirect

assuming mydomain.com = therailwaymen.com

right ?

to redirect to www version change this part from

Code:

 server {
   server_name therailwaymen.com www.therailwaymen.com;
    return 301 https://mydomain.com$request_uri;
 }

server {
  listen 443 ssl http2;
  server_name mydomain.com www.mydomain.com;

to

Code:

 server {
   server_name therailwaymen.com www.therailwaymen.com;
    return 302 https://www.therailwaymen.com$request_uri;
 }

server {
  listen 443 ssl http2;
  server_name www.therailwaymen.com;

then restart nginx server after making the vhost changes

Code:

ngxrestart

OldCoals · Jan 15, 2018

OK, I have done that thanks, I thin I also need to edit the domain.com.conf file?

eva2000 · Jan 17, 2018

OldCoals said:
OK, I have done that thanks, I thin I also need to edit the domain.com.conf file?

no that should be disabled in favour of domain.com.ssl.conf vhost as you redirecting to HTTPS

OldCoals · Jan 18, 2018

How do i do that please?

Nginx redirect loop

OldCoals

Active member

eva2000

Well-known member

OldCoals

Active member

eva2000

Well-known member

OldCoals

Active member

Similar threads

We value your privacy