1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Nginx Rewrites Stop Working After Move To SSL

Discussion in 'Server Configuration and Hosting' started by BamaStangGuy, Apr 18, 2014.

  1. BamaStangGuy

    BamaStangGuy Well-Known Member

    This is the conf file I have for my domain:

    Code:
    server {
        server_name aspiescentral.com www.aspiescentral.com;
        rewrite ^    https://www.aspiescentral.com$request_uri? permanent;  
    # return 301 https://www.aspiescentral.com$request_uri;
    }
    server {
    listen 443 ssl spdy;
    server_name www.aspiescentral.com;   
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
            ssl_certificate      /usr/local/nginx/conf/ssl/aspiescentralcom/ssl-unified.crt;
            ssl_certificate_key  /usr/local/nginx/conf/ssl/aspiescentralcom/www_aspiescentral_com.key;
            ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
            ssl_session_cache      shared:SSL:10m;
            ssl_session_timeout  10m;
            ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!kEDH:!EDH:!CAMELLIA;
            ssl_prefer_server_ciphers   on;
            add_header Alternate-Protocol  443:npn-spdy/2;
            #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
            #add_header  X-Content-Type-Options "nosniff";
            #add_header X-Frame-Options DENY;
            # nginx 1.5.9+ or higher
            # http://nginx.org/en/docs/http/ngx_http_spdy_module.html#spdy_headers_comp
            # http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size
            # spdy_headers_comp 0;
            # ssl_buffer_size 4k;
    
            # enable ocsp stapling
            resolver 8.8.8.8;
            ssl_stapling on;
            ssl_stapling_verify on;
            ssl_trusted_certificate /usr/local/nginx/conf/ssl/aspiescentralcom/ssl-trusted.crt;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/aspiescentral.com/log/access.log combined buffer=32k;
      error_log /home/nginx/domains/aspiescentral.com/log/error.log;
    
      root /home/nginx/domains/aspiescentral.com/public;
    
      location / {
    index index.php index.html index.htm;
    try_files $uri $uri/ /index.php?$uri&$args;
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      #try_files         / /index.php;
    
            rewrite ^/global-threads-forum/745-v-i-p-usergroup-subscription-information.html /threads/v-i-p-upgrades-gifting-v-i-p-upgrades.5325/ permanent;
            rewrite ^/attachments/(.+)/([0-9]+)[d-](.+)$ /attachment.php?attachmentid=$2 permanent;
            rewrite ^/members/([\d]+).html /member.php?u=$1 permanent;
            rewrite ^/blogs/([^\.]+)/$ /member_redirect.php?username=$1 permanent;
            rewrite ^/aspergers-syndrome-autism-hfa-discussion/$ /forums/aspergers-syndrome-autism-and-hfa-discussion.2/ permanent;
            rewrite ^/pdd-nos-social-anxiety-others/$ /forums/pdd-nos-social-anxiety-and-others.30/ permanent;
            rewrite ^/[^/]+/([\d]+)-.+-([\d]+).html /showthread.php?t=$1&page=$2 last;
            rewrite ^/[^/]+/([\d]+)-.+.html /showthread.php?t=$1 last;
    
      }
    
    location /internal_data/ {
        internal;
    }
    location /library/ {
           internal;
    }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      #include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/phpssl.conf;
    }
    
    This is an old url that would redirect before the move with those exact redirects: https://www.aspiescentral.com/friendships-social-skills/4306-facial-gestures.html

    New url it is suppose to go to: https://www.aspiescentral.com/threads/facial-gestures.4306/

    confirmed that 301config.php is set correctly and that showthread.php exists and is current.
     
  2. p4guru

    p4guru Well-Known Member

    what's the contents in these 2 files

    /usr/local/nginx/conf/phpssl.conf
    /usr/local/nginx/conf/fastcgi_param_https_map.conf

    I don't think i recall phpssl.conf in Centmin Mod

    in /usr/local/nginx/conf/php.conf (which you have commented out - shouldn't have to do that) you should have one line

    Code:
    fastcgi_param HTTPS $server_https;
    and in /usr/local/nginx/conf/fastcgi_param_https_map.conf which is included in /usr/local/nginx/conf/nginx.conf should contain

    Code:
    # for PHP behind SSL https
    
    map $scheme $server_https {
            default off;
            https on;
    }
     
  3. BamaStangGuy

    BamaStangGuy Well-Known Member

    Its setup correctly as far as https working. phpssl.conf is nothing more than php.conf copied with that extra line added.
     
  4. p4guru

    p4guru Well-Known Member

    if you comment out
    /usr/local/nginx/conf/staticfiles.conf or remove the html location context in
    /usr/local/nginx/conf/staticfiles.conf and restart nginx server does the redirect work ? as the .html extensions by default would be served by
    nginx as a static file through /usr/local/nginx/conf/staticfiles.conf

    also might want to change

    add_header Alternate-Protocol 443:npn-spdy/2;

    to

    add_header Alternate-Protocol 443:npn-spdy/3;

    as SPDY/3.1 is upon us now
     
    BamaStangGuy likes this.
  5. BamaStangGuy

    BamaStangGuy Well-Known Member

    It was the html part in staticfiles.conf
     

Share This Page