• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Nginx Rewrites Stop Working After Move To SSL

Brent W

Well-known member
#1
This is the conf file I have for my domain:

Code:
server {
    server_name aspiescentral.com www.aspiescentral.com;
    rewrite ^    https://www.aspiescentral.com$request_uri? permanent;  
# return 301 https://www.aspiescentral.com$request_uri;
}
server {
listen 443 ssl spdy;
server_name www.aspiescentral.com;   

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

        ssl_certificate      /usr/local/nginx/conf/ssl/aspiescentralcom/ssl-unified.crt;
        ssl_certificate_key  /usr/local/nginx/conf/ssl/aspiescentralcom/www_aspiescentral_com.key;
        ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_session_cache      shared:SSL:10m;
        ssl_session_timeout  10m;
        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!kEDH:!EDH:!CAMELLIA;
        ssl_prefer_server_ciphers   on;
        add_header Alternate-Protocol  443:npn-spdy/2;
        #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
        #add_header  X-Content-Type-Options "nosniff";
        #add_header X-Frame-Options DENY;
        # nginx 1.5.9+ or higher
        # http://nginx.org/en/docs/http/ngx_http_spdy_module.html#spdy_headers_comp
        # http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size
        # spdy_headers_comp 0;
        # ssl_buffer_size 4k;

        # enable ocsp stapling
        resolver 8.8.8.8;
        ssl_stapling on;
        ssl_stapling_verify on;
        ssl_trusted_certificate /usr/local/nginx/conf/ssl/aspiescentralcom/ssl-trusted.crt;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/aspiescentral.com/log/access.log combined buffer=32k;
  error_log /home/nginx/domains/aspiescentral.com/log/error.log;

  root /home/nginx/domains/aspiescentral.com/public;

  location / {
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$uri&$args;
# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # Shows file listing times as local time
  #autoindex_localtime on;

  # Enable for vBulletin usage WITHOUT vbSEO installed
  #try_files         / /index.php;

        rewrite ^/global-threads-forum/745-v-i-p-usergroup-subscription-information.html /threads/v-i-p-upgrades-gifting-v-i-p-upgrades.5325/ permanent;
        rewrite ^/attachments/(.+)/([0-9]+)[d-](.+)$ /attachment.php?attachmentid=$2 permanent;
        rewrite ^/members/([\d]+).html /member.php?u=$1 permanent;
        rewrite ^/blogs/([^\.]+)/$ /member_redirect.php?username=$1 permanent;
        rewrite ^/aspergers-syndrome-autism-hfa-discussion/$ /forums/aspergers-syndrome-autism-and-hfa-discussion.2/ permanent;
        rewrite ^/pdd-nos-social-anxiety-others/$ /forums/pdd-nos-social-anxiety-and-others.30/ permanent;
        rewrite ^/[^/]+/([\d]+)-.+-([\d]+).html /showthread.php?t=$1&page=$2 last;
        rewrite ^/[^/]+/([\d]+)-.+.html /showthread.php?t=$1 last;

  }

location /internal_data/ {
    internal;
}
location /library/ {
       internal;
}

  include /usr/local/nginx/conf/staticfiles.conf;
  #include /usr/local/nginx/conf/php.conf;
  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/phpssl.conf;
}
This is an old url that would redirect before the move with those exact redirects: https://www.aspiescentral.com/friendships-social-skills/4306-facial-gestures.html

New url it is suppose to go to: https://www.aspiescentral.com/threads/facial-gestures.4306/

confirmed that 301config.php is set correctly and that showthread.php exists and is current.
 

p4guru

Well-known member
#2
what's the contents in these 2 files

/usr/local/nginx/conf/phpssl.conf
/usr/local/nginx/conf/fastcgi_param_https_map.conf

I don't think i recall phpssl.conf in Centmin Mod

in /usr/local/nginx/conf/php.conf (which you have commented out - shouldn't have to do that) you should have one line

Code:
fastcgi_param HTTPS $server_https;
and in /usr/local/nginx/conf/fastcgi_param_https_map.conf which is included in /usr/local/nginx/conf/nginx.conf should contain

Code:
# for PHP behind SSL https

map $scheme $server_https {
        default off;
        https on;
}
 

Brent W

Well-known member
#3
what's the contents in these 2 files

/usr/local/nginx/conf/phpssl.conf
/usr/local/nginx/conf/fastcgi_param_https_map.conf

I don't think i recall phpssl.conf in Centmin Mod

in /usr/local/nginx/conf/php.conf (which you have commented out - shouldn't have to do that) you should have one line

Code:
fastcgi_param HTTPS $server_https;
and in /usr/local/nginx/conf/fastcgi_param_https_map.conf which is included in /usr/local/nginx/conf/nginx.conf should contain

Code:
# for PHP behind SSL https

map $scheme $server_https {
        default off;
        https on;
}
Its setup correctly as far as https working. phpssl.conf is nothing more than php.conf copied with that extra line added.
 

p4guru

Well-known member
#4
if you comment out
/usr/local/nginx/conf/staticfiles.conf or remove the html location context in
/usr/local/nginx/conf/staticfiles.conf and restart nginx server does the redirect work ? as the .html extensions by default would be served by
nginx as a static file through /usr/local/nginx/conf/staticfiles.conf

also might want to change

add_header Alternate-Protocol 443:npn-spdy/2;

to

add_header Alternate-Protocol 443:npn-spdy/3;

as SPDY/3.1 is upon us now