Learn about Centmin Mod LEMP Stack today
Register Now

Nginx Enable https on some pages only?

Discussion in 'Install & Upgrades or Pre-Install Questions' started by trxerz, Jun 29, 2015.

  1. trxerz

    trxerz Member

    66
    5
    8
    Jun 25, 2015
    Ratings:
    +7
    Local Time:
    4:29 PM
    When on shared cPanel account (Apache), I can access my wordpress site with http or https, together. I also able to redirect WordPress front end https URLs to http without a plugin, but serve https only for wp-admin area.

    But after migrating to vps and using nginx then after enable ssl, every http request will be redirected to https. I've modify the vhost conf following this blog post with no luck, http still redirected to https.
    Nginx config for SSL WordPress admin only

    Anyway to avoid https redirection?
     
  2. eva2000

    eva2000 Administrator Staff Member

    29,044
    6,590
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,785
    Local Time:
    1:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    which version of centmin mod ? .07 stable or .08 beta 03

    what's your current nginx vhost for yourdomain.com.conf look like ? post it wrapped in CODE tags here

    If you followed the SPDY SSL setup at Nginx HTTPS / SSL Google SPDY configuration you would have 2 sets of settings that force http to https site wide

    Code:
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    you'd want to comment that out
    Code:
    #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    and

    Code:
    server {
      server_name domain.com www.domain.com;
      return 302 https://$server_name$request_uri;
    
    }
    you'd want to comment that out and setup a separate listen 80 server context so you can serve http and https separately
     
  3. trxerz

    trxerz Member

    66
    5
    8
    Jun 25, 2015
    Ratings:
    +7
    Local Time:
    4:29 PM
    Here's my vhost conf.
    I want to avoid http -> https redirection, when I type http urls.
    Is it possible in nginx?

    Code:
    server {
    listen 80;
    server_name mydomain.com www.mydomain.com;
    return 302 https://$server_name$request_uri;
    }
    
    server {
    listen 443 ssl spdy;
    server_name mydomain.com www.mydomain.com;
    
    ssl_dhparam /usr/local/nginx/conf/ssl/mydomain.com/dhparam.pem;
    ssl_certificate /usr/local/nginx/conf/ssl/mydomain.com/yourdomain_com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/mydomain.com/yourdomain_com.key;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    add_header Alternate-Protocol 443:npn-spdy/3;
    ssl_buffer_size 1400;
    ssl_session_tickets on;
    
    enable ocsp stapling
    resolver 8.8.8.8 8.8.4.4 valid=10m;
    resolver_timeout 10s;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com-trusted.crt;
    
     
  4. eva2000

    eva2000 Administrator Staff Member

    29,044
    6,590
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,785
    Local Time:
    1:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    Yes if you deal with the 2 sets of settings I outlined above in my 1st reply - those 2 are what tell nginx to redirect all http to https
     
  5. trxerz

    trxerz Member

    66
    5
    8
    Jun 25, 2015
    Ratings:
    +7
    Local Time:
    4:29 PM
    Thanks George,
    It worked by duplicating all lines from port 80 server block to port 443 + add some ssl config, it's good right?
     
  6. eva2000

    eva2000 Administrator Staff Member

    29,044
    6,590
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,785
    Local Time:
    1:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    in theory yes