Xenforo Friendly url 404 nginx error on https

ryan99 · Jun 1, 2019

So, somehow i managed to install centminmod on the same LXD centos 7 server and configured xenforo on it, so far everything works great but i'm not able to fix this friendly url issue no matter what.

I've tried htaccess/ domain.conf method etc but it's not working somehow and i would like to know why?
Currently i'm getting 404 error on https:// only, while the unsecure http://mydomain works perfectly fine.

Ps: I'm using ddos-guard.net for dns

here is mydomain.conf

Code:


# Centmin Mod Getting Started Guide

# must read http://centminmod.com/getstarted.html


# redirect from non-www to www

# uncomment, save file and restart Nginx to enable

# if unsure use return 302 before using return 301

#server {

#            listen   80;

#            server_name mydomain;

#            return 301 $scheme://www.mydomain$request_uri;

# }


server {

  server_name mydomain www.mydomain;


# ngx_pagespeed & ngx_pagespeed handler

#include /usr/local/nginx/conf/pagespeed.conf;

#include /usr/local/nginx/conf/pagespeedhandler.conf;

#include /usr/local/nginx/conf/pagespeedstatslog.conf;


  #add_header X-Frame-Options SAMEORIGIN;

  #add_header X-Xss-Protection "1; mode=block" always;

  #add_header X-Content-Type-Options "nosniff" always;


  # limit_conn limit_per_ip 16;

  # ssi  on;


  access_log /home/nginx/domains/mydomain/log/access.log combined buffer=256k flush=5m;

  error_log /home/nginx/domains/mydomain/log/error.log;


  root /home/nginx/domains/mydomain/public;

location / {

    try_files $uri $uri/ /index.php?$uri&$args;

    index index.php index.html;

}


location /install/data/ {

    internal;

}


location /install/templates/ {

    internal;

}


location /internal_data/ {

    internal;

}


location /library/ {

    internal;

}


# xenforo 2 uncomment / remove hash from next 3 lines

location /src/ {

    internal;

}


location ~ \.php$ {

    try_files $uri =404;

    fastcgi_pass  127.0.0.1:9000;

    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

    include   fastcgi_params;
}




 include /usr/local/nginx/conf/staticfiles.conf;

 include /usr/local/nginx/conf/php.conf;

 include /usr/local/nginx/conf/drop.conf;

 include /usr/local/nginx/conf/errorpage.conf;

 include /usr/local/nginx/conf/vts_server.conf;


}

mydomain.ssl.conf

Code:

#x# HTTPS-DEFAULT

 server {


   server_name mydomain www.mydomain;

   return 302 https://mydomain$request_uri;

   include /usr/local/nginx/conf/staticfiles.conf;

 }



server {

  listen 443 ssl http2 reuseport;

  server_name mydomain www.mydomain;


  if ($host != "mydomain") {

  return 404;

  }


  include /usr/local/nginx/conf/ssl/mydomain/mydomain.crt.key.conf;

  include /usr/local/nginx/conf/ssl_include.conf;


  # cloudflare authenticated origin pull cert community.centminmod.com/threads/13847/

  #ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare/mydomain/origin.crt;

  #ssl_verify_client on;

  http2_max_field_size 16k;

  http2_max_header_size 32k;

  # mozilla recommended

  ssl_ciphers [redacted]

  ssl_prefer_server_ciphers   on;

  #add_header Alternate-Protocol  443:npn-spdy/3;
# before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts

  #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";

  #add_header X-Frame-Options SAMEORIGIN;

  add_header X-Xss-Protection "1; mode=block" always;

  add_header X-Content-Type-Options "nosniff" always;

  #add_header Referrer-Policy "strict-origin-when-cross-origin";

  #spdy_headers_comp 5;

  ssl_buffer_size 1369;

  ssl_session_tickets on;


  # enable ocsp stapling

  resolver 8.8.8.8 8.8.4.4 1.1.1.1 1.0.0.1 valid=10m;

  resolver_timeout 10s;

  ssl_stapling on;

  ssl_stapling_verify on;

# ngx_pagespeed & ngx_pagespeed handler

#include /usr/local/nginx/conf/pagespeed.conf;

#include /usr/local/nginx/conf/pagespeedhandler.conf;

#include /usr/local/nginx/conf/pagespeedstatslog.conf;


  # limit_conn limit_per_ip 16;

  # ssi  on;


  access_log /home/nginx/domains/mydomain/log/access.log combined buffer=256k flush=5m;

  error_log /home/nginx/domains/mydomain/log/error.log;


  include /usr/local/nginx/conf/autoprotect/mydomain/autoprotect-mydomain.conf;

  root /home/nginx/domains/mydomain/public;

  # uncomment cloudflare.conf include if using cloudflare for

  # server and/or vhost site

  include /usr/local/nginx/conf/cloudflare.conf;
 include /usr/local/nginx/conf/503include-main.conf;


  location / {

  include /usr/local/nginx/conf/503include-only.conf;


# block common exploits, sql injections etc

#include /usr/local/nginx/conf/block.conf;


  # Enables directory listings when index file not found

  #autoindex  on;


  # Shows file listing times as local time

  #autoindex_localtime on;


  # Wordpress Permalinks example

  #try_files $uri $uri/ /index.php?q=$uri&$args;

 }


  include /usr/local/nginx/conf/pre-staticfiles-local-mydomain.conf;

  include /usr/local/nginx/conf/pre-staticfiles-global.conf;

  include /usr/local/nginx/conf/staticfiles.conf;

  include /usr/local/nginx/conf/php.conf;


  include /usr/local/nginx/conf/drop.conf;

  #include /usr/local/nginx/conf/errorpage.conf;

  include /usr/local/nginx/conf/vts_server.conf;

}

Thank you.

eva2000 · Jun 1, 2019

remove
Code (Text):
location ~ \.php$ {

   try_files $uri =404;

   fastcgi_pass  127.0.0.1:9000;

   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

   include   fastcgi_params;
}
as php.conf include takes care of that
Code (Text):
include /usr/local/nginx/conf/php.conf;
check out https://centminmod.com/nginx_configure_xenforo_seo_friendly_urls.html as your web root / location context in domain.com.ssl.conf is correct

ryan99 · Jun 2, 2019

eva2000 said: ↑
remove
Code (Text):
location ~ \.php$ {

   try_files $uri =404;

   fastcgi_pass  127.0.0.1:9000;

   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

   include   fastcgi_params;
}
as php.conf include takes care of that
Code (Text):
include /usr/local/nginx/conf/php.conf;
check out Nginx Rewrites for Xenforo Friendly Urls - CentminMod.com LEMP Nginx web stack for CentOS as your web root / location context in domain.com.ssl.conf is correct
Click to expand...
Okay I forgot to mention, I added it after nothing was working. So I just removed it and restarted nginx but it still does not work. I'm still getting 404 errors and I'm not sure why. The .htaccess file I'm using with xenforo is the default one I got from their community site.
https://xenforo.com/community/htaccess.txt

Do you think it can be something related to dns/ssl because non ssl domain is working fine.

eva2000 · Jun 2, 2019

nginx doesn't suppprt .htaccess apache mod_rewrites you need to convert to nginx equivalent rules which is what this part is as per Nginx Rewrites for Xenforo Friendly Urls - CentminMod.com LEMP Nginx web stack for CentOS
Code (Text):
location / {
   try_files $uri $uri/ /index.php?$uri&$args;
   index index.php index.html;
}

eva2000 · Jun 2, 2019

you mydomain.com.ssl.conf has a 404 redirect it too + a non-https to https redirect which will conflict with mydomain.com.conf non-https nginx vhost so you need to remove non-https mydomain.com.conf and let https mydomain.com.ssl.conf nginx do all the work
Code (Text):
 server {
   server_name mydomain www.mydomain;
   return 302 https://mydomain$request_uri;
   include /usr/local/nginx/conf/staticfiles.conf;
 }

server {
  listen 443 ssl http2 reuseport;
  server_name mydomain www.mydomain;

  if ($host != "mydomain") {
  return 404;
  }
As to non-https to https redirection as per centminmod.com/nginx_domain_dns_setup.html#httpsredirect is the correct way to set it up - pay attention to different way if you want redirect target being www version instead of non-www and vice versa and that the target version www or non-www is the only version listed in server_name for the 2nd/main server {} context.

key to testing is using 302 temp redirect first in a private incognito browser session otherwise the problems you can experience may end up being due to browser caching or 301 permanent redirects unless you clear browser cache and reboot local computer(s) and even then some web browsers don't let go of 301 permanent redirect browser cache that willingly

You can test in SSH via curl to check headers for location field (where the redirect goes) using the following commands:
Code (Text):
curl -I http://domain.com
Code (Text):
curl -I http://www.domain.com
So slight correction change the main listen 443 server{} context server_name to list only the target version so if you want non-www it would become the below and you need a 3rd server context for https www domain redirect to https non-www domain as per centminmod.com/nginx_domain_dns_setup.html#httpsredirect
Code (Text):
 server {
   server_name mydomain www.mydomain;
   return 302 https://mydomain$request_uri;
   include /usr/local/nginx/conf/staticfiles.conf;
 }

server {
  listen 443 ssl http2;
  server_name www.mydomain;

  ssl_dhparam /usr/local/nginx/conf/ssl/www.mydomain/dhparam.pem;
  ssl_certificate      /usr/local/nginx/conf/ssl/www.mydomain/www.mydomain.crt;
  ssl_certificate_key  /usr/local/nginx/conf/ssl/www.mydomain/www.mydomain.key;
  include /usr/local/nginx/conf/ssl_include.conf;

  return 302 https://newdomain.com$request_uri;
}

server {
  listen 443 ssl http2 reuseport;
  server_name mydomain;

  #if ($host != "mydomain") {
  #return 404;
  #}
so non-www and www domain non-https redirect to https non-www and https www redirects to https non-www

Log in / Register

Forums

Join the community today

Xenforo Friendly url 404 nginx error on https

ryan99 New Member

eva2000 Administrator Staff Member

ryan99 New Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Join the community today

Xenforo Friendly url 404 nginx error on https

ryan99 New Member

eva2000 Administrator Staff Member

ryan99 New Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

.