Join the community today
Register Now

Xenforo Friendly url 404 nginx error on https

Discussion in 'Forum software usage' started by ryan99, Jun 1, 2019.

  1. ryan99

    ryan99 New Member

    9
    1
    3
    May 27, 2019
    Ratings:
    +1
    Local Time:
    12:25 PM
    So, somehow i managed to install centminmod on the same LXD centos 7 server and configured xenforo on it, so far everything works great but i'm not able to fix this friendly url issue no matter what.

    I've tried htaccess/ domain.conf method etc but it's not working somehow and i would like to know why?
    Currently i'm getting 404 error on https:// only, while the unsecure http://mydomain works perfectly fine.

    Ps: I'm using ddos-guard.net for dns

    here is mydomain.conf

    Code:
    # Centmin Mod Getting Started Guide
    
    # must read http://centminmod.com/getstarted.html
    
    
    # redirect from non-www to www
    
    # uncomment, save file and restart Nginx to enable
    
    # if unsure use return 302 before using return 301
    
    #server {
    
    #            listen   80;
    
    #            server_name mydomain;
    
    #            return 301 $scheme://www.mydomain$request_uri;
    
    # }
    
    
    server {
    
      server_name mydomain www.mydomain;
    
    
    # ngx_pagespeed & ngx_pagespeed handler
    
    #include /usr/local/nginx/conf/pagespeed.conf;
    
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    
      #add_header X-Frame-Options SAMEORIGIN;
    
      #add_header X-Xss-Protection "1; mode=block" always;
    
      #add_header X-Content-Type-Options "nosniff" always;
    
    
      # limit_conn limit_per_ip 16;
    
      # ssi  on;
    
    
      access_log /home/nginx/domains/mydomain/log/access.log combined buffer=256k flush=5m;
    
      error_log /home/nginx/domains/mydomain/log/error.log;
    
    
      root /home/nginx/domains/mydomain/public;
    
    location / {
    
        try_files $uri $uri/ /index.php?$uri&$args;
    
        index index.php index.html;
    
    }
    
    
    location /install/data/ {
    
        internal;
    
    }
    
    
    location /install/templates/ {
    
        internal;
    
    }
    
    
    location /internal_data/ {
    
        internal;
    
    }
    
    
    location /library/ {
    
        internal;
    
    }
    
    
    # xenforo 2 uncomment / remove hash from next 3 lines
    
    location /src/ {
    
        internal;
    
    }
    
    
    location ~ \.php$ {
    
        try_files $uri =404;
    
        fastcgi_pass  127.0.0.1:9000;
    
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    
        include   fastcgi_params;
    }
    
    
    
    
     include /usr/local/nginx/conf/staticfiles.conf;
    
     include /usr/local/nginx/conf/php.conf;
    
     include /usr/local/nginx/conf/drop.conf;
    
     include /usr/local/nginx/conf/errorpage.conf;
    
     include /usr/local/nginx/conf/vts_server.conf;
    
    
    }
    
    
    mydomain.ssl.conf

    Code:
    #x# HTTPS-DEFAULT
    
     server {
    
    
       server_name mydomain www.mydomain;
    
       return 302 https://mydomain$request_uri;
    
       include /usr/local/nginx/conf/staticfiles.conf;
    
     }
    
    
    
    server {
    
      listen 443 ssl http2 reuseport;
    
      server_name mydomain www.mydomain;
    
    
      if ($host != "mydomain") {
    
      return 404;
    
      }
    
    
      include /usr/local/nginx/conf/ssl/mydomain/mydomain.crt.key.conf;
    
      include /usr/local/nginx/conf/ssl_include.conf;
    
    
      # cloudflare authenticated origin pull cert community.centminmod.com/threads/13847/
    
      #ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare/mydomain/origin.crt;
    
      #ssl_verify_client on;
    
      http2_max_field_size 16k;
    
      http2_max_header_size 32k;
    
      # mozilla recommended
    
      ssl_ciphers [redacted]
    
      ssl_prefer_server_ciphers   on;
    
      #add_header Alternate-Protocol  443:npn-spdy/3;
    # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
    
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    
      #add_header X-Frame-Options SAMEORIGIN;
    
      add_header X-Xss-Protection "1; mode=block" always;
    
      add_header X-Content-Type-Options "nosniff" always;
    
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
    
      #spdy_headers_comp 5;
    
      ssl_buffer_size 1369;
    
      ssl_session_tickets on;
    
    
      # enable ocsp stapling
    
      resolver 8.8.8.8 8.8.4.4 1.1.1.1 1.0.0.1 valid=10m;
    
      resolver_timeout 10s;
    
      ssl_stapling on;
    
      ssl_stapling_verify on;
    
    # ngx_pagespeed & ngx_pagespeed handler
    
    #include /usr/local/nginx/conf/pagespeed.conf;
    
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    
      # limit_conn limit_per_ip 16;
    
      # ssi  on;
    
    
      access_log /home/nginx/domains/mydomain/log/access.log combined buffer=256k flush=5m;
    
      error_log /home/nginx/domains/mydomain/log/error.log;
    
    
      include /usr/local/nginx/conf/autoprotect/mydomain/autoprotect-mydomain.conf;
    
      root /home/nginx/domains/mydomain/public;
    
      # uncomment cloudflare.conf include if using cloudflare for
    
      # server and/or vhost site
    
      include /usr/local/nginx/conf/cloudflare.conf;
     include /usr/local/nginx/conf/503include-main.conf;
    
    
      location / {
    
      include /usr/local/nginx/conf/503include-only.conf;
    
    
    # block common exploits, sql injections etc
    
    #include /usr/local/nginx/conf/block.conf;
    
    
      # Enables directory listings when index file not found
    
      #autoindex  on;
    
    
      # Shows file listing times as local time
    
      #autoindex_localtime on;
    
    
      # Wordpress Permalinks example
    
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
     }
    
    
      include /usr/local/nginx/conf/pre-staticfiles-local-mydomain.conf;
    
      include /usr/local/nginx/conf/pre-staticfiles-global.conf;
    
      include /usr/local/nginx/conf/staticfiles.conf;
    
      include /usr/local/nginx/conf/php.conf;
    
    
      include /usr/local/nginx/conf/drop.conf;
    
      #include /usr/local/nginx/conf/errorpage.conf;
    
      include /usr/local/nginx/conf/vts_server.conf;
    
    }
    
    
    


    Thank you.
     
    Last edited: Jun 1, 2019
  2. eva2000

    eva2000 Administrator Staff Member

    40,188
    8,888
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,697
    Local Time:
    4:55 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    remove
    Code (Text):
    location ~ \.php$ {
    
       try_files $uri =404;
    
       fastcgi_pass  127.0.0.1:9000;
    
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    
       include   fastcgi_params;
    }
    

    as php.conf include takes care of that
    Code (Text):
    include /usr/local/nginx/conf/php.conf;
    


    check out https://centminmod.com/nginx_configure_xenforo_seo_friendly_urls.html as your web root / location context in domain.com.ssl.conf is correct
     
    • Like Like x 1
  3. ryan99

    ryan99 New Member

    9
    1
    3
    May 27, 2019
    Ratings:
    +1
    Local Time:
    12:25 PM
    Okay I forgot to mention, I added it after nothing was working. So I just removed it and restarted nginx but it still does not work. I'm still getting 404 errors and I'm not sure why. The .htaccess file I'm using with xenforo is the default one I got from their community site.
    https://xenforo.com/community/htaccess.txt

    Do you think it can be something related to dns/ssl because non ssl domain is working fine.
     
  4. eva2000

    eva2000 Administrator Staff Member

    40,188
    8,888
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,697
    Local Time:
    4:55 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  5. eva2000

    eva2000 Administrator Staff Member

    40,188
    8,888
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,697
    Local Time:
    4:55 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    you mydomain.com.ssl.conf has a 404 redirect it too + a non-https to https redirect which will conflict with mydomain.com.conf non-https nginx vhost so you need to remove non-https mydomain.com.conf and let https mydomain.com.ssl.conf nginx do all the work
    Code (Text):
     server {
       server_name mydomain www.mydomain;
       return 302 https://mydomain$request_uri;
       include /usr/local/nginx/conf/staticfiles.conf;
     }
    
    server {
      listen 443 ssl http2 reuseport;
      server_name mydomain www.mydomain;
    
      if ($host != "mydomain") {
      return 404;
      }
    

    As to non-https to https redirection as per centminmod.com/nginx_domain_dns_setup.html#httpsredirect is the correct way to set it up - pay attention to different way if you want redirect target being www version instead of non-www and vice versa and that the target version www or non-www is the only version listed in server_name for the 2nd/main server {} context.

    key to testing is using 302 temp redirect first in a private incognito browser session otherwise the problems you can experience may end up being due to browser caching or 301 permanent redirects unless you clear browser cache and reboot local computer(s) and even then some web browsers don't let go of 301 permanent redirect browser cache that willingly :)

    You can test in SSH via curl to check headers for location field (where the redirect goes) using the following commands:
    Code (Text):
    curl -I http://domain.com
    

    Code (Text):
    curl -I http://www.domain.com
    

    So slight correction change the main listen 443 server{} context server_name to list only the target version so if you want non-www it would become the below and you need a 3rd server context for https www domain redirect to https non-www domain as per centminmod.com/nginx_domain_dns_setup.html#httpsredirect
    Code (Text):
     server {
       server_name mydomain www.mydomain;
       return 302 https://mydomain$request_uri;
       include /usr/local/nginx/conf/staticfiles.conf;
     }
    
    server {
      listen 443 ssl http2;
      server_name www.mydomain;
    
      ssl_dhparam /usr/local/nginx/conf/ssl/www.mydomain/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/www.mydomain/www.mydomain.crt;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/www.mydomain/www.mydomain.key;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      return 302 https://newdomain.com$request_uri;
    }
    
    server {
      listen 443 ssl http2 reuseport;
      server_name mydomain;
    
      #if ($host != "mydomain") {
      #return 404;
      #}
    

    so non-www and www domain non-https redirect to https non-www and https www redirects to https non-www
     
..