Welcome to Centmin Mod Community
Register Now

Nginx https only for the index page

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by SFLC, Dec 23, 2016.

  1. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    Hello,

    Im trying to run https only for the index page,

    basically what im trying to achieve is when a user goes to the site they are taken to the https version, however, I dont want a 300 series redirect where its forced on all the site, just the index.

    The reason why i want to do this is that Im going to be running a url shortening service and many ads etc wont work on https, the sites already setup to generate the short links as http, and that's why if I force a redirect to https then itll affect those links as well

    i tried this in the ssl conf

    Code:
      # Single URL
      location = /index.php {
        # plus other PHP settings and parameters
        fastcgi_pass php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      }
    
      # Every other URL
      location / {
        return 301 http://www.example.com$request_uri;
      }
    
    and this in the non ssl conf

    Code:
     location = /index.php {
        return 301 https://www.example.com/index.php;
    but i just get errors

    im running a self-signed ssl cert and not forces https throughout the site at the time, so i have a .ssl.conf and a .conf for the domain

    id rather not have to use a meta redirect on the index page as this is definitely doable from nginx, and I searched through google and its as if no one has done this before,

    any help would be greatly appreciated
     
  2. eva2000

    eva2000 Administrator Staff Member

    31,018
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:17 AM
    Nginx 1.13.x
    MariaDB 5.5
    Try only need to add to domain.com.conf non-https vhost file
    Code (Text):
      location ~ ^/(index\.php) {
        return 302 https://$server_name$request_uri;
      }
    
     
  3. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    Interesting that seems to force the whole site to https, but i wonder if that's because the site goes through the index using args
     
  4. eva2000

    eva2000 Administrator Staff Member

    31,018
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:17 AM
    Nginx 1.13.x
    MariaDB 5.5
  5. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    no not enabled at all, if i remove

    location ~ ^/(index\.php) {
    return 302 https://$server_name$request_uri;
    }

    the site goes back to full http only, although https will work if someone manually changes the url to it which is fine.

    its just the index page only that i want to change
     
  6. eva2000

    eva2000 Administrator Staff Member

    31,018
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:17 AM
    Nginx 1.13.x
    MariaDB 5.5
    that should work it's what i do for centminmod.com site right now but in reverse, all pages on non-https version redirect to https except front index.html page which is http just for testing
     
  7. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    so i was right about the index args thing, found a solution though,

    changed my cloudflare ssl to flexible (forced ssl and hsts already off there) and created a page rule and works like a charm
    thanks for your help again @eva2000, your solution does work but not in my case as all the pages go through index as args
     
    • Informative Informative x 1
  8. eva2000

    eva2000 Administrator Staff Member

    31,018
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:17 AM
    Nginx 1.13.x
    MariaDB 5.5
    ah i see :)
     
  9. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    its the weird way my script works, faq page for ex is http://domain.com/index.php?p=faq, so the rule auto thinks, thats the index
     
  10. eva2000

    eva2000 Administrator Staff Member

    31,018
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:17 AM
    Nginx 1.13.x
    MariaDB 5.5
    what about
    Code (Text):
      location ~ ^/(index\.php)$ {
        return 302 https://$server_name$request_uri;
      }
     
  11. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    thats weird, errors out saying too many redirects
     
  12. eva2000

    eva2000 Administrator Staff Member

    31,018
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:17 AM
    Nginx 1.13.x
    MariaDB 5.5
    Make sure it's only done in non-https nginx vhost
     
  13. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    ya same issue with the too many redirects
     
  14. eva2000

    eva2000 Administrator Staff Member

    31,018
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:17 AM
    Nginx 1.13.x
    MariaDB 5.5
    oh well :)

    FYI, if you have user logins then chrome after Jan 2017 will mark site as insecure so will need full 100% HTTPS anyway
     
  15. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    really?

    but my login page is behind ssl setup as a cloudflare rule,

    and pretty much the whole site is now ssl except for generated shortlink urls.

    i hope google wont penalize me because im basically not using a 300series redirect to explicitly force the whole site into https
     
  16. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    Google's getting too big, they own more satellites than most countries, they make more money than many countries, and at this point they may as well claim that they own the internet
     
  17. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    No wonder China blocks google, best decision a government can make to ensure their own autonomy online. Who wants a company from overseas with likely links to their government to tell another government what they can and cant do online as well as set and enforce standards.
     
  18. eva2000

    eva2000 Administrator Staff Member

    31,018
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:17 AM
    Nginx 1.13.x
    MariaDB 5.5
  19. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    1:17 AM
    1
    10
    Thanks @eva2000, looks like im safe as my login page is https
     
    • Like Like x 1