Learn about Centmin Mod LEMP Stack today
Become a Member

Xenforo Migrated Existing Vhost from HTTP to HTTPS, now 404s outside of index page

Discussion in 'Forum software usage' started by josh, Sep 21, 2017.

  1. josh

    josh Premium Member Premium Member

    29
    2
    3
    May 27, 2014
    Ratings:
    +2
    Local Time:
    4:38 AM
    Used the guide here: https://centminmod.com/migrating-to-https.html to migrate a site as a test to see if I can do this stuff myself. As always the walkthroughs are extremely helpful if you're willing to sit and read.
    Anyway, I had everything working (so I thought) but went to force SSL, disabled my domain.com.conf file with proper code in my domain.com.ssl.conf file but I'm getting 404 errors on everything BUT the index page.


    here is my domain.com.ssl.conf file
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    # For HTTP/2 SSL Setup
    # read http://centminmod.com/nginx_configure_https_ssl_spdy.html
    
    # redirect from www to non-www  forced SSL
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
     server {
       server_name tarantulaforum.com www.tarantulaforum.com;
        return 302 https://tarantulaforum.com$request_uri;
     }
    
    server {
      listen 443 ssl http2;
      server_name tarantulaforum.com www.tarantulaforum.com;
    
      ssl_dhparam /usr/local/nginx/conf/ssl/tarantulaforum.com/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/tarantulaforum.com/tarantulaforum.com-acme.cer;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/tarantulaforum.com/tarantulaforum.com-acme.key;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # dual cert supported ssl ciphers
      ssl_ciphers     EECDH+CHACHA20-draft:EECDH+CHACHA20:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!M$
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
    
      # enable ocsp stapling
      resolver 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
      ssl_trusted_certificate /usr/local/nginx/conf/ssl/tarantulaforum.com/tarantulaforum.com-acme.cer;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/tarantulaforum.com/log/access.log combined buffer=256k flush=5m;
      error_log /home/nginx/domains/tarantulaforum.com/log/error.log;
    
      root /home/nginx/domains/tarantulaforum.com/public;
    
      location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      # More example Nginx vhost configurations at
      # http://centminmod.com/nginx_configure.html
      #try_files    $uri $uri/ /index.php;
    
      }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
    
     
  2. josh

    josh Premium Member Premium Member

    29
    2
    3
    May 27, 2014
    Ratings:
    +2
    Local Time:
    4:38 AM
    I got this when I re-enabled the domain.com.conf file so I disabled it again and the warning goes away but the 404s persist...

    Code:
    Starting nginx: nginx: [warn] conflicting server name "tarantulaforum.com" on 0.0.0.0:80, ignored
    nginx: [warn] conflicting server name "www.tarantulaforum.com" on 0.0.0.0:80, ignored
    
     
    Last edited: Sep 21, 2017
  3. josh

    josh Premium Member Premium Member

    29
    2
    3
    May 27, 2014
    Ratings:
    +2
    Local Time:
    4:38 AM
    My domain.com.ssl.conf file was missing this:
    Code:
    location / {
         index index.php index.html index.htm;
         try_files $uri $uri/ /index.php?$uri&$args;
    }
    
    location /admin.php {
         auth_basic "Private";
         auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
            include /usr/local/nginx/conf/php.conf;
            allow 127.0.0.1;
            #allow YOURIPADDRESS;
            deny all;
    }
    
    location /install/ {
         auth_basic "Private";
         auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
            include /usr/local/nginx/conf/php.conf;
            allow 127.0.0.1;
            #allow YOURIPADDRESS;
            deny all;
    }     
    
    location /internal_data/ {
         internal;
         allow 127.0.0.1;
         #allow YOURIPADDRESS;
         deny all;
    }
    
    location /library/ {
         internal;
         allow 127.0.0.1;
         #allow YOURIPADDRESS;
         deny all;
    } 
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
     
  4. eva2000

    eva2000 Administrator Staff Member

    54,523
    12,211
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,780
    Local Time:
    10:38 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yup step 7 outlines that requirement at https://centminmod.com/migrating-to-https.html