Nginx Use https and http both in the same virtual host (but directory is different)

You don't have to do much if you initially used centmin.sh menu option 2 to setup nginx vhost with self-signed ssl = yes as it would of created both non-ssl and ssl nginx vhosts config files out of box ready for you to switch from self-signed ssl to browser trusted ssl certificates as outlined below:

• All steps outlined at Nginx SPDY SSL Configuration are still valid (exception is you do not need to create the ssl settings themselves as 123.08 stable and higher auto generate those when you answer yes to self-signed ssl creation during centmin.sh menu option 2) references HTTP/2 changes needed. You just need to do the unified file and file concatenation of your SSL providers provided files.
• To switch from self signed SSL to paid SSL see sections at Nginx Vhost & NSD DNS Setup (including setting for http to https redirect)

This means your site will be accessible from non-https and https protocols out of the box like my site centminmod.com. There's no forced http to https redirection so you can access from both. Then all you do is for blog set https version s blog domain url. If it's wordpress, you can also set in wp-config.php to force https on the blog too so it only applies on web app level.

If you didn't answer yes to self-signed ssl certificate at initial nginx vhost generation in centmin.sh menu option 2, you would need to create that nginx ssl vhost etc first as outlined at Nginx - Install self signed certificate after vhost is created? | Centmin Mod Community

 

no you can't run centmin.sh menu option 2 again for existing vhost, you need to follow steps i outlined at Nginx - Install self signed certificate after vhost is created? | Centmin Mod Community to manually setup the nginx ssl vhost again

you can of course on a separate test vps run centmin.sh option 2 to create the ssl nginx vhost, then copy that nginx ssl vhost and files over to the live vps server as well.

 

Centmin Mod is provide as is, so short of scripted related bugs or issues, any further optimisation to the web stack components - nginx, php-fpm, mariadb mysql, csf firewall etc or web app specific configurations are left to the Centmin Mod user to deal with. So I do not provide any free support for such.

However, Centmin Mod users are free to help each other out and ask questions or give answers on this community forum. My hopes are that this community forum evolves so that more veteran long time Centmin Mod users help new Centmin Mod users out

You need to create both http port 80 and https port 443 nginx vhosts as outlined either by using vhost generator or at Nginx - Use https and http both in the same virtual host (but directory is different) | Centmin Mod Community - best to use test vps to generate them and copy them over to live vps server if you don't have both domain.com.conf and domain.com.ssl.conf as outlined for centmin.sh menu option 2 at Nginx Vhost & NSD DNS Setup - CentminMod.com LEMP Nginx web stack for CentOS

then just do as outlined at Nginx - Use https and http both in the same virtual host (but directory is different) | Centmin Mod Community and set all other blog/web apps besides /forum to using https url and leave forum accessible from http url

You'd only be able to force other site/web apps to use https if they're off a subdirectory or subdomain i.e. in http port 80 vhost

Code (Text):

location ^~ /directory/ {
    rewrite ^/(.*) https://testdomain.com/$1 permanent;
}

or

Code (Text):

location ^~ /directory/ {
     return 302 https://testdomain.com$request_uri;
}

change 302 temp redirect to 301 permanent once confirmed working

 

yup if you use centmin.sh menu option 2 and answer yes to self-signed ssl, it will generate both versions of nginx vhost which you can then edit and configure them separately