0

I've added ssl certificates to my site and it caused a redirect loop. It worked fine before. I tried:

and other solutions I found, I suspect it may be related to file permissions but i haven't found anything. I tried putting my crt and key file in /etc/ssl as well.

This is my default.website file:

server {
    listen      80;
    server_name www.example.com example.com;
    rewrite     ^   https://$server_name$request_uri? permanent;
    }


server {
    listen 443;

    ssl on;
    ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
    ssl_certificate_key /etc/nginx/ssl/private.key;

    #listen       80 default_server;
    #listen       [::]:80 default_server;
    server_name  example;
    access_log /var/log/nginx/whcms.log;

    location / {
            root   /usr/share/nginx/html/example.com;
            index index.php index.html;
            try_files $uri $uri/ /index.php?$args;
    }

    location /ngx_status_2462 {
      stub_status on;
      access_log   off;
      allow all;
    }

    #location / {
    #        index index.php index.html;
    #        try_files $uri $uri/ /index.php?$args;
    #}


    location ~ \.php$ {
            fastcgi_pass unix:/var/run/php-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/example.com$fastcgi_script_name;
            fastcgi_param CCODE $geoip_country_code;
            include fastcgi_params;
    }

    error_page  404              /404.html;

    location = /404.html {
        root   /usr/share/nginx/html;
    }


    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

and this is my nginx.conf file:

user  nginx;
worker_processes  12;
worker_rlimit_nofile 100000;
error_log   /var/log/nginx/error.log;
#error_log  /var/log/nginx/error.log  notice;
#error_log  /var/log/nginx/error.log  info;

pid        /var/run/nginx.pid;


events {
    worker_connections  100000;
    use epoll;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    keepalive_requests 0;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$host" "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

   set_real_ip_from   0.0.0.0/0;
   real_ip_header     CF-Connecting-IP;

    geoip_country   /usr/share/GeoIP/GeoIP.dat;


    access_log  /var/log/nginx/nginx-access.log  main  buffer=256k;

    sendfile        on;
    tcp_nopush      on;
    tcp_nodelay     on;
    server_tokens   off;

## Caching files
...

## Size Limits
  ...

## Timeouts
  ...

## Compression
  ...

  #include /etc/nginx/sites-enabled/*;

    # Load config files from the /etc/nginx/conf.d directory
    include /etc/nginx/conf.d/*.conf;
    index  index.php index.html index.htm;
    include /etc/nginx/websites/*.website;


}

This is the error log(after adding debug):

2015/11/03 09:22:09 [notice] 30330#0: *1 "^" matches "/", client: <ip_addr>, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
2015/11/03 09:22:09 [notice] 30330#0: *1 rewritten redirect: "https://example.com/", client: <ip_addr>, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
2015/11/03 09:22:10 [notice] 30330#0: *2 "^" matches "/", client: <ip_addr>, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
2015/11/03 09:22:10 [notice] 30330#0: *2 rewritten redirect: "https://example.com/", client: <ip_addr>, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
2015/11/03 09:22:10 [notice] 30330#0: *1 "^" matches "/", client: <ip_addr>, server: example.com, request: "GET / HTTP/1.1", host: "example.com"

where is the server ip address

I'm using cloudflare as my dns provider

Community
  • 1
  • 1
user216112
  • 163
  • 3
  • 10

1 Answers1

0

The first I see is that your server_name in the 443 server is wrong.

And review your 443 listen, it you should be:

listen 443 ssl;

Are you using an AWS ELB??

AGL
  • 536
  • 2
  • 7