Nginx exception to rewrite rule

Question

My company is running a webserver with nginx. The configuration is set so that every request on a certain server block are forcefully rewritten to https, using a location block. This is the full configuration for a specific domain:

# HTTP server

server {
    listen       80;
    server_name  www.mydomain.it mydomain.it admin.mydomain.it;
    rewrite ^(.*) https://$host$1 permanent;
}

# HTTPS server

server {
    listen       443;
    server_name  www.mydomain.it mydomain.it admin.mydomain.it;
    root         /usr/share/nginx/html/mydomain_server;

    ssl                   on;
    ssl_certificate       /etc/certs/mydomain-bundle.crt;
    ssl_certificate_key   /etc/certs/mydomain.key;

    ssl_session_timeout  5m;

    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    access_log  /var/log/nginx/mydomain.ssl.access.log  main;
    error_log   /var/log/nginx/mydomain.ssl.error.log   error;

    location / {
            try_files $uri $uri/ =404;
    }

    error_page 404 /404-mydomain.html;
    error_page 500 502 503 504 /50x.html;

    location ~ \.php$ {
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

This domain serves several implementations of the same software to different customers, and works like this:

Customer John: www.domain.com/John
Customer Ada: www.domain.com/Ada
etc...

Obviously, as you can see, all accesses to such URLS are redirected to HTTPS.

Now, there is a particular need for a single customer not this to happen.

I've been reading the official doc here about locations, which tells I can't non-match a particular expression (as stated here too ), and I can't find a way to have it work.

I've tried to add another location block matching the customer path before the default one, like this:

server {
    listen       80;
    server_name  www.mydomain.it mydomain.it admin.mydomain.it;
    root         /usr/share/nginx/html/mydomain_server;

    location ^~ /Mole/ {
            try_files $uri $uri/ =404;
    }

    location / {
            rewrite ^(.*) https://$host$1 permanent;
            try_files $uri $uri/ =404;
    }    
}

which is not working, as Mole is still being redirected to HTTPS. I've tried using "~", "=" and even simply "location /Mole/", without success. Not a browser cache problem as I've tried already flushing it. What am I missing?

Answer 1

You could try using the map directive to identify customers who prefer to use http:

map $uri $use_https {
    default 1;
    ~^/Mole/ 0; # add other exceptions as needed
}

server {
    listen  80;
    server_name  www.mydomain.it mydomain.it admin.mydomain.it;
    root    /usr/share/nginx/html/mydomain_server;

    location / {
        if ($use_https) { # consider using 302 for testing
            return 301 https://$host$request_uri;
        }
        try_files $uri $uri/ =404;
    }
}