Nginx rewrite HTTP to HTTPS says redirect loop?
Question
I am trying to redirect all HTTP traffic to HTTPS,so when i got to www.domain.com it goes to https://www.domain.com . This is my current .conf file -
server {
listen 80;
#listen [::]:80;
server_name www.domain.net;
rewrite ^(.*) https://www.domain.net$1 permanent;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/www.domain.net;
include other.conf;
#error_page 404 /404.html;
location ~ [^/]\.php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
#include pathinfo.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
access_log /home/wwwlogs/www.domain.net.log access; }
It always returns a 'redirect loop' error for my domain, I have tried many different configurations but I always have this same problem. (I appreciate my SSL is not configured as it should be but it still works)
If someone could help me to get it working I would be grateful.
2 answers
solution1
2 ACCPTED 2014-11-15 00:08:58
You need put the ssl configuration inside the server:
listen 443 ssl default;
ssl on ssl_certificate << put your .crt >>;
ssl_certificate_key << put your .key >>;# force https-redirects
if ($scheme = http) { return 301 https://$server_name$request_uri; }
solution2
0 2015-06-15 18:04:19
Do you put on your file the server to listen the port 443?
Because if you don't configurate your nginx to listen the port 443, your server will redirect from 80 to https. And from https to http (80) - this cause your loop.
To build your redirect you need only this:
server {
listen 80 default;
server_name <<your domain>>;
return 301 https://<<your domain>>$request_uri;}
And use the same configuration that you did on your 443 ssl but make those changes:
listen 443 ssl;
ssl_certificate <<your .crt>>;
ssl_certificate_key <<your .key>>;
ssl_client_certificate <<your client certificate .crt>>;
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.