Disable HTTPS redirect in NGINX

October 27, 2016 24.6k views
Nginx Ubuntu 16.04
akshaybabloo
By:
akshaybabloo

Hi,

I have been trying to disable HTTPS redirect in NGINX but just couldn't. My current NGINX configuration is:

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /usr/share/nginx/html;
    index index.html index.html;

    server_name blog.gollahalli.me;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header HOST $http_host;
        proxy_set_header X-NginX-Proxy true;

        proxy_pass http://127.0.0.1:2368;
        proxy_redirect off;
    }
}

server {
    listen 443 ssl;
    server_name blog.gollahalli.me; # Replace with your domain

    root /usr/share/nginx/html;
    index index.html index.htm;

    ssl on;
    ssl_certificate /root/blog.gollahalli.me.chained.crt;
    ssl_certificate_key /root/blog.gollahalli.me.key;

    client_max_body_size 10G;

        location / {
        proxy_pass http://localhost:2368;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_buffering off;
    }
}

I have tried removing the listen 443, but I get page not found. What am I doing wrong here? I don't see any redirect URL here.

Log In to Comment
2 Answers
xMudrii October 28, 2016

Looks good for me.
You could check does you have some redirect server block enabled.
Enabled block are stored in /etc/nginx/sites-enabled. You can see list of enabled by doing ls:

  • ls /etc/nginx/sites-enabled

Check does you enabled this block too.
Sites are enabled by symlinking them from sites-available to sites-enabled:

  • sudo ln -s /etc/nginx/sites-available/block_name /etc/nginx/sites-enabled/

Make sure this is only block that have default_server for listen 80, as only one is allowed.

You can make one block of these two, like this:

Sample Nginx Server Block
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    listen 443 ssl;
    server_name example.com; # Replace with your domain

    root /usr/share/nginx/html;
    index index.html index.htm;

    ssl on;
    ssl_certificate cert location;
    ssl_certificate_key key location;

    client_max_body_size 10G;

        location / {
        proxy_pass http://localhost:2368;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_buffering off;
    }
}

Please make sure you change highlighted values with real ones.

Save that and test nginx config:

  • sudo nginx -t

Make sure you restart nginx after changes!:

  • sudo systemctl restart nginx

Try now to access it. If problem persist, clear cache or try another browser/incognito.

Reply
kasl33 December 22, 2016

If you are running Ruby on Rails, there is a chance that the "config.force_ssl = true" value is set. That alone will force HTTP to redirect to HTTPS.

To solve this, navigate to your Ruby on Rails site

cd /path/to/#{your_site}/current/config/environments

and edit any file in there that is active (I did them all in my case since I am deliberately eliminating SSL from my Chef cookbook since SSL termination will occur at the load balancers.

The particular line to search for will be like this:

config.force_ssl = true

Change that line to this:

config.force_ssl = false

Reply
Have another answer? Share your knowledge.

Related Questions