Question

Disable HTTPS redirect in NGINX

Hi,

I have been trying to disable HTTPS redirect in NGINX but just couldn’t. My current NGINX configuration is:

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /usr/share/nginx/html;
    index index.html index.html;

    server_name blog.gollahalli.me;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header HOST $http_host;
        proxy_set_header X-NginX-Proxy true;

        proxy_pass http://127.0.0.1:2368;
        proxy_redirect off;
    }
}

server {
    listen 443 ssl;
    server_name blog.gollahalli.me; # Replace with your domain

    root /usr/share/nginx/html;
    index index.html index.htm;

    ssl on;
    ssl_certificate /root/blog.gollahalli.me.chained.crt;
    ssl_certificate_key /root/blog.gollahalli.me.key;

    client_max_body_size 10G;

        location / {
        proxy_pass http://localhost:2368;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_buffering off;
    }
}

I have tried removing the listen 443, but I get page not found. What am I doing wrong here? I don’t see any redirect URL here.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Looks good for me. You could check does you have some redirect server block enabled. Enabled block are stored in /etc/nginx/sites-enabled. You can see list of enabled by doing ls:

  1. ls /etc/nginx/sites-enabled

Check does you enabled this block too. Sites are enabled by symlinking them from sites-available to sites-enabled:

  1. sudo ln -s /etc/nginx/sites-available/block_name /etc/nginx/sites-enabled/

Make sure this is only block that have default_server for listen 80, as only one is allowed.

You can make one block of these two, like this:

Sample Nginx Server Block
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    listen 443 ssl;
    server_name example.com; # Replace with your domain

    root /usr/share/nginx/html;
    index index.html index.htm;

    ssl on;
    ssl_certificate cert location;
    ssl_certificate_key key location;

    client_max_body_size 10G;

        location / {
        proxy_pass http://localhost:2368;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_buffering off;
    }
}

Please make sure you change highlighted values with real ones.

Save that and test nginx config:

  1. sudo nginx -t

**Make sure you restart nginx after changes!:**

  1. sudo systemctl restart nginx

Try now to access it. If problem persist, clear cache or try another browser/incognito.

For me, it ended up being a URL Redirect DNS that I had put in place and completely forgot about. It redirected @ to https://www.<domain>.com. If NGINX isn’t redirecting, maybe something else in the pipeline is.

If you are running Ruby on Rails, there is a chance that the “config.force_ssl = true” value is set. That alone will force HTTP to redirect to HTTPS.

To solve this, navigate to your Ruby on Rails site

cd /path/to/#{your_site}/current/config/environments

and edit any file in there that is active (I did them all in my case since I am deliberately eliminating SSL from my Chef cookbook since SSL termination will occur at the load balancers.

The particular line to search for will be like this:

config.force_ssl = true

Change that line to this:

config.force_ssl = false