force SSL on one page, non-SSL on others

August 16, 2015 5.5k views
Nginx LEMP PHP WordPress Ubuntu
C4f1151075b447779af31e99d6cf70e2c6eb47ac
By:
newbie

How do I set up Nginx conf file to force SSL on only one of the page in my site and non-SSL on all the rest?

For example, I want all of the URLs under /login to be https but all the rest of the URLs to be http.

from another place i found that i need to write these following codes.

for non ssl server block

server {
    root /var/www/
    location / {
    }
    location /login {
        rewrite ^ https://$http_host$request_uri? permanent;
    }
}

and for ssl block the opposite

server {
    listen 443;
    root /var/www/
    location / {
        rewrite ^ http://$http_host$request_uri? permanent;
    }
    location /login {
    }
}

but i tried to implement above codes in my server block but no luck. either it gives syntax error or redirect loop. i just dont understand where exactly i must put those codes.

here is my server block configuration

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/;
    index index.php index.html index.htm;

    server_name mysite.com www.mysite.com;

    location / {
        # try_files $uri $uri/ =404;
        try_files $uri $uri/ /index.php?q=$uri&$args;
    }

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }

    location ~* .(jpg|jpeg|png|gif|woff|ico|css|js)$ {
    expires 365d;
    }
}

server {
    listen 443 default_server spdy;
    listen [::]:443 default_server spdy;    

    root /var/www/;
    index index.php index.html index.htm;

    server_name mysite.com www.mysite.com;

    ssl on;
    ssl_certificate /my-ssl.crt;
    ssl_certificate_key /mysite.com.key;

    location / {
        # try_files $uri $uri/ =404;
        try_files $uri $uri/ /index.php?q=$uri&$args;
    }

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }

    location ~* .(jpg|jpeg|png|gif|woff|ico|css|js)$ {
    expires 365d;
    }
}
Log In to Comment
3 Answers
ForYourIT August 17, 2015

If you would only like to redirect one directory to https, you don't have to bother on the rest but just focus on that main directory. In your nginx server block, add the following to redirect it to https:

location ^~ /login {
    return 301 https://mysite.com$request_uri;
}

Or with rewrite:

location ^~ /login {
    rewrite ^ https://mysite.com$request_uri? permanent;
}

Hope you can get it working with this!

Reply
  • newbie August 21, 2015

    @CrypticDesigns

    hi,
    my previous problem is solved. but now another problem arrised

    after setting only one page to https i cant login to my wp-admin anymore. it always says wrong password. but if i turn off force http redirect and try my wp-admin page with https i can login without any problem. do i now have to set another rule for my wp-admin also?

    how can i login to my wp-admin without https now?

newbie August 21, 2015
[deleted]
Reply
ForYourIT August 21, 2015

Hello, good you got it solved. Did the configuration I suggested work?
If you would like to login to your wordpress administration panel, you have to add the following code to your wp-comfig.php

define('FORCE_SSL_ADMIN', true);

If you got any more issues you can get back here ofcourse.

Reply
  • newbie August 21, 2015

    @CrypticDesigns

    thanks for your reply.

    unfortunately this didn't worked.

    define('FORCE_SSL_ADMIN', true);

    after adding above line i cant even get the login page.

    i have changed wp-admin url to a custom url with a plugin by the way, because i needed to rename my wp-admin for some reason. does this have to do anything with this?

    also i must tell you, i did made my full site ssl for couple of days for testing. and this is happening after i came back to above solution (only one page ssl all other non ssl)

  • ForYourIT August 21, 2015

    You probably got some misconfiguration with different plugins/nginx configurations/ssl etc.
    I can't really check what is happening or what kind of errors you get. Do you get any error in nginx when you try to login with https enabled?
    If you want me to check some more things, you can contact me on skype: cryptic-designs

Have another answer? Share your knowledge.

Related Questions