Question

force SSL on one page, non-SSL on others

How do I set up Nginx conf file to force SSL on only one of the page in my site and non-SSL on all the rest?

For example, I want all of the URLs under /login to be https but all the rest of the URLs to be http.

from another place i found that i need to write these following codes.

for non ssl server block

server {
    root /var/www/
    location / {
    }
    location /login {
        rewrite ^ https://$http_host$request_uri? permanent;
    }
}

and for ssl block the opposite

server {
    listen 443;
    root /var/www/
    location / {
        rewrite ^ http://$http_host$request_uri? permanent;
    }
    location /login {
    }
}

but i tried to implement above codes in my server block but no luck. either it gives syntax error or redirect loop. i just dont understand where exactly i must put those codes.

here is my server block configuration

server {
	listen 80 default_server;
	listen [::]:80 default_server;
	
	root /var/www/;
	index index.php index.html index.htm;

	server_name mysite.com www.mysite.com;
		
	location / {
		# try_files $uri $uri/ =404;
		try_files $uri $uri/ /index.php?q=$uri&$args;
	}

	error_page 404 /404.html;
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
		root /usr/share/nginx/html;
	}

	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		fastcgi_pass unix:/var/run/php5-fpm.sock;
		fastcgi_index index.php;
		include fastcgi.conf;
	}

	location ~* .(jpg|jpeg|png|gif|woff|ico|css|js)$ {
	expires 365d;
	}
}

server {
	listen 443 default_server spdy;
	listen [::]:443 default_server spdy;	

	root /var/www/;
	index index.php index.html index.htm;

	server_name mysite.com www.mysite.com;

	ssl on;
	ssl_certificate /my-ssl.crt;
	ssl_certificate_key /mysite.com.key;

	location / {
		# try_files $uri $uri/ =404;
		try_files $uri $uri/ /index.php?q=$uri&$args;
	}

	error_page 404 /404.html;
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
		root /usr/share/nginx/html;
	}

	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		fastcgi_pass unix:/var/run/php5-fpm.sock;
		fastcgi_index index.php;
		include fastcgi.conf;
	}

	location ~* .(jpg|jpeg|png|gif|woff|ico|css|js)$ {
	expires 365d;
	}
}
Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Bjorn van den AkkerAugust 21, 2015

Hello, good you got it solved. Did the configuration I suggested work? If you would like to login to your wordpress administration panel, you have to add the following code to your wp-comfig.php

define('FORCE_SSL_ADMIN', true);

If you got any more issues you can get back here ofcourse.

newbieAugust 21, 2015

This comment has been deleted

Bjorn van den AkkerAugust 17, 2015

If you would only like to redirect one directory to https, you don’t have to bother on the rest but just focus on that main directory. In your nginx server block, add the following to redirect it to https:

location ^~ /login {
    return 301 https://mysite.com$request_uri;
}

Or with rewrite:

location ^~ /login {
    rewrite ^ https://mysite.com$request_uri? permanent;
}

Hope you can get it working with this!

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up