Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
What's webroot path to use with Django for Letsencrypt? Question Question
Nginx /.well-known location never matched while using Django??? Question Question

Question

Getting "Welcome to Nginx" message after installing letsencrypt certbot on ubuntu 16.04

Posted March 21, 2018 5.1k views
NginxDjangoLet's EncryptUbuntu 16.04

After going through the tutorial on how to set up django with nginx on ubuntu 16.04 my website was running perfectly fine but after i tried adding the letsencrypt certbot, my domain is working with https but i am getting “Welcome to nginx” message.

any suggestion

https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-16-04

https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-16-04

Add a comment
rickysingh
By:
rickysingh

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
What's webroot path to use with Django for Letsencrypt? Question Question
Nginx /.well-known location never matched while using Django??? Question Question
Add a comment
1 comment
  • jasonjpeters March 21, 2018
    Reply Report

    Most likely if you installed the certbot-nginx version, certbot rewrote your NGINX config to redirect port 80 traffic to port 443. You will need to adjust your NGINX config to accommodate the new configurations.

    Can you post your NGINX config file for the website?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
8 answers
rickysingh March 21, 2018

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
workerconnections 768;
# multiaccept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;
gzip_disable "msie6";

# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;

}

mail {

# See sample authentication script at:

# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript

# auth_http localhost/auth.php;

# pop3_capabilities “TOP” “USER”;

# imap_capabilities “IMAP4rev1” “UIDPLUS”;

server {

listen localhost:110;

protocol pop3;

proxy on;

server {

listen localhost:143;

protocol imap;

proxy on;

}

Reply Report
  • jasonjpeters March 21, 2018

    not quite what I was looking for - the file I am requesting will be in /etc/nginx/conf.d/ or /etc/nginx/sites-available/ - This is the file that includes the server {} block for your website.

    Reply Report
    • rickysingh March 21, 2018

      i tried rebuilding the droplet again and now i am not even able to get my certificate :

      this is the message that i am getting while trying to add my certificate

      IMPORTANT NOTES:

      • The following errors were reported by the server:

      Domain: rickysingh.xyz
      Type: unauthorized
      Detail: Invalid response from
      http://rickysingh.xyz/.well-known/acme-challenge/m9yNz8wKXAnl07dcaj-2C663Sz7LLnQvrETakaXjeBs:
      “<html>
      <head><title>404 Not Found</title></head>
      <body bgcolor="white”>
      <center><h1>404 Not Found</h1></center>
      <hr><center>“

      Domain: www.rickysingh.xyz
      Type: unauthorized
      Detail: Invalid response from
      http://www.rickysingh.xyz/.well-known/acme-challenge/djg122CC8RAcSiBlAQAY6StfdptmQi0qy9mcJ_GPFW4:
      ”<html>
      <head><title>404 Not Found</title></head>
      <body bgcolor=“white”>
      <center><h1>404 Not Found</h1></center>
      <hr><center>“

      To fix these errors, please make sure that your domain name was
      entered correctly and the DNS A/AAAA record(s) for that domain
      contain(s) the right IP address.

      =====================================================================

      /etc/nginx/conf.d/ is empty

      =====================================================================

      /etc/nginx/sites-available/default

      You should look at the following URL’s in order to grasp a solid understanding

      of Nginx configuration files in order to fully unleash the power of Nginx.

      http://wiki.nginx.org/Pitfalls

      http://wiki.nginx.org/QuickStart

      http://wiki.nginx.org/Configuration

      Generally, you will want to move this file somewhere, and start with a clean

      file but keep this around for reference. Or just disable in sites-enabled.

      Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.

      Default server configuration

      server {
      listen 80 defaultserver;
      listen [::]:80 default      server;

      # SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;

root /var/www/html;

# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;

server_name rickysingh.xyz www.rickysingh.xyz;

location / {
    # First attempt to serve request as file, then
    # as directory, then fall back to displaying a 404.
    try_files $uri $uri/ =404;
}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
#   include snippets/fastcgi-php.conf;
#
#   # With php7.0-cgi alone:
#   fastcgi_pass 127.0.0.1:9000;
#   # With php7.0-fpm:
#   fastcgi_pass unix:/run/php/php7.0-fpm.sock;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
#   deny all;
#}

      }

      Virtual Host configuration for example.com

      You can move that to a different file under sites-available/ and symlink that

      to sites-enabled/ to enable it.

      server {

      listen 80;

      listen [::]:80;

      server_name example.com;

      root /var/www/example.com;

      index index.html;

      location / {

      try_files $uri $uri/ =404;

      }

      ======================================================================

      /etc/nginx/sites-available/myproject

      server {
      listen 80;
      server_name rickysingh.xyz www.rickysingh.xyz;

      location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
    root /root/myproject;
}

location / {
    include proxy_params;
    proxy_pass http://unix:/root/myproject/myproject.sock;
}

      }

      Reply Report
    • rickysingh March 21, 2018
      [deleted]
      Reply Report
rickysingh March 21, 2018
[deleted]
Reply Report
rickysingh March 21, 2018
[deleted]
Reply Report
rickysingh March 21, 2018
[deleted]
Reply Report
rickysingh March 21, 2018
[deleted]
Reply Report
rickysingh March 21, 2018

nope, i just rebuild the droplet with same configuration (same droplet size, location)....

i never deleted the droplet by myself, but digitalocean does it from there side and gave me a new droplet with same configuration.

Reply Report
rrohanrocks10 April 27, 2018

try this: it worked for me after installing letsencrypt on centos 6 linux

server {
listen 80 defaultserver;
servername {domain-name} ;
return 301 https://$servername$requesturi;
}

server {
listen 443 ssl http2;
server_name {domain-name} ;

ssl on;
sslcertificate /etc/letsencrypt/live/{domain-name}/fullchain.pem;
sslcertificatekey /etc/letsencrypt/live/{domain-name}/privkey.pem;
sslsessiontimeout 5m;
sslprotocols TLSv1 TLSv1.1 TLSv1.2;
sslciphers ‘EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH’;
sslpreferserverciphers on;
sslsessioncache shared:SSL:10m;
location / {
proxypass http://localhost:8080;
proxyhttpversion 1.1;
proxysetheader Upgrade $httpupgrade;
proxysetheader Connection 'upgrade’;
proxysetheader Host $host;
proxycachebypass $http_upgrade;
}
location /.well-known/acme-challenge/ {
root /var/www/domainame;
}

}

The last line acme challenge one is vital for generating your website page. .

Reply Report
tevfikgulep July 20, 2018
How To Install Linux, Nginx, MySQL, PHP (LEMP stack) in Ubuntu 16.04
by Justin Ellingwood
The LEMP software stack is a group of software that can be used to serve dynamic web pages and web applications. This is an acronym that describes a Linux operating system, with an Nginx web server. The backend data is stored in the MySQL database and the dynamic processing...
Reply Report

Related

Looking for something else?

Ask a new question Search for more help