How can I disable an https redirect on NGINX?

September 4, 2019 93 views
Nginx Ubuntu 16.04

Using LetsEncrypt’s certbot, I somewhat recently enabled http>https redirection on my Nginx platform. Unfortunately, due to a conflict with a third party software (which handles redirecting on its own), I now need to remove the server-based redirect, preferably while keeping the certificate.

I’ve tried to edit the default file in sites-available/sites-enabled (and it’s the only file in there), but for some reason I have yet to figure out what I need to change or comment out in order to get it to work properly. Everything I’ve tried seems to break the site in one way or another.

Below is the file in question.

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
#   listen 80 default_server;
#   listen [::]:80 default_server;

    # SSL configuration
    #
     listen 443 ssl default_server;
    # listen [::]:443 ssl default_server;
    #
    # Note: You should disable gzip for SSL traffic.
    # See: https://bugs.debian.org/773332
    #
    # Read up on ssl_ciphers to ensure a secure configuration.
    # See: https://bugs.debian.org/765782
    #
    # Self signed certs generated by the ssl-cert package
    # Don't use them in a production server!
    #
    # include snippets/snakeoil.conf;

    root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.php index.html index.htm index.nginx-debian.html;

    server_name URLADDRESS.com www.URLADDRESS.com; #x.x.x.x;
    ssl_certificate /etc/letsencrypt/live/URLADDRESS.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/URLADDRESS.com/privkey.pem; # managed by Certbot


    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
    #
    #   # With php7.0-cgi alone:
    #   fastcgi_pass 127.0.0.1:9000;
    #   # With php7.0-fpm:
        fastcgi_pass unix:/run/php/php7.2-fpm.sock;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #   deny all;
    #}

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.hmtl {
        root /usr/share/nginx/html;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php7.0-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }





}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#   listen 80;
#   listen [::]:80;
#
#   server_name example.com;
#
#   root /var/www/example.com;
#   index index.html;
#
#   location / {
#       try_files $uri $uri/ =404;
#   }
#}


server {
    if ($host = www.URLADDRESS.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = URLADDRESS.com) {
        return 301 https://$host$request_uri;#
   } # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server;

    server_name URLADDRESS.com www.URLADDRESS.com;
     return 404; # managed by Certbot
##################



}

I also tried restoring all but the php settings to a default file template I found that matched this, but that didn’t seem to work either.

What’s the proper way to do this?

1 Answer

Hi @amethyst.liddell,

Take a look at the following bit

server {
    if ($host = www.URLADDRESS.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = URLADDRESS.com) {
        return 301 https://$host$request_uri;#
   } # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server;

    server_name URLADDRESS.com www.URLADDRESS.com;
     return 404; # managed by Certbot
##################

Here, you can see the https part. Try commenting it from the configuration file. Before you try and restart Nginx for the configurations to kick in test the syntax by

nginx -c /etc/nginx/nginx.conf -t

Or

service nginx reload

Both should help you see if there is actually an issue with the configuration.

Kind regards,
Kalin

  • Thanks for helping out! So I tried commenting out the section you quoted (that was what I first tried as well, but once more doesn’t hurt…), and the trailing lower bracket that would throw an error otherwise.
    It seems to work at first, but parts of my site then start throwing this error:
    https://prnt.sc/p2bm8b
    I had someone else reproduce that issue as well.
    This is the sort of thing that I mean when I said I couldn’t get it to work before, rather than just syntax errors.

Have another answer? Share your knowledge.