junukseo
By:
junukseo

How to do not redirect all jpg/jpeg files to https on nginx?

April 20, 2017 45 views
Nginx WordPress PHP Ubuntu 16.04

Hi,

I am using Ubuntu 16.06 + Nginx + Php7 + MariaDB + wordpress with Letsencrypt SSL

but I must to to access Jpeg/jpg file by http

i dont know how do i that. i tried to modify my server block, jpeg files still redirect https automatically.

Please let me know how do i fix that.

My server block is below.

Thank you.

server {
    listen 80;
    ssl off;
    server_name  example.com www.example.com;
    root /var/www/example;
    index index.php;

    return 301 https://$host$request_uri;

    location /wp-content/uploads/2016/09{}
    location ~ \.(jpg|jpeg)$ {
        }
    location /wp-content/uploads/{
        }
    location /wp-content/uploads/2016/{
        }

}


server {
    listen 443 ssl http2;
    server_name  example.com www.example.com;
    root /var/www/example;
    index index.php;


    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4;


    # Set caches, protocols, and accepted ciphers. This config will
    # merit an A+ SSL Labs score.
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES25$

    error_log /var/log/nginx/example.error.log warn;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

        # Allow Lets Encrypt Domain Validation Program
    location ^~ /.well-known/acme-challenge/ {
        allow all;
    }

    # Block dot file (.htaccess .htpasswd .svn .git .env and so on.)
    location ~ /\. {
        deny all;
    }

    # Block (log file, binary, certificate, shell script, sql dump file) access.
    location ~* \.(log|binary|pem|enc|crt|conf|cnf|sql|sh|key)$ {
        deny all;
    }


    location = /robots.txt {
        log_not_found off;
        access_log off;
    }

   location = /favicon.ico {
        log_not_found off;
        access_log off;
    }


    # Rocket
    # Add a slash at the end of request */wp-admin
    rewrite /wp-admin$ $scheme://$host$uri/ permanent;


   location ~* \.(css|js|ico|gif|jpe?g|png|svg|eot|otf|woff|woff2|ttf|ogg)$ {
        expires max;
    }


    location ~ /.well-known {
                allow all;
        }


    location ~ [^/]\.php(/|$) {
               try_files $uri =404;
               fastcgi_split_path_info ^(.+\.php)(/.+)$;
               fastcgi_pass unix:/run/php/php7.0-fpm.sock;
               fastcgi_index index.php;
               fastcgi_read_timeout 180;
               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
               include fastcgi_params;
        }


}

1 Answer

Hi @junukseo
Can I ask why you need JPEGs available on http-only?
I haven't tested this, but try replacing the first server block with this:

server {
    listen 80;
    server_name example.com www.example.com;
    root /var/www/example;

    location ~ \.(jpg|jpeg)$ {
        try_files $uri =404;
        break;
    }
    location / {
        return 301 https://$server_name$request_uri;
    }
}
  • Hi @hansen

    Thanks for answering.

    I am going to join some kind of payment service on my country (S.Korea)

    They require "jpg/jpeg files must access http" by me

    I put your code on my server block and i tested again.

    Internet explorer is ok. can access Http but Chrome is can not access http. Jpeg redirected https.

    I was emptied Browser cache already.

    Could you tell me if there is another way?

    Thank you.

    • @junukseo
      That is just stale connections in Chrome. If you restart Chrome, it should do it correctly. Otherwise just open in Incognito to test.

Have another answer? Share your knowledge.