Question

Http to Https redirection issues on nginx; stuck in a redirect loop to same page

As I’m normally used to apache and htaccess settings, I’m having some trouble setting up a http to https redirection for a simple wordpress site. I have poured over the forums and there are several examples of how to accomplish this, but none seems to be working.

What happens is, once I apply the redirects, it correctly redirects to https but then begins looping indefinitely. Access log looks like this until I stop

108.162.219.45 - - [14/Jan/2020:15:50:11 -0300] "GET /wp-content/uploads/2019/10/pag-14-entrevista-768x1001.jpg HTTP/1.1" 302 170 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36"
108.162.219.45 - - [14/Jan/2020:15:50:11 -0300] "GET /wp-content/uploads/2019/10/pag-14-entrevista-768x1001.jpg HTTP/1.1" 302 170 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36"
108.162.219.45 - - [14/Jan/2020:15:50:11 -0300] "GET /wp-content/uploads/2019/10/pag-14-entrevista-768x1001.jpg HTTP/1.1" 302 170 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36"
108.162.219.45 - - [14/Jan/2020:15:50:11 -0300] "GET /wp-content/uploads/2019/10/pag-14-entrevista-768x1001.jpg HTTP/1.1" 302 170 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36"
108.162.219.45 - - [14/Jan/2020:15:50:11 -0300] "GET /wp-content/uploads/2019/10/pag-14-entrevista-768x1001.jpg HTTP/1.1" 302 170 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36"

SSL itself is working, and right now I can open the site both on http and https. It’s just when I attempt to close off http access that everything blows up.

Here’s an example of a simple nginx code for this domain that causes the issue. I have tried several variations found within the forum and the issue persists.

server {
    listen      80;
    server_name domain.com www.domain.com;
    return 302 https://$server_name$request_uri;
}

server {
	listen 443;

	root /var/www/domain.com;
	index index.php index.html index.htm;

	server_name domain.com www.domain.com;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		# try_files $uri $uri/ =404;
		try_files $uri $uri/ /index.php?q=$uri&$args;
	}

	error_page 404 /404.html;
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
		root /usr/share/nginx/html;
	}

	location ~ \.php$ {
		include snippets/fastcgi-php.conf;

		# This website needs to run on php5
		fastcgi_pass unix:/run/php/php7.0-fpm.sock;
		#fastcgi_pass unix:/run/hhvm/hhvm.sock;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	location ~ /\.ht {
		deny all;
	}

	# Image cache control
	location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
		expires max;
		log_not_found off;
		access_log off;
	}
}

The default file (which, I assume, is also loaded, looks like this)

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
	worker_connections 768;
	# multi_accept on;
}

http {
	#first try to fix timeout smtp problems
	#fastcgi_read_timeout 300;
	
	##
	# Basic Settings
	##

	log_format main '$http_x_forwarded_for - $remote_user [$time_local] "$host" "$request" '
            '$status $body_bytes_sent "$http_referer" '
	    '"$http_user_agent" $request_time';

	client_max_body_size 100m;

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

        ssl_certificate /etc/ssl/certs/wepost.crt;
        ssl_certificate_key /etc/ssl/private/wepost.key;

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "msie6";

	gzip_vary on;
	gzip_proxied any;
	gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_min_length 256;
	gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hi @thiagonogueira,

I’ll recommend removing the 302 redirection from your server block

server {
    listen      80;
    server_name domain.com www.domain.com;
    return 302 https://$server_name$request_uri;
}

This should resolve the issue for you. Additionally, you most probably have http configured in your Wordpress Database. To change it, enter your database and access the YourDBPrefix_options(wp_options) table, there you can edit the values of the columns siteurl and home to include https of your domain.

Regards, KDSys