Hi,
I have a droplet using OS Ubuntu 16.04.6 with nginx server. I have hosted multiple domain in this server. For each domain I have created separate server block.I have installed Certbot to get Let’s Encrypt CA for my domain. Everything is going fine for my root domain. When I browse like example.com my browser says, connection secure with a lock sign. I have three sub directory in my root for different user. “example.com/adminsystem” “example.com/superadmin” “example.com/consultant”. When user log in from example.com system redirect user based on user role. Everything is good but my browser says, Connection is not secure.
I am not good in Server configuration. I’ve learn everything form documentation. But I couldn’t find exact similar issue. In my app I did’t use wordpress or any CMS. There are just some html and php files. and most index files are html.
I need url pattern :
“example.com/adminsystem”
“example.com/superadmin/?date=somedate”
“example.com/consultant”
Any help appreciated.

Thanks,

Shamir

Here is my server block file -

# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {

    # SSL configuration
    #
    #listen 443 ssl default_server;
    #listen [::]:443 ssl default_server;
    #
    # Note: You should disable gzip for SSL traffic.
    # See: https://bugs.debian.org/773332
    #
    # Read up on ssl_ciphers to ensure a secure configuration.
    # See: https://bugs.debian.org/765782
    #
    # Self signed certs generated by the ssl-cert package
    # Don't use them in a production server!
    #
    # include snippets/snakeoil.conf;

    root /var/www/example.com/html;

    # Add index.php to the list if you are using PHP
    index index.html index.php index.htm index.nginx-debian.html;

    server_name example.com www.example.com;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        #try_files $uri $uri/ /index.php $uri/index.php =404;
                index index.php index.html index.htm;
                try_files $uri $uri/ /index.php?$args;
    }
        location /adminsystem {

                index index.php index.html index.htm;
                try_files $uri $uri/ /adminsystem/index.php?$args;

        }

        location /superadmin {

                index index.php index.html index.htm;
            try_files $uri $uri/ /superadmin/index.php?$args;
        }

        location /consultant {

                index index.php index.html index.htm;
                try_files $uri $uri/ /consultant/index.php?$args;
        }



    location ~ \.php$ {
          include snippets/fastcgi-php.conf;
          fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #   include snippets/fastcgi-php.conf;
    #
    #   # With php7.0-cgi alone:
    #   fastcgi_pass 127.0.0.1:9000;
    #   # With php7.0-fpm:
    #   fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny all;
    }





    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot




}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#   listen 80;
#   listen [::]:80;
#
#   server_name example.com;
#
#   root /var/www/example.com;
#   index index.html;
#
#   location / {
#       try_files $uri $uri/ =404;
#   }
#}



server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot



    server_name example.com www.example.com;
    listen 80;
    return 404; # managed by Certbot




}

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi there @shamiromy,

It does not look like a server configuration problem, it sounds like that you might have mixed content on the page which could be causing the not secure message in your browser.

Mixed content basically means that you have some resources like images, CSS, js files, or external resources loading from HTTP rather than HTTPS.

You can use this site here to show you which resources are not loading via https:

https://www.whynopadlock.com/

Just put the full URL that you would like to check this for and the site would give you a list of the resources which are loading via HTTP and you would need to update the references for them to HTTPS.

Another way to check that is via your web browser console, there you would also see a mix content warning for the specific resources.

Regards,
Bobby

Submit an Answer