let's encrypt redirected you too many times using browser

April 24, 2018 1.4k views
Let's Encrypt Nginx Ubuntu

Hi, I am trying to install SSL on my site and i followed https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04. However, I am not able to opt for only https option. Every time I select HTTPS redirect option the sites doesn't load where browser says too many redirect. I have fiddle over an internet for few hours but no luck. Could some one please help me with this. I have paste my server block config. Thank you.

server {
server_name www.drupalizenepal.com drupalizenepal.com;
root /srv/www/drupalizenepald8/docroot;

errorlog /srv/www/drupalizenepald8/logs/error.log;
access
log /srv/www/drupalizenepald8/logs/access.log;

clientmaxbody_size 10M;

location = /favicon.ico {
lognotfound off;
access_log off;
}

location = /robots.txt {
allow all;
lognotfound off;
access_log off;
}

location ~ ../..php$ {
return 403;
}

location / {
index index.php;

This is cool because no php is touched for static content

try_files $uri $uri/ @rewrite;

}

location @rewrite {

Some modules enforce no slash (/) at the end of the URL

Else this rewrite block wouldn't be needed (GlobalRedirect)

rewrite ^/(.*)$ /index.php?q=$1;

}

location ~ .php$ {
fastcgisplitpath_info ^(.+.php)(/.+)$;

NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

include fastcgi_params;
fastcgi_read_timeout 300;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;

}

Fighting with ImageCache? This little gem is amazing.

location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}

location ~* .(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
lognotfound off;
}

location ~* /(?:.+)/files/styles/adaptive/(?:.+)$ {
if ( $httpcookie ~* "ais=(?<aiscookie>[a-z0-9-]+)" ) {
rewrite ^/(.+)/files/styles/adaptive/(.+)$ /$1/files/styles/$ais
cookie/$2 last;
}
accesslog off;
add
header X-Header "AIS Generator 1.0";
set $nocachedetails "Skip";
try
files $uri @drupal;
} # managed by Certbot

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/drupalizenepal.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/drupalizenepal.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = www.drupalizenepal.com) {
return 301 https://$host$request_uri;
} # managed by Certbot

if ($host = drupalizenepal.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot

server_name www.drupalizenepal.com drupalizenepal.com;

listen 80;
return 404; # managed by Certbot

}

1 Answer
ryanpq MOD April 24, 2018
Accepted Answer

The most common way to find yourself with a redirect loop after setting up LetsEncrypt is if you are using a CMS system that does it's own URL rewrites outside the nginx configuration. WordPress is a good example of this.

In WordPress when it is first set up a base URL setting is created using the domain or IP that you used when running the setup wizard. If you then create a redirect to force a different URL, WordPress will receive the request and redirect to what it is configured to know as the "Correct URL".

If you're running WordPress, check your wp-admin main site settings and ensure that the URL you are using there matches what your new redirect will send users to.

Have another answer? Share your knowledge.