Nginx show's 404 with SSL certificate

With cloudflare full strict ssl and nginx config. I get 404 error or its not redirected to the actual files in var/www/… But goes to root /var/www/html/

I am using cloudflare tunnel. And I followed digital ocean guide to install nginx, set cloudflare SSL with nginx

Nginx config

server {
    listen 80;
    listen [::]:80;
    #return 302 https://$server_name$request_uri;

server {

    # SSL configuration

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl_certificate         /etc/ssl/cert.pem;
    ssl_certificate_key     /etc/ssl/key.pem;


    root /var/www/wp;
    index index.html index.htm index.nginx-debian.html;

    location / {
            try_files $uri $uri/ =404;

Enabling this gives redirect loop

#return 302 https://$server_name$request_uri

Also my cloudflare tunnel config file

tunnel: 796c6fde-bae0-476f-86d6-3dfd022d6143
credentials-file: /home/cloudcreatr/.cloudflared/796c6fde-bae0-476f-86d6-3dfd022d6143.json

  - hostname:
    service: https://localhost:443
      connectTimeout: 10s
      noTLSVerify: true
  - hostname:
    service: http://localhost:80
  # Catch-all rule, which just responds with 404 if traffic doesn't match any of
  # the earlier rules
  - service: http_status:404
  enabled: true

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
October 18, 2021
Accepted Answer


It seems like that the Nginx server block for port 443 is missing some essential rules that are needed for WordPress websites.

For example, you should have index.php defined in the index list and also you need to have a location that handles all PHP requests:

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;

    location ~ /\.ht {
        deny all;

Note that the fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; line would depend on your PHP version and FPM configuration.

Also your / location needs to be updated to the following in order to handle the requests correctly:

    location / {
        try_files $uri $uri/ /index.php$is_args$args;

For more information I could suggest this tutorial here:

Hope that this helps. Best, Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel