I have a nodejs app made with react running on port 80, I have a domain and enabled ssl with certbot, i’m using reverse proxy to access the app backend service and also I have a ghost server running locally and i’m using reverse proxy for it too, the problem is that ghost serves some files(images, etc over the /content route) over http which causes chrome to mark my site as insecure. This is how my config looks like:
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html;
server_name mydomain.com; # managed by Certbot
#serves react files
location / {
try_files $uri /index.html;
}
#backend redirect
location /backend {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
rewrite ^/backend/(.*) /$1 break;
proxy_pass http://localhost:3030;
}
# redirect to ghost instance running locally
location /ghost {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_pass http://127.0.0.1:2368;
proxy_redirect off;
}
# redirect to ghost content: this may be merged to the /ghost config above
location /content {
rewrite ^/content/(.*) /content/$1 break;
proxy_pass http://localhost:2368;
proxy_redirect off;
}
server {
if ($host = mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name mydomain.com;
return 404; # managed by Certbot
}
I edited the ghost config file and set the url to use https, now my site is secure but I cant access ghost, nginx redirects the https location to the exact same location, for example: https://mydomain.com/ghost is 301 redirected to http://mydomain.com/ghost, this problem only occurs with the /ghost and /content routes.
I have no idea why nginx redirects to the same location, accessing those routes over https should just forward the request to the localhost:2368, it have worked nicely over http, before enabling ssl.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
Hi @paulomarcio18p1,
Usually, one can manage his website’s redirections from a couple of places. You’ll just need to find the one that’s most suitable for you! If you manage the redirection to HTTPS from ghost, I’ll recommend removing the redirection rule set in the Nginx config file.
If removing the redirection to HTTPS in the config file works, you can use it like that. Otherwise, I’ll recommend you to check how can you change all files to be served via HTTPS in ghost without setting this redirection directly in the application’s file. I’m sure there is a rule which can be set somewhere, most CMS/Frameworks allow it nowadays.
Regards, KDSys