Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
ERR_TOO_MANY_REDIRECTS Question Question
How to prevent bad caching on Users Browsers with Virtual Hosts on NGINX Question Question

Question

Problem with NGINX config file root location

Posted July 3, 2017 17.3k views
NginxUbuntu 16.04

Hello,

I’m having an issue with getting nginx to display my site after installing a certificate.

I’ve referenced the original location where the site files are within the root parameter in the file but i’m still getting the welcome to NGINX page.

this is my configuration

server {

        root /var/www/html;

        listen 443 ssl;

        server_name uptownecafe.com www.uptownecafe.com;

        ssl_certificate /etc/letsencrypt/live/uptownecafe.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/uptownecafe.com/privkey.pem;


        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_dhparam /etc/ssl/certs/dhparam.pem;
        ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE$
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        ssl_stapling on;
        ssl_stapling_verify on;
        add_header Strict-Transport-Security max-age=15768000;


        # Add index.php to the list if you are using PHP
        index index.phpindex.html index.htm index.nginx-debian.html;

        server_name www.uptownecafe.com;

       location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #       include snippets/fastcgi-php.conf;
        #
        #       # With php7.0-cgi alone:
        #       fastcgi_pass 127.0.0.1:9000;
        #       # With php7.0-fpm:
        #       fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}

        location ~ /.well-known {
                allow all;
        }
}


server {
    listen 80;
    server_name uptownecafe.com www.uptownecafe.com;
    return 301 https://$host$request_uri;
}

Thanks in advance!!

Add a comment
garfield1979
By:
garfield1979

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
ERR_TOO_MANY_REDIRECTS Question Question
How to prevent bad caching on Users Browsers with Virtual Hosts on NGINX Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers
hansen July 3, 2017

Hi @garfield1979

There’s a couple of problems with your config, but is your web root location /var/www/html ?
Looking at your site right now, it looks like it’s working - but only http, not https.

Reply Report
  • garfield1979 July 3, 2017

    You’re right 80 works ok.. I was messing with the file..

    and now i’ve gotten to the point where it is trying to download the php files instead of executing them

    here is my current file

    server {

        location ~ /.well-known {
                allow all;
        }

        listen 443 ssl;

        server_name uptownecafe.com www.uptownecafe.com;

        ssl_certificate /etc/letsencrypt/live/uptownecafe.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/uptownecafe.com/privkey.pem;


        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_dhparam /etc/ssl/certs/dhparam.pem;
        ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE$
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        ssl_stapling on;
        ssl_stapling_verify on;
        add_header Strict-Transport-Security max-age=15768000;

        root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.php index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }
}


server {
    listen 80;
    server_name uptownecafe.com www.uptownecafe.com;
    return 301 https://$host$request_uri;
}
    Reply Report
    • hansen July 3, 2017

      Okay, try this instead:

      server {
        server_name uptownecafe.com www.uptownecafe.com;
        listen 443 ssl;

        root /var/www/html;

        ssl_certificate /etc/letsencrypt/live/uptownecafe.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/uptownecafe.com/privkey.pem;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_dhparam /etc/ssl/certs/dhparam.pem;
        ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        ssl_stapling on;
        ssl_stapling_verify on;
        add_header Strict-Transport-Security max-age=15768000;

        location ~ /.well-known {
                allow all;
        }

        index index.php index.html index.htm;

        location / {
                # This has been changed to make sure WordPress pretty-links are supported
                try_files $uri $uri/ /index.php?$args;
        }

        location ~ \.php$ {
               include snippets/fastcgi-php.conf;
               fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }
}

server {
    listen 80;
    server_name uptownecafe.com www.uptownecafe.com;
    return 301 https://$server_name$request_uri;
}
      Reply Report
hansen July 3, 2017

@garfield1979
Okay, but if you used the WordPress One-Click-App, then it should already come with a configuration, where PHP-FPM is installed and Nginx is pointing to that.
It seems like you’re using two configuration files then.
You need to make sure there’s only one file located in /etc/nginx/sites-enabled/ - and that’s the current file we want to edit.

Reply Report

Related

Looking for something else?

Ask a new question Search for more help