The Different between Root at Listen 80 and Listen 443

May 28, 2016 9k views
Security Nginx LEMP WordPress
franswiradinata
By:
franswiradinata

Hello Guys,
May i know what is the different between both of root at Listen 80 and Listen 443?
I have problem with access my HTTPS site.
I got Error 404 if i set my 443 to On.
My page is secure and the CA is active. (/var/www/domain.com/html)
But my website can’t access.
If i don’t activate my SSL, the website is fine but i have already setting my General Wordpress to change it’s url become https://domain.com. Because of that i can’t acess it if i am not change my Listen into 443. (/var/www/domain.com/html)

Am i miss something?
Or am i make a mistake?

My step is :

  1. Initial setup Ubuntu.
  2. Install LEMP.
  3. Install Virtual Host.
  4. Install SSl.
  5. Install Wordpress.

Thank you,
Frans W

Log In to Comment
1 Answer
newbie May 28, 2016

The main difference between 2 ports
Listen 80 = HTTP = Non SSL
Listen 443 = HTTPS = SSL

Please check the following tutorial and see if you missed something or not
How To Install an SSL Certificate from a Commercial Certificate Authority

also you shouldn’t change url in your wordpress general settings to https. post your nginx virtual host file configuration to see if there’s something wrong.

How To Install an SSL Certificate from a Commercial Certificate Authority
by Mitchell Anicas
This tutorial will show you how to acquire and install an SSL certificate from a trusted, commercial Certificate Authority (CA). SSL certificates allow web servers to encrypt their traffic, and also offer a mechanism to validate server identities to their visitors. The...
Reply
  • franswiradinata May 28, 2016

    Thank you for your information.
    How about if i want to use HTTPS?
    Must commented the Listen 80? Or else?

    Thank you,
    Frans W

    • newbie May 28, 2016

      if you want to serve HTTPS only you need to add following line inside listen 80

      return 301 https://$server_name$request_uri;

      that way, all requests from 80 will redirected to 443

      Example:

      server {
       listen 80;
       listen [::]:80;
       server_name example.com;
       return 301 https://$server_name$request_uri;
}
      • franswiradinata May 28, 2016

        I have added it.
        But everytime i access it. I have something to download. And the website always show the download box.

        Maybe i have miss something.
        Any advice for that?

        Thank you,
        Frans W

      • franswiradinata May 28, 2016

        You may add here your server { }

        server {
        listen 80;
        listen [::]:80;

            root /var/www/xxx/html;
    index index.php index.html index.htm;

    # Make site accessible from http://localhost/
    server_name tenpotech.com;
    return 301 https://$server_name$request_uri;

        server {
        listen 443 ssl;
        server_name tenpotech.com;

            root /var/www/xxx/html;
    index index.php index.html index.htm;

            ssl on;
    ssl_certificate /var/www/xxx/certificate/tenpotech.com.crt;
    ssl_certificate_key /var/www/xxx/certificate/tenpotech.com.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

        }

        • newbie May 28, 2016

          where are location block for PHP? add the following line inside listen 443

          location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }

          the whole server block would look something like this

          server {
        listen 443 default_server;
        listen [::]:443 default_server ipv6only=on;

        root /var/www/xxx/html;
        index index.php index.html index.htm;

        server_name tenpotech.com www.tenpotech.com;

    ssl on;
    ssl_certificate /var/www/xxx/certificate/tenpotech.com.crt;
    ssl_certificate_key /var/www/xxx/certificate/tenpotech.com.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

        location / {
                # try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }

        error_page 404 /404.html;

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
                root /usr/share/nginx/html;
        }

        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }
}

server {
       listen 80;
       listen [::]:80;
       server_name tenpotech.com www.tenpotech.com;
       return 301 https://$server_name$request_uri;
}
          • franswiradinata May 28, 2016

            Thank you so much for your help.
            It work now.
            But i am still don’t understand.
            I am only place this on Server 80

                location / {
            # try_files $uri $uri/ =404;
            try_files $uri $uri/ /index.php?q=$uri&$args;
    }

    error_page 404 /404.html;

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
            root /usr/share/nginx/html;
    }

    location ~ \.php$ {
            try_files $uri =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            include fastcgi_params;
    }

            }

            Is that make a different and have the different effect?

            Thank you,
            Frans W

Have another answer? Share your knowledge.

Related