The Different between Root at Listen 80 and Listen 443

May 28, 2016 2.6k views
LEMP Nginx Security WordPress

Hello Guys,
May i know what is the different between both of root at Listen 80 and Listen 443?
I have problem with access my HTTPS site.
I got Error 404 if i set my 443 to On.
My page is secure and the CA is active. (/var/www/domain.com/html)
But my website can't access.
If i don't activate my SSL, the website is fine but i have already setting my General Wordpress to change it's url become https://domain.com. Because of that i can't acess it if i am not change my Listen into 443. (/var/www/domain.com/html)

Am i miss something?
Or am i make a mistake?

My step is :

  1. Initial setup Ubuntu.
  2. Install LEMP.
  3. Install Virtual Host.
  4. Install SSl.
  5. Install Wordpress.

Thank you,
Frans W

1 Answer

The main difference between 2 ports
Listen 80 = HTTP = Non SSL
Listen 443 = HTTPS = SSL

Please check the following tutorial and see if you missed something or not
How To Install an SSL Certificate from a Commercial Certificate Authority

also you shouldn't change url in your wordpress general settings to https. post your nginx virtual host file configuration to see if there's something wrong.

This tutorial will show you how to acquire and install an SSL certificate from a trusted, commercial Certificate Authority (CA). SSL certificates allow web servers to encrypt their traffic, and also offer a mechanism to validate server identities to their visitors. The...
  • Thank you for your information.
    How about if i want to use HTTPS?
    Must commented the Listen 80? Or else?

    Thank you,
    Frans W

    • if you want to serve HTTPS only you need to add following line inside listen 80

      return 301 https://$server_name$request_uri;
      

      that way, all requests from 80 will redirected to 443

      Example:

      server {
             listen 80;
             listen [::]:80;
             server_name example.com;
             return 301 https://$server_name$request_uri;
      }
      
      • I have added it.
        But everytime i access it. I have something to download. And the website always show the download box.

        Maybe i have miss something.
        Any advice for that?

        Thank you,
        Frans W

      • You may add here your server { }

        server {
        listen 80;
        listen [::]:80;

            root /var/www/xxx/html;
            index index.php index.html index.htm;
        
            # Make site accessible from http://localhost/
            server_name tenpotech.com;
            return 301 https://$server_name$request_uri;
        

        server {
        listen 443 ssl;
        server_name tenpotech.com;

            root /var/www/xxx/html;
            index index.php index.html index.htm;
        
            ssl on;
            ssl_certificate /var/www/xxx/certificate/tenpotech.com.crt;
            ssl_certificate_key /var/www/xxx/certificate/tenpotech.com.key;
        
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_prefer_server_ciphers on;
            ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
        

        }

        • where are location block for PHP? add the following line inside listen 443

          location ~ \.php$ {
                          try_files $uri =404;
                          fastcgi_split_path_info ^(.+\.php)(/.+)$;
                          fastcgi_pass unix:/var/run/php5-fpm.sock;
                          fastcgi_index index.php;
                          include fastcgi_params;
                  }
          

          the whole server block would look something like this

          server {
                  listen 443 default_server;
                  listen [::]:443 default_server ipv6only=on;
          
                  root /var/www/xxx/html;
                  index index.php index.html index.htm;
          
                  server_name tenpotech.com www.tenpotech.com;
          
              ssl on;
              ssl_certificate /var/www/xxx/certificate/tenpotech.com.crt;
              ssl_certificate_key /var/www/xxx/certificate/tenpotech.com.key;
          
              ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
              ssl_prefer_server_ciphers on;
              ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
          
                  location / {
                          # try_files $uri $uri/ =404;
                          try_files $uri $uri/ /index.php?q=$uri&$args;
                  }
          
                  error_page 404 /404.html;
          
                  error_page 500 502 503 504 /50x.html;
                  location = /50x.html {
                          root /usr/share/nginx/html;
                  }
          
                  location ~ \.php$ {
                          try_files $uri =404;
                          fastcgi_split_path_info ^(.+\.php)(/.+)$;
                          fastcgi_pass unix:/var/run/php5-fpm.sock;
                          fastcgi_index index.php;
                          include fastcgi_params;
                  }
          }
          
          server {
                 listen 80;
                 listen [::]:80;
                 server_name tenpotech.com www.tenpotech.com;
                 return 301 https://$server_name$request_uri;
          }
          
          • Thank you so much for your help.
            It work now.
            But i am still don't understand.
            I am only place this on Server 80

                location / {
                        # try_files $uri $uri/ =404;
                        try_files $uri $uri/ /index.php?q=$uri&$args;
                }
            
                error_page 404 /404.html;
            
                error_page 500 502 503 504 /50x.html;
                location = /50x.html {
                        root /usr/share/nginx/html;
                }
            
                location ~ \.php$ {
                        try_files $uri =404;
                        fastcgi_split_path_info ^(.+\.php)(/.+)$;
                        fastcgi_pass unix:/var/run/php5-fpm.sock;
                        fastcgi_index index.php;
                        include fastcgi_params;
                }
            

            }

            Is that make a different and have the different effect?

            Thank you,
            Frans W

Have another answer? Share your knowledge.