Question

Too many redirects for subdirectory excluded from SSL

Hey guys. I had to update the SSL on the server, which I did through Laravel Forge. But since then the redirect that I had doesn’t work anymore. Not sure what’s happening… If I leave the old nginx config neither blog nor site is available. I’m trying to get the /blog/ served over http without ssl but I keep getting too_many_redirects errors. Here is the config (it worked in the past but since I did a SSL update something changed somewhere - maybe with Forge - idk but don’t think it matters to find solution):

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/go.com/before/*;

server {
    listen 443 ssl;
    server_name .go.com;
    
    location /blog/ {
        #return 301 http://blog.go.com;
        proxy_set_header X-Original-Host $host;
        proxy_set_header X-Is-Reverse-Proxy "true";
        proxy_pass_header Set-Cookie;
        proxy_cookie_path / /blog/;
        proxy_pass http://blog.go.com/;
        expires off;
    }
    
    # location /wp-admin/ {
    #     return 301 http://go.com/blog$request_uri;
    # }

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/go.com/server/*;

    location / {
        return 301 https://go.com$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name .go.com;
    root /home/forge/go.com/public;

    # FORGE SSL (DO NOT REMOVE!)
    ssl_certificate /etc/nginx/ssl/go.com/166494/server.crt;
    ssl_certificate_key /etc/nginx/ssl/go.com/166494/server.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    index index.html index.htm index.php;

    charset utf-8;
            
    location /blog {
        return 301 http://go.com$request_uri;
    }
    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/go.com/server/*;
[etc...]

If I modify to the following I can access site but the blog is still not working

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/go.com/before/*;

server {
    listen 80;
    server_name .go.com;
    
    location /blog/ {
        #return 301 http://blog.go.com;
        proxy_set_header X-Original-Host $host;
        proxy_set_header X-Is-Reverse-Proxy "true";
        proxy_pass_header Set-Cookie;
        proxy_cookie_path / /blog/;
        proxy_pass http://blog.go.com/;
        expires off;
        # return 301 http://go.com$request_uri;
    }
    
    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/go.com/server/*;

    location / {
        return 301 https://go.com$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name .go.com;
    root /home/forge/go.com/public;
    
    location /blog/ {
        return 301 http://go.com$request_uri;
    }

    # FORGE SSL (DO NOT REMOVE!)
    ssl_certificate /etc/nginx/ssl/go.com/166494/server.crt;
    ssl_certificate_key /etc/nginx/ssl/go.com/166494/server.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    index index.html index.htm index.php;

    charset utf-8;
            
    include forge-conf/go.com/server/*;

If I add the reverse proxy block in the 443 listen part it serves correctly over https - but I can’t have it like that because of mixed content (original server being http for the blog)

Edit: More info, here is the setup - not ideal but no choice: blog.example.com is hosted on apache on a different server that doesn’t have SSL. example.com/blog/ serves in reverse proxy the blog located blog.example.com. example.com has an SSL certificate. I don’t want to serve the blog over https otherwise I need another certificate for blog.example.com


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hi! Thanks for helping. So I’m reverse proxy-ing blog.domain.com to domain.com/blog/. The blog.domain.com is not hosted on the same server. Thanks :)

@commandantp

Just to be clear, are you wanting to server blog from domain.com/blog or blog.domain.com?

If you’re wanting to serve it from a sub-domain, it’d be better to simply create a server block that will handle it exclusively. For example:

server {
    listen 80;
    server_name blog.domain.com www.blog.domain.com;

    root /path/to/blog;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;

        include /path/to/fastcgi_params.conf;
    }
}

You would need to modify the above and set /path/to/fastcgi_params.conf to it’s location on your server.

Once set, the above should handle blog.domain.com and www.blog.domain.com as long as your DNS is setup for it.

This is one way of handling it and the route I’d take. I prefer to use individual server blocks when and where possible over handling numerous items in a single block.