Hi!
I have a droplet running nginx, varnish and Wordpress and it’s working fine. I decided then to install a certificate and setup to whole thing to allow me to run the wordpress blog on https.
I know I have to do the redirection from http to https, but when I add the lines bellow nginx fails to start, because it’s using the same 80 port. <pre> server { listen 80 default_server; return 301 https://$host$request_uri; server_name myIPAdress; } </pre> I am newbie on this and even having learned a lot, I am not sure how to fix this.
I even saw the question bellow too and asked a question, because apparently, the user is running exaxctly the wat I should too.
Can someone help?
Thks!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
This article is the best thing that I’ve found on the topic:
https://wiki.deimos.fr/Nginx_%2B_Varnish_:_Cache_even_in_HTTPS_by_offloading_SSL
Essentially, you’ll need to set up Varnish to listen on port 80 and use an Nginx backend listening on something else like port 8000 in this example. Nginx will then listen directly on 443 for https requests and then proxy them to port 80 on the local host for Varnish.
Hello, i don’t know if you already solved your issue (it’s quiete a pain to configure ssl with nginx and varnish only), but i solved this way:
starting from the hybrid nginx on port 8080 and port 443 varnish on port 80
request on port 80 arrive on varnish, if not cached are requested to nginx on port 8080, and sent back to the user
request on port 443 (ssl) arrive on nginx, request is decrypted and sent to varnish (using proxy_pass directive using local network) on port 80, varnish request the document to nginx on 8080 or use grab its cache and send the document back to nginx, nginx crypt the document and send it back to the user
with this scenario your web server work both on http and https
next step is to redirect all http requests to https; this is done in varnish, since it is the software listening on port 80
i made the following modification in varnish default.vcl (i’m using varnish 3.0.5, for varnish 4 its a bit different)
sub vcl_recv {
.....
#HTTPS
if ( (req.http.host ~ "^(?i)mysite.it" || req.http.host ~ "^(?i)www.mysite.it")
&& req.http.X-Forwarded-Proto !~ "(?i)https") {
set req.http.x-Redir-Url = "https://www.mysite.it" + req.url;
error 750 req.http.x-Redir-Url;
}
...
}
sub vcl_error {
if (obj.status == 750) {
set obj.http.Location = obj.response;
set obj.status = 301;
return (deliver);
}
}
this way any requst to http://mysite.it or http://www.mysite.it are redirected (with full path) to https using a 301
You would probably need a little more tweaks to have everything working as you like (for example logging ip’s) but this is the main concept to achieve a full http to https switch
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.