We receive error about "redirected you too many times." after changing the Wordpress from HTTP to HTTPS.
The WP is on AWS with Nginx and we have tried changing both define(home) and define(siteurl) in both database and wp-config file but no help.
Below is the current nginx config file, we also tried following some posts on Google to change HTTP to HTTPS, listening port to 443 but still no luck.
Thanks in advance.
server {
listen 443;
server_name wp.mywebsite.com;
server_name www.mywp.mywebsite.com;
include /etc/nginx/common_server_settings;
location /wp-content/ { root /var/www/mywp.mywebsite.com; }
location /wp-includes/ { root /var/www/mywp.mywebsite.com; }
set $no_cache 0;
# POST requests should always go to PHP
if ($request_method = POST) { set $no_cache 1; }
# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { set $no_cache 1; }
location / {
proxy_http_version 1.1;
proxy_set_header Host $http_host;
#proxy_set_header Host "mywp.mywebsite.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Powered-By;
proxy_pass http://127.0.0.1:1080;
proxy_cache_bypass $no_cache;
proxy_no_cache $no_cache;
proxy_cache_lock on;
proxy_cache BLOG;
proxy_cache_valid 5m;
add_header X-Raw $no_cache;
}
}
proxy_set_header X-Forwarded-Proto http;
The headers are causing this redirect loop since the wordpress still thinks that it is being accessed using "http" scheme (because your reverse proxy server is not sending the correct scheme in the header.
It may be also possible that you need to make a change in wordpress config file so that it correctly detects the HTTPS. As described here:
Websites behind load balancers or reverse proxies that support HTTP_X_FORWARDED_PROTO can be fixed by adding the following code to the wp-config.php file, above the require_once call:
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS'] = 'on';
I use this type of config for proxying to https:
server {
listen 443 ssl;
server_name wp.mywebsite.com;
server_tokens off;
ssl on;
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/cert.key;
ssl_protocols SSLv3 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
set $ssl off;
etag on;
if ($scheme = https) {
set $ssl on;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl $ssl;
proxy_pass http://127.0.0.1:1080;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:1080 wp.mywebsite.com;
}
}
Also don't forget to force https:
server {
server_tokens off;
listen 80;
server_name wp.mywebsite.com;
return 301 https://wp.mywebsite.com$request_uri;
}
Related
Everyone.
Yesterday i did good of my experiment with nginx, but suddenly my nginx was suddenly error (can't reboot or stop or start) and i had to reinstall it.
But i forgot the code.
So the .conf would help you process to the other web. for Example :
My IP Server : 192.302.xx.xxx
I set listen port to : 3000
I only type 192.302.xx.xxx:3000 and then my ip would show up the proxy pass for example watching youtube, it would become like this 92.302.xx.xxx:3000/v=watch?4hnb32yh even it linked when i press the button in my ip, even the blocked site from my local gov. all i need is only change the proxy pass. For example : Adult Videos Site, etc (Except site that reverse proxy like cloudflare one)
And today i want to recreate that one but it fails, these are my code
upstream backend_mirrors {
server anotherwebsite1.id;
server anotherwebsite2.com;
}
server {
listen 3000;
listen [::]:3000;
server_name 192.302.xx.xxx;
return 301 https://website_that_i_want_togo/$request_uri$is_args$args;
}
server {
listen 433 ssl;
listen [::]:433 ssl;
server_name 192.302.xx.xxx;
ssl_certificate "/etc/letsencrypt/live/myservername/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/myservername/privkey.pem";
#include /etc/letsencrypt/option-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
ssl_session_timeout 1d;
ssl_session_tickets off;
location / {
resolver 8.8.8.8;
mirror /mirror;
mirror_request_body on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://website_that_i_want_togo/;
}
location /mirror {
internal;
proxy_pass https://givesometraffictootherwebsites/;
proxy_set_header X-SERVER-PORT $server_port;
proxy_set_header X-SERVER-ADDR $server_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-REAL-IP $remote_addr;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
What i want to :
192.138.xx.xxx:3000 but i can open some other website like blocked websites from domain sites.
But the ip address still with it when i change to other page
192.138.xx.xxx:3000/search but it still full function like the website that i put in proxy_pass
But what my code do :
It's auto redirect to proxy_pass sites even the header changed
I have nodejs and react app in different folders. I need a php folder too but when i create a folder with php files in it. If i go to
https://mywebsite/rcon/index.php
shows 404 for them. Almost searching for a fix for 24 hours but cant fix it. Here my nginx default file.
error_log /var/log/nginx/error_log;
server {
listen 80;
server_name mywebsite;
return 301 https://$host$request_uri;
}
server { listen 443 ssl;
server_name mywebsite;
ssl_certificate /etc/letsencrypt/live/mywebsite/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mywebsite/privkey.pem; # managed by Certbot
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
location / {
root /home/ubuntu/staff/;
try_files $uri /index.html index /rcon/index.php /rcon/ index.htm index.nginx-debian.html;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unixsockets):
fastcgi_pass unix:/var/run/php/php7.2fpm.sock;
# With php-cgi (or other tcp sockets):
# fastcgi_pass127.0.0.1:9000;
}
location /api {
proxy_pass http://myip:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /fivem {
proxy_pass http://myip:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
# Increase http2 max sizes
http2_max_field_size 64k;
http2_max_header_size 64k;
}
I have setup a PHP application running on a RHEL server with the following configuration and also made a few changes in the nginx.conf file, the application is running fine.
magento.conf
upstream fastcgi_backend {
server unix:/run/php-fpm/magento.sock;
}
server {
listen 80;
set $MAGE_ROOT /var/www/magento2;
set $MAGE_MODE developer;
access_log /var/log/nginx/magento-access.log;
error_log /var/log/nginx/magento-error.log;
include /var/www/magento2/nginx.conf.sample;
}
I have another nginx server that i am trying to use as a reverse proxy to the PHP application running on the remote server. The issue i am facing is when i load the site from my Nginx IP, the URL in browser changes to the IP of PHP application server.
I want the IP to remain same as of the Nginx server instead of changing to IP of PHP Application server
The configuration file for reverse proxy is below
reverse.conf
server {
listen 80;
#server_name mydomain.com;
location / {
access_log off;
proxy_pass http://10.128.0.10:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Please help me. Thanks
Without Lua you can try to edit your proxy_redirect off; line to proxy_redirect http://10.128.0.10:80 http://my.domain.com:80;.
Maybe repeat that line with a slash at the end and/or https at the beginning (port 443 instead of 80).
https://unix.stackexchange.com/a/291007/239596
With Lua:
server
{
listen 80;
# server_name example.com;
# resolver 127.0.0.11:53; # Docker-DNS. Needed for proxy_pass with variables inside!
set $MY_SCHEME http;
set $MY_HOST example.com;
set $target "${MY_SCHEME}://${MY_HOST}";
location /
{
rewrite_by_lua_block
{
local map = {
GET = ngx.HTTP_GET,
POST = ngx.HTTP_POST,
}
ngx.req.read_body()
local res = ngx.location.capture('/example123' .. ngx.var.request_uri, {
method = map[ngx.var.request_method],
body = ngx.var.request_body
})
-- Detect/change redirect...
local redirect_target = res.header.Location
if redirect_target and res.status > 300 and res.status < 309 then
-- ngx.log(ngx.ALERT, 'redirect_target: '..redirect_target)
local redirect_target_changed, n, err = ngx.re.gsub(redirect_target, '^https?[:][/][/]10[.]128[.]0[.]10', ngx.var.target)
-- ngx.log(ngx.ALERT, 'redirect_target_changed: '..redirect_target_changed)
return ngx.redirect(redirect_target_changed, 303)
elseif res.status == 500 then
return ngx.exit(500)
else
ngx.exec('#example123_normal')
return ngx.exit(ngx.HTTP_OK)
end
}
}
location ~ ^/example123(.*)$
{
access_log off;
proxy_pass http://10.128.0.10:80$1$is_args$args;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_redirect http://10.128.0.10/ $target/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
location #example123_normal
{
access_log off;
proxy_pass http://10.128.0.10:80$request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_redirect http://10.128.0.10/ $target/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
}
Totally untested. And if you can't do Lua and RegEx, it gets hard.
I try connected nginx and symfony 2. But my configure file not work for this framework.
server {
listen 80;
server_name test.com www.test.com;
access_log /var/log/nginx/test.access.log;
error_log /var/log/nginx/test.error.log;
location ~* \.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|tar|wav|bmp|rtf|swf|ico|flv|txt|docx|xlsx)$ {
root /home/test/var/www/test.com/public_html/web;
index index.html index.php;
access_log off;
expires 30d;
}
location ~ /\.ht {
deny all;
}
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
proxy_set_header Host $host;
proxy_connect_timeout 60;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_redirect off;
proxy_set_header Connection close;
proxy_pass_header Content-Type;
proxy_pass_header Content-Disposition;
proxy_pass_header Content-Length;
}
}
For any static file which contain in directory
/home/test/var/www/test.com/public_html/web/css or
/home/test/var/www/test.com/public_html/web/js
return error 403
I try get static file use the url like this test.com/css/style.css
I resolve this problem. I forgot add user www-data ( the nginx process ) to group test ( the test is owner all files in your home dir ).
I just switched my PHP to run from Apache to FastCGI (via Plesk). Now every file I try to access on my domain that's not a php file (like css, images, html ...) gives a 404.
Any idea of what it could be?
vhost specific config file (/etc/nginx/plesk.conf.d/vhosts/mysite.com.conf):
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
server {
listen 99.99.99.99:443 ssl;
server_name mysite.com;
server_name www.mysite.com;
server_name ipv4.mysite.com;
ssl_certificate /usr/local/psa/var/certificates/certEbk3rnT;
ssl_certificate_key /usr/local/psa/var/certificates/certEbk3rnT;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
client_max_body_size 128m;
root "/var/www/vhosts/mysite.com/httpdocs";
access_log "/var/www/vhosts/system/mysite.com/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/mysite.com/logs/proxy_error_log";
location / {
proxy_pass https://99.99.99.99:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location /internal-nginx-static-location/ {
alias /var/www/vhosts/mysite.com/httpdocs/;
add_header X-Powered-By PleskLin;
internal;
}
}
server {
listen 50.23.99.2:80;
server_name mysite.com;
server_name www.mysite.com;
server_name ipv4.mysite.com;
client_max_body_size 128m;
root "/var/www/vhosts/mysite.com/httpdocs";
access_log "/var/www/vhosts/system/mysite.com/logs/proxy_access_log";
error_log "/var/www/vhosts/system/mysite.com/logs/proxy_error_log";
location / {
proxy_pass http://99.99.99.99:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location /internal-nginx-static-location/ {
alias /var/www/vhosts/mysite.com/httpdocs/;
add_header X-Powered-By PleskLin;
internal;
}
}
Requests of *.php files working because nginx transparent proxing it to apache, which catched by proper apache's vhost.
Statics files get 404 because:
proper nginx's vhost can't be found by nginx and request cathced by default vhost
or
there some another nginx vhost which catch all requests(wildcard subdomain *.mysite.com for example).
No any useful advices here, just revise all your nginx configs.