Develop Reference

certbot certicate secure not working on Deployed App using Ubuntu

I am using ubuntu-20.04 for Laravel-8 application. When I deployed to the server I ran this:
sudo certbot --nginx -d example.com -d www.example.com
sudo certbot renew --dry-run
After showing success, I still got this on the browser:
Not Secure: Your connection is not private
The folder in sites-available is like this:
server {
root /var/www/html/myapp;
index index.html index.htm index.nginx-debian.html;
server_name example.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com;
return 404; # managed by Certbot
}
How do I get this resolved?
Thanks

How to point http to https subdomain in NGINX?

I am working on a Spring Boot app that servers content for 3 types of users. All three users "live" in the same application. I want to configure NGINX to 1) redirect all http to https and 2) redirect traffic as follows:
http to https://www.example.com
http://b2b.example.com to https://b2b.example.com/b2b (Ideally not showing the "/b2b". Here all the b2b spring boot endpoints are listening)
So far this is my NGINX conf:
server {
listen 80 default_server;
listen [::]:80 default_server;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name example.com www.example.com;
ssl on;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_session_cache shared:SSL:10m;
access_log ...;
error_log ...;
location / {
proxy_pass http://localhost:5050;
proxy_set_header Host $host;
# re-write redirects to http as to https, example: /home
proxy_redirect http:// https://;
}
}
server {
listen 443;
server_name b2b.example.com;
ssl on;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_session_cache shared:SSL:10m;
access_log ...;
error_log ...;
location / {
proxy_pass http://localhost:5050/b2b;
proxy_set_header Host $host;
# re-write redirects to http as to https, example: /home
proxy_redirect http:// https://;
}
}
On Sring Boot side, all B2B endpoints are listening to a pattern starting with "B2B". So for example the login page for these users is .../B2B/login. Right now if I go to b2b.example.com I get redirected to b2b.example.com/B2B/login. What I want is the browser to show "B2B.example.com/login" and to display the "/B2B/login" page. All the B2B sites omitting the "/B2B" part in the URL.

how to correct nginx conf with strapi

what's the problem of this nginx.conf?
I had to change somewhere but still not working ..
upstream strapi {
server localhost:1337 max_fails=1 fail_timeout=5s;
}
server {
# Listen HTTP
listen 80 default_server;
listen [::]:80 default_server;
server_name sh**rk.app;
# Proxy Config
location / {
try_files $uri $uri/ #strapi;
}
location #strapi{
proxy_pass http://strapi;
}
}

ok you can configure with this way that is a good way
deploy strapi on ubuntu server

Nginx keeps bad redirect for firefox

i am trying to solve problem. I want to redirect all urls starting with www to non-www version of site. In chrome and opera, it works well.
But when i go to firefox and open http://www.example.com it starts downloading page (mime-type octet/stream), on https://www the connection is not reliable. In other browsers it set mime-type text/html.
server {
listen 80;
listen [::]:80;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 80;
listen [::]:80;
root /var/www/domain/www;
index index.php;
server_name example.com;
return 301 https://$server_name$request_uri;
}
server {
root /var/www/domain/www;
# Add index.php to the list if you are using PHP
index index.php;
server_name example.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$args ;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

nginx cache always return X-Proxy-Cache: MISS

I config my nginx as follow:
proxy_cache_path /v01/nginx levels=1:2 keys_zone=my_zone:10m inactive=60m;
proxy_cache_key "$scheme$request_method$host$request_uri";
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
charset utf-8;
server_name localhost;
location / {
client_max_body_size 2M;
proxy_cache my_zone;
proxy_cache_bypass $http_cache_control;
add_header X-Proxy-Cache $upstream_cache_status;
include proxy_params;
proxy_pass http://localhost:3000;
}
}
I config with this in one machine which install nginx/1.4.6 (Ubuntu), I test with:
curl -X GET -I 192.168.1.193/css/style.css
it works, with head X-Proxy-Cache: HIT.
But I config with this in another machine which install nginx/1.6.2 (Ubuntu), curl -X GET -I 192.168.1.97/css/style.css always return X-Proxy-Cache: MISS.
I have check the path /v01/nginx, it has nothing.

I have find where problem is:
I do not set node.js cache in my project in another machine, I change
app.use express.static config.root + '/public'
to
app.use express.static config.root + '/public', {maxAge: 1000 * 3600 * 24 * 7}