I am using ubuntu-20.04 for Laravel-8 application. When I deployed to the server I ran this:
sudo certbot --nginx -d example.com -d www.example.com
sudo certbot renew --dry-run
After showing success, I still got this on the browser:
Not Secure: Your connection is not private
The folder in sites-available is like this:
server {
root /var/www/html/myapp;
index index.html index.htm index.nginx-debian.html;
server_name example.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com;
return 404; # managed by Certbot
}
How do I get this resolved?
Thanks
Related
I have a little problem caching my static files in a Laravel/Nginx environment.
I know that the static files are not beeing cached properly because the google pagespeed is telling me so and also other webservices for cache checking are not finding any caching for these files. they are mostly images and fonts.
My nginx config for the site includes expires and add header and looks like this:
server {
root /var/www/websi.te/public;
index index.php;
server_name websi.te www.websi.te;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* .(?:css|js|svg|ttf|png|jpg)$ {
expires 1y;
add_header Cache-Control "public";
}
location / {
try_files $uri $uri/ /;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/websi.te/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/websi.te/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.websi.te) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = websi.te) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name websi.te www.websi.te;
listen 80;
return 404; # managed by Certbot
}
My problem is that my websocket connection fails everytime when a client (a svelte/node.js application running on a NGINX webserver) connects to my server.
Golang/Gorilla Server:
func (s Server) Init() {
s.Sessions = make(map[string]*Session)
go http.HandleFunc("/", s.handler)
err := http.ListenAndServeTLS(":4000", "tls/cert.pem","tls/key.pem" , nil)
if err != nil {
fmt.Println(err)
}
}
"err" outputs: http: TLS handshake error from [...] : remote error: tls: unknown certificate
I'm using the same certificate that I created with letsencrypt on my NGINX webserver, that is used for a tls connection between webserver and browser.
I believe it has something to do with my non-existent knowledge about tls certifcates.
Thank you in advance!
NGINX config
server {
root /home/ubuntu/actions-runner/_work/client/client/public;
index index.html index.htm index.nginx-debian.html;
server_name myserver.io www.myserver.io; # managed by Certbot
location / {
proxy_http_version 1.1; # FOR WEBSOCKET PROTOCOL
proxy_set_header Upgrade $http_upgrade; # FOR WEBSOCKET PROTOCOL
proxy_set_header Connection "upgrade"; # FOR WEBSOCKET PROTOCOL
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/myserver.io/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myserver.io/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}server {
if ($host = www.myserver.io) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = myserver.io) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name myserver.io www.myserver.io;
return 404; # managed by Certbot
}
I have 6 Lumen Projects which was working fine on apache centos. I just reconfigured server to nginx. I was able to setup single project in nginx config but cannot figure out how to setup multiple directories i tried several configs but not working. Here is my nginx config
PS: before mark it as duplicate please try to explain & help me to fix this issue
server {
root /var/www/domain.com/html/api/gateway/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name domain.com www.domain.com;
location / {
autoindex on;
try_files $uri $uri/ /index.php?$query_string;
}
# location /search {
# autoindex on;
# root /var/www/domain.com/html/api/search/public;
# index index.php index.html index.htm index.nginx-debian.html;
# try_files $uri $uri/ /index.php?$query_string;
# }
location ~ \.php$ {
autoindex on;
autoindex_exact_size on;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name domain.com www.domain.com;
return 404; # managed by Certbot
}
This is working fine but when i uncomment search config section it stops working both of them throw forbidden or sometimes 404 error
I am experiencing ERR_CONNECTION_CLOSED on all web browsers for the naked domain of my website in my computer. I don't find this issue in any other device other than my computer. The www version loads fine as well.
I have tried clear browser history for last 24 hours, deleted the cache and cookies. It didn't make any difference.
This is my nginx configuration.
upstream app_server {
server unix:/run/gunicorn.sock fail_timeout=0;
}
server {
server_name mydomain.com www.mydomain.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /assets/ {
root /home/djangoadmin/v/myappname;
}
location /media/ {
root /home/djangoadmin/myapp/myappname;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https; # <-
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://app_server;
break;
}
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name mydomain.com www.mydomain.com;
return 404; # managed by Certbot
}
Is this a device issue or something related to my nginx configuration? How to fix this?
Finally figured it out! The reason was my computer's /etc/hosts had a entry for the naked domain pointing to 127.0.0.1. Removing it fixed the issue.
i am trying to solve problem. I want to redirect all urls starting with www to non-www version of site. In chrome and opera, it works well.
But when i go to firefox and open http://www.example.com it starts downloading page (mime-type octet/stream), on https://www the connection is not reliable. In other browsers it set mime-type text/html.
server {
listen 80;
listen [::]:80;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 80;
listen [::]:80;
root /var/www/domain/www;
index index.php;
server_name example.com;
return 301 https://$server_name$request_uri;
}
server {
root /var/www/domain/www;
# Add index.php to the list if you are using PHP
index index.php;
server_name example.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$args ;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}