I have read this tutorial to set up SSL for my laravel site. I did not read everything (oops), and did not delete the "default" site. I have generated CSR from default site (but with example.com for domain). Now I have my certificate and i have installed it through laravel forge, but it does not work:
cannot connect to https://example.com (browser / curl)
http://example.com does not redirect to https
Nothing in /var/log/nginx/default-error.log
I restarted nginx
Here is my /etc/nginx/sites-available/default file content :
server {
listen 80;
#server_name default;
server_name example.com www.example.com;
#return 301 default$request_uri;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
#server_name default;
server_name example.com www.example.com;
root /home/forge/default/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/default/XXXXX/server.crt;
ssl_certificate_key /etc/nginx/ssl/default/XXXXX/server.key;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
What can I do to make it work ?
Ok, it was a certificate problem. I tried nginx -t and there was an error, now I restarted all the process and everything is alright now.
Related
I'm trying to deploy my laravel app to ubuntu using nginx, everything was fine before I using ssl. But after I using ssl, it's not working anymore if I'm accessing my website using outside network (still working if I access it using server network).
this is my nginx configuration:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name kopidw.id www.kopidw.id;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl on;
ssl_certificate /etc/nginx/ssl/certificate_kopinedw.crt; #path to your public key
ssl_certificate_key /etc/nginx/ssl/private_kopinedw.key; #path to your private key
ssl_client_certificate /etc/nginx/ssl/ca-bundle.crt;
ssl_verify_client optional;
root /var/www/html/kopinedw-cms/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
This is my first time using nginx, so I don't have any Idea why I got ERR_TOO_MANY_REDIRECTS.
Any help would be very helpful for me, thanks
I deployed my Laravel-5.8 project to DigitalOcean and it works fine as:
http://laravelproject.net
But since I am using Azure AD and Socialite. Azure AD does not allow http but https
/etc/nginx/sites-available/default
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html/laravelproject;
# Add index.php to the list if you are using PHP
# index index.php index.html index.htm;
# index index.php index.html index.htm index.nginx-debian.html;
server_name laravelproject.net;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php$is_args$args;
# try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
I also have:
/etc/nginx/sites-available/default
server {
listen 80;
listen [::]:80;
server_name laravelproject.net;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name laravelproject.net;
root /var/www/html/peopleedge;
ssl_certificate /etc/letsencrypt/live/laravelproject.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/laravelproject.net/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
When I tried to run the project I got this error:
Laravel 403 Forbidden nginx/1.14.0 (Ubuntu)
How do I resolve it please?
Thank you.
I know its late already but for any other person who may need it,below code config helps me resolve the isssue
`server {
listen 80;
server_name yourip or domain;
root /var/www/html/public;
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
`
also remember to reload nginx with ` sudo systemctl reload nginx
`
I'm trying to link another domain to my existing project
I am using Laravel 5.1, I know we only have one APP_URL in the .env.
Is there a way to do via Nginx level ?
cat /etc/nginx/sites-available/default
server {
listen 80 default_server;
server_name default;
root /home/forge/bheng/public;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
How would one go about configuring something like this?
put the two domains as alias in the server name config
server_name domain1.com www.domain1.com domain2.com www.domain2.com ;
You specify the same webroot for both domains. In the Laravel code, you use Domain groups or url('/') to check which domain you are on.
Your config might look like this:
server {
listen 80, 443;
listen [::]:80, [::]:443;
servername www.domain1.com www.domain2.com;
root /home/kyo/laravel/public/;
index index.php;
location / {
try_files $uri $uri/ =404;
}
}
I used something like this, a server name alias:
server_name www.app1 www.app2;
And then have DNS pointed to the same host. If you are working in your own linux box, change the /etc/hosts file:
sudo vim /etc/hosts
And add the new hosts:
127.0.0.1 www.app1
127.0.0.1 www.app2
I have a laravel web app that acts as a CMS and has several sites in one app. I access these sites with the following url:
my-site.com/site/1 - Leads to site 1
I want to rewrite NGINX so that i can point several top domains to their respective site in my CMS.
my-site-1.com -> my-site.com/site/1
How can this be achieved? All questions i can find wants to point a domain to a subfolder, i want to point it to a query parameter.
I use Larave forge + Digitalocean. This is my configuration file
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/default/before/*; #*/
server {
listen 80 default_server;
server_name default;
root /home/forge/default/public;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/default/server/*; #*/
location / {
try_files $uri $uri/ /index.php?$query_string;
if ($http_host ~ "^(www.)?my-site-1.com$"){
#I tried adding som conditional rules here
}
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_connect_timeout 18000;
fastcgi_send_timeout 18000;
fastcgi_read_timeout 18000;
}
location ~ /\.ht {
deny all;
}
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/default/after/*; #*/
I've looked on Stack Overflow but every time I find a piece of code that people say would work, it unfortunately doesn't work for me.
I'm using Laravel on Forge and trying to redirect non www & non ssl to ssl+www.
It works. However, it does not redirect https://example.com. It redirects all other's: example.com or www.example.com or http://example.com or http://www.example to https://www.example.com except the one mentioned above.
I have no idea why this is happening.
Here's my Nginx file:
server {
listen 80;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 80;
server_name xxx.xxx.xxx.xxx;
return 301 $scheme://example.com$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
root /home/forge/example.com/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/example.com/21671/server.crt;
ssl_certificate_key /etc/nginx/ssl/example.com/21671/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
#cache:
location ~* \.(css|js|gif|jpe?g|png)$ {
expires 168h;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
}
Because your first two servers only listen to the post 80 (non ssl).
Change them like this:
server {
listen 80;
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/example.com/21671/server.crt;
ssl_certificate_key /etc/nginx/ssl/example.com/21671/server.key;
server_name example.com;
return 301 https://www.example.com$request_uri;
}