Nginx does not serve static files over HTTPS

Question

I am trying to set up Nginx in front of Apache as a reverse proxy and to serve static files. I 301 http to https, and provide the directives in https section to serve a static folder via an alias. However, for some strange reason the files get served via http.

Here's my Nginx site config:

    server {
            listen   80; 
            listen   [::]:80;
            access_log off;
            server_name site.com www.site.com;
            return 301 https://$server_name$request_uri;

        }

    server {
            listen   443;
            ssl on;

            ssl_certificate /usr/local/sslcert/my.crt;
            ssl_certificate_key /usr/local/sslcert/my.key;

            access_log off;
            server_name site.com www.site.com;


            location /public/ {
            alias /var/www/public/;
            expires max;
            add_header Pragma public;
            add_header Cache-Control "public";
            }


            location / {

            root /var/www/;
            index index.php

            client_max_body_size    10m;
            client_body_buffer_size 128k;

            proxy_send_timeout   90;
            proxy_read_timeout   90;
            proxy_buffer_size    128k;
            proxy_buffers     4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_connect_timeout 30s;

            proxy_redirect  off;

            proxy_pass   http://127.0.0.1:3333/;

            proxy_set_header   Host   $host;
            proxy_set_header   X-Real-IP  $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            }



            location /push {
            root /var/www/;
            rewrite /push(.*) /$1 break;
            proxy_pass https://127.0.0.1:8332/push/;
            proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            }

             location ~ /\.ht {
                    deny all;
            }
    }

What am I missing?

site.com just redirected me to salesforce.com. What is going on here? Isn't that your site? — Michael Hampton, Jul 28 '14 at 21:12
[You may need to provide the actual name](http://meta.serverfault.com/q/963/126632) in order for anyone to figure this out. — Michael Hampton, Jul 28 '14 at 23:05

user3521621 · Accepted Answer · 2014-08-08T19:04:22.123

1

So the issue was actually with Zend Framework BaseUrl setting. I have removed it, and everything is working now.

edited Aug 08 '14 at 19:04

answered Aug 04 '14 at 18:08

user3521621

265
1
4
11

score 0 · Answer 2 · answered Jul 29 '14 at 05:40

This might not be the actual reason for the problem, but it causes difficulties anyway.

You are using root inside location blocks, which doesn't work out nicely in general.

Try this configuration:

server {
        listen   80; 
        listen   [::]:80;
        access_log off;
        server_name site.com www.site.com;
        return 301 https://$server_name$request_uri;
}

server {
        listen 443 ssl;
        listen [::]:443 ssl;

        ssl_certificate /usr/local/sslcert/my.crt;
        ssl_certificate_key /usr/local/sslcert/my.key;

        access_log off;
        server_name site.com www.site.com;

        root /var/www;

        location /public/ {
            expires max;
            add_header Pragma public;
            add_header Cache-Control "public";
        }

        location / {
            index index.php

            client_max_body_size    10m;
            client_body_buffer_size 128k;

            proxy_send_timeout   90;
            proxy_read_timeout   90;
            proxy_buffer_size    128k;
            proxy_buffers     4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_connect_timeout 30s;

            proxy_redirect  off;

            proxy_pass   http://127.0.0.1:3333/;

            proxy_set_header   Host   $host;
            proxy_set_header   X-Real-IP  $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        location /push {
            rewrite ^/push(.*) /$1 break;
            proxy_pass https://127.0.0.1:8332/push/;
            proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

         location ~ /\.ht {
                deny all;
        }
}

Changes:

Moved ssl definition to the listen line
Added IPv6 to SSL section
Moved root directive to server level
Removed unneeded alias and root definitions from location blocks, the server level root directive covers these
Added start of line ^ to the push rewrite rule.

thanks for the feedback! unfortunately that does not solve the issue :( — user3521621, Jul 30 '14 at 18:19

Nginx does not serve static files over HTTPS

2 Answers2