nginx 1.8.0 ssl configuration root location behaving unexpectedly

Question

I bump into this problem. I recently install nginx 1.8+ on a centos 6.7 along with PHP-FPM (5.3+). The installation was fine and setting up the virtual host was okay too but when I create a secure site and forward my http to https here comes the trouble. The page says 404 not found. When I check the error logs of nginx I found out it is looking on different directory and not with the directory I specified.

Here is the error logs

2016/01/22 21:54:29 [error] 4205#0: *1 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 173.245.48.185, server: subdomain.example.com, request: "GET / HTTP/1.1", host: "subdomain.example.com"

The nginx using SSL use the /etc/nginx/html/ and not my defined root which is /srv/www/default-www directory. Below is my SSL configuration help me and kindly correct the error I made. Thanks in advance :)

    server {
     listen 80;
     server_name subdomain.example.com;

     if ($http_cf_visitor ~ '{"scheme":"http"}') {
        return 301 https://$server_name$request_uri;
     }

    }


    server {
    listen 443;
    server_name  subdomain.example.com;
root /srv/www/default-www/;
server_tokens off;


#access_log  /var/log/nginx/log/subdomain.example.com.access.log  main;

gzip on;
gzip_disable "msie6";
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;


ssl_certificate      /etc/nginx/ssl/server.crt;
ssl_certificate_key  /etc/nginx/ssl/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout  5m;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
ssl_prefer_server_ciphers   on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";

location / {
 try_files $uri $uri/ /index.php;
 #index  index.php index.html index.htm;
}

location ~ /(cgi-bin|file_upload|file_assets) {
  deny all;
  return 404;
}

location = /favicon.ico {
  log_not_found off;
}

error_log /var/log/nginx/subdomain.example.com-error.log warn;    
error_page   500 502 503 504  /50x.html;

location = /50x.html {
    root   /usr/share/nginx/html;
}

location ~ \.php$ {
    fastcgi_pass   unix:/var/lib/php/socket.sock;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include        fastcgi_params;
   }
 }

Please note I change the domain name and provided an example only. Where in my configuration is wrong? Kindly correct me if you had this problem before or any solution you can offer for a newbie like me.

That is puzzling. Have you restarted nginx? Can you please post access logs, showing both the http forward and the attempted https access. — Tim, Jan 23 '16 at 03:16
I turn off the access logs and only turn on the error logs. I also restarted nginx and also rebooted the server. — Edang Jeorlie, Jan 23 '16 at 03:20
I'm really puzzled I don't have a directive in any of the *.conf file pointing to **/etc/nginx/html/** what I have is the default which is the **/usr/share/nginx/html** . It's weird right, why nginx is looking at the **/etc/** as root directory and not with the root directive I wrote. — Edang Jeorlie, Jan 23 '16 at 03:23
Grep the whole /etc/nginx directory for "etc/nginx". It's looking in the nginx config directory so it could be a problem with relative vs absolute file references. Suggest you turn access logs back on or post your real URL if you want help, I don't see how anyone can help you further with the information provided. It will be a configuration error. Post your full nginx.conf as well as the access logs. Post every log that could be relevant. — Tim, Jan 23 '16 at 03:28
By the way I used the cloudflares Full SSL here and I have a self signed certs. — Edang Jeorlie, Jan 23 '16 at 03:44
Your logs are difficult to understand in the comments. Delete your comments that have logs and put them into your question, properly formatted. Make it easy for people to help you or they won't bother. — Tim, Jan 23 '16 at 04:20

score 1 · Answer 1 · answered Jan 23 '16 at 09:44

1

You do not appear to have SSL mode enabled. You have all of the SSL configuration but have not switched on SSL. This is achieved in the listen or ssl directives.

listen 443 ssl;

Why that would cause the side-effect you are observing - I have no idea.

See this document for more information.

answered Jan 23 '16 at 09:44

Richard Smith

12,834
2
21
29

No my SSL is enable. I found out the problem. It is caused with the Cloudflare Full SSL. When I turn of the cloudflare.. everything was fine. :) – Edang Jeorlie Jan 24 '16 at 05:52

score -1 · Answer 2 · answered Jan 24 '16 at 06:20

-1

It's fine now. I used the cloudflares flexible SSL and not the Full SSL it seems like it is causing it. When I switch it to Flexible it's working fine.

answered Jan 24 '16 at 06:20

Edang Jeorlie

101
1

nginx 1.8.0 ssl configuration root location behaving unexpectedly

2 Answers2