Join Log in
Score:0
Pc Monk avatar Server

Nginx http to https redirects download empty file instead

tm flag
Pc Monk

Im trying to redirect my Laravel+vuejs+nuxtjs project from http to https but when I enter http://example.com or http://www.example.com an empty file being downloaded instead

What have I done so far :

1- Commenting default_type application/octet-stream and adding default_type text/html instead in nginx.conf

2-defining types { } default_type "text/plain"; in location /{} of the example.com.conf

3-nginx redirect with the code below

server{
  listen xx.xx.xx.xx:80;
    server_name example.com www.example.com;
  return 301 https://www.example.com$request_uri;
}

4- tried to redirect it with a .php file with the following example.com.conf file:

       server {
          listen 37.152.191.249:80;
          server_name www.example.com example.com;

         access_log /usr/local/apache/domlogs/example.com.bytes bytes;
        access_log /usr/local/apache/domlogs/example.com.log combined;
        error_log /usr/local/apache/domlogs/example.com.error.log error;

        root /home/example/public_html/;
        index index.php;

   location / {
types { } default_type "text/plain";
    try_files                       $uri $uri/  /index.php?$query_string;

}

location ~ \.php$ {
   fastcgi_split_path_info         ^(.+\.php)(/.+)$;
    fastcgi_pass                    127.0.0.1:9000;
    fastcgi_index                   index.php;
    include                         fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  fastcgi_intercept_errors        off;
    fastcgi_buffer_size             16k;
    fastcgi_buffers                 4 16k;
    fastcgi_connect_timeout         300;
   fastcgi_send_timeout            300;
    fastcgi_read_timeout            300;
}


        location ~* "/\.(htaccess|htpasswd)$" {deny all;return 404;}

        disable_symlinks if_not_owner from=/home/example/public_html;
}

the index.php in public_html code :

    $location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header('HTTP/1.1 301 Moved Permanently');
    header('Location: ' . $location);
    exit;

None of the above worked and the problem still presist.

+Current Configurations :

nginx -t report :

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

example.com.ssl.conf :

server{
  listen xx.xx.xx.xx:443 http2 ssl;
    server_name example.com;
        ssl_certificate      /etc/pki/tls/certs/example.com.bundle;
        ssl_certificate_key  /etc/pki/tls/private/example.com.key;
        ssl_protocols TLSv1.2;
        ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EE3CDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eN$
        ssl_prefer_server_ciphers   on;

       ssl_session_cache   shared:SSL:10m;
       ssl_session_timeout 60m;
       return 301 https://www.example.com$request_uri;
}
       server {
          listen xx.xx.xx.xx:443 http2 ssl;
          server_name www.example.com;

         access_log /usr/local/apache/domlogs/example.com.bytes bytes;
        access_log /usr/local/apache/domlogs/example.com.log combined;
        error_log /usr/local/apache/domlogs/example.com.error.log error;
        ssl_certificate      /etc/pki/tls/certs/example.com.bundle;
        ssl_certificate_key  /etc/pki/tls/private/example.com.key;
        ssl_protocols TLSv1.2;
        ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eN$
        ssl_prefer_server_ciphers   on;

        ssl_session_cache   shared:SSL:10m;
        ssl_session_timeout 60m;

        root /home/example/core/public/;
        index index.php;

   location / {
  proxy_set_header                Connection 'upgrade';
    proxy_http_version              1.1;
    proxy_pass                      https://xx.xx.xx.xx:3000$uri;
    proxy_intercept_errors          on;# In order to use error_page directive this needs to be on
    error_page                      404 = @php;
}

location @php {
    try_files                       $uri $uri/  /index.php?$query_string;

}

location ~ \.php$ {
   fastcgi_split_path_info         ^(.+\.php)(/.+)$;
    fastcgi_pass                    127.0.0.1:9000;
    fastcgi_index                   index.php;
    include                         fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   fastcgi_intercept_errors        off;
    fastcgi_buffer_size             16k;
    fastcgi_buffers                 4 16k;
    fastcgi_connect_timeout         300;
   fastcgi_send_timeout            300;
    fastcgi_read_timeout            300;
}


        location ~* "/\.(htaccess|htpasswd)$" {deny all;return 404;}

        disable_symlinks if_not_owner from=/home/example/public_html;

        location /.well-known/acme-challenge {
                default_type "text/plain";
                alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
        }

        location /.well-known/pki-validation {
                default_type "text/plain";
                alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
        }
}

Current example.com.conf :

server{
  listen xx.xx.xx.xx:80;
    server_name example.com www.example.com;
  return 301 https://www.example.com$request_uri;
}

I have not added the nginx -T report since it shows irrelevant configuration files from other websites.

Also server running multiple sites and the wordpress ones have no problem redirecting using the code provided at #3 for redirect but when it comes to THE site that uses nuxtjs , I get a empty file downloaded instead.

Any help would be highly appreciated

88
0 + 0
us flag
Tero Kilkanen
You don't need to change MIME types at all for the redirect. Are you sure your `example.com.conf` has correct `server_name`? Is the `example.com.conf` file visible in `nginx -T` output?
1
Reply
Pc Monk avatar
tm flag
Pc Monk
Yes it is visible in nginx -T I have checked it numors times.(after each change).and I agree with you , changing MIME type is not needed but was worth a shot that it may gets passed to php-fpm instead of getting downloaded
0
Reply
us flag
Tero Kilkanen
Are you sure the IP address in `listen` directive is correct? If the address doesn't match, then nginx won't use this virtual host.
0
Reply
Score:1
Pc Monk avatar Server
tm flag
Pc Monk

I copied one of my wordpress nginx config and replaced the xxx part with domain name and yyy with server IP

server {
        listen yyy.yyy.yyy.yyy:80;
        server_name xxx.com  www.xxx.com;
  return 301 https://xxx$request_uri;

        location / {
                try_files $uri $uri/ /index.php?$args;
                add_header Strict-Transport-Security "max-age=31536000";
                add_header X-XSS-Protection "1; mode=block" always;
                add_header X-Content-Type-Options "nosniff" always;

                location ~.*\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
                        expires max;
                }

                location ~ [^/]\.php(/|$) {
                        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                        if (!-f $document_root$fastcgi_script_name) {
                                return  404;
                        }

                        fastcgi_pass    127.0.0.1:9000;
                        fastcgi_index   index.php;
                        include         /etc/nginx/fastcgi_params;
                }

        }

        location ~* "/\.(htaccess|htpasswd)$" {deny all;return 404;}


        disable_symlinks if_not_owner from=/home/domainname/public_html;

        location /.well-known/acme-challenge {
                default_type "text/plain";
                alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
        }

        location /.well-known/pki-validation {
                default_type "text/plain";
                alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
        }
}

It gets redirected to https without downloading anything, I've rewinded all the changes I had done to nginx and php-fpm to their default.

Now its working But why ?

after playing around noticed changing the location of the working nginx config to location ~ \.php$ (the one I was using before) will make the issue return.thats it!

No further investigation of why location ~ \.php$ does NOT work but location ~ [^/]\.php(/|$) does.

Hope it helps.

0 + 0
Score:0
Bünyamin Tasdelen avatar Server
mf flag
Bünyamin Tasdelen

Winston Krauss @serverfault contributed to the same topic on April-2017.
The location ~ modifier

[^/]\.php(/|$)

might point to a server-configuration which doesn't contain the

listen 80 http2

directive, but

\.php$

does and could have affected how nginx listen on port 80.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.