Nginx $scheme doesn't always work while using SSL for one specific page

Posted by jjiceman on Server Fault See other posts from Server Fault or by jjiceman
Published on 2012-06-03T03:56:43Z Indexed on 2012/06/03 4:42 UTC
Read the original article Hit count: 484

Filed under:
|
|

I read and followed this question in order to configure nginx to force SSL for one page (admin.php for XenForo), and it is working well for a few of the site administrators but is not for myself. I was wondering if anyone has any advice on how to improve this configuration:

...

ssl_certificate      example.net.crt;
ssl_certificate_key  example.key;

server {
    listen 80 default;
    listen 443 ssl;

    server_name www.example.net example.net;
    access_log /srv/www/example.net/logs/access.log;
    error_log /srv/www/example.net/logs/error.log;

    root /srv/www/example.net/public_html;
    index index.php index.html;

    location / {
        if ( $scheme = https ){
            rewrite ^ http://example.net$request_uri? permanent;
        }
        try_files $uri $uri/ /index.php?$uri&$args;
        index index.php index.html;
    }

    location ^~ /admin.php {
        if ( $scheme = http ) {
            rewrite ^ https://example.net$request_uri? permanent;
        }
        try_files $uri /index.php;
        include fastcgi_params;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param HTTPS on;
    }

    location ~ \.php$ {
        try_files $uri /index.php;
        include fastcgi_params;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param HTTPS off;
    }
}

...

It seems that the extra information in the location ^~ /admin.php block is unecessary, does anyone know of an easy way to avoid duplicate code? Without it it skips the php block and just returns the php files.

Currently it applies https correctly in Firefox when I navigate to admin.php. In Chrome, it downloads the admin.php page. When returning to the non-https website in Firefox, it does not correctly return to http but stays as SSL. Like I said earlier, this only happens for me, the other admins can go back and forth without a problem.

Is this an issue on my end that I can fix? And does anyone know of any ways I could reduce duplicate configuration options in the configuration? Thanks in advance!

© Server Fault or respective owner

Related posts about nginx

Related posts about ssl