Welcome! Log In Create A New Profile

Advanced

Correct block syntax with ssl + varnish + www rewrite

Posted by velvetpixel 
Forum List Message List New Topic
velvetpixel
Correct block syntax with ssl + varnish + www rewrite
February 13, 2014 04:08PM
Is it ok to have rewrites for www to non-www as if statements in each http and https server block rather than using a separate server block just for the rewrite as listed in the pitfalls page?

My current config looks like this:


server {
listen 127.0.0.1:8001;
server_name example.org www.example.org;
root /home/user/public;
index index.php
gzip_static on;
access_log /var/log/nginx/example.org_access.log;
error_log /var/log/nginx/example.org_error.log;
include conf.d/drupal.frag;

if ($host = 'www.example.org' ) {
rewrite ^/(.*)$ http://example.org/$1 permanent;
}
}

server {
listen 443 ssl;
server_name www.example.org;
root /home/user/public;
index index.php
gzip_static on;
access_log /var/log/nginx/example.org_access.log;

ssl_certificate /etc/ssl/certs/example.org.pem;
ssl_certificate_key /etc/ssl/private/example.org.key;
ssl_ciphers HIGH:MEDIUM:!aNULL:!aDH:@STRENGTH;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

# require SSL for phpMyAdmin
include conf.d/phpmyadmin.frag;

include conf.d/drupal.frag;

if ($host = 'www.example.org' ) {
rewrite ^/(.*)$ http://example.org/$1 permanent;
}
}
Reply Quote
velvetpixel
Re: Correct block syntax with ssl + varnish + www rewrite
February 13, 2014 04:25PM
Is this better?


server {
listen 443 ssl;
listen 127.0.0.1:8001;
server_name www.example.org;
return 301 $scheme://example.org$request_uri;
}

server {
listen 127.0.0.1:8001;
server_name example.org;
root /home/user/public;
index index.php
gzip_static on;
access_log /var/log/nginx/example.org_access.log;
error_log /var/log/nginx/example.org_error.log;
include conf.d/drupal.frag;
}

server {
listen 443 ssl;
server_name example.org;
root /home/user/public;
index index.php
gzip_static on;
access_log /var/log/nginx/example.org_access.log;

ssl_certificate /etc/ssl/certs/example.org.pem;
ssl_certificate_key /etc/ssl/private/example.org.key;
ssl_ciphers HIGH:MEDIUM:!aNULL:!aDH:@STRENGTH;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

# require SSL for phpMyAdmin
include conf.d/phpmyadmin.frag;

include conf.d/drupal.frag;
}
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 173
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready