Hi Everyone, I am using CentOS with Nginx and I have a Joomla site up and running. I have pasted my SSL into the SSL tab on ISPConfig3 and https works on the backend admin panel - UNTIL I login, then it goes away!! Also, If I use the FORCE SSL in Joomla I get a server error... Any help would be appreciated!! Thank you
Safari generated too many redirects!! I used THIS tutorial! I am inside a LAN and configured my firewall so that traffic to the server from the outside cannot reach our main server. I have a static IP, separate DNS servers and Gateway. It is NAT'd to the outside IP and the site runs fine and will load with HTTPS, but it will not STAY https!! I am using ENOM for my A record (domain to external IP) In ISPConfig3 I set up DNS for my server using my internal IP and the nameservers from ENOM. The only other way I have been able to add Nameservers other than from ENOM is to use NS1.(external IP). I admit that I am a novice and have come a long way - I know this is a DNS issue because I had it working fine, but was unable to set up my own nameservers with ISPConfig3. If I tried to use MY ISPConfig3 Nameservers in ENOM my site is unreachable! I have gone through the tutorials and like everything - each configuration is unique. What makes mine unique is that I am inside a LAN and do not know how to configure my nameservers properly in ISPConfig3. As you know DNS is important for site security. Any help would be appreciated!! Thanks!
I cant help you if you dont post the exact error messages from the website error.log. The SSL redirects are donw in apache internally, they are not related to your dns setup or domain registry.
Hi Till, Actually the info below is from my NGINX error log...I checked every error log I could find and this is all there is!! The USER IP ADDRESS in each case below is my internal IP!! <user IP Address>- - [20/Mar/2014:10:40:37 -0500] "-" 400 0 "-" "-" "-" <user IP Address> - - [20/Mar/2014:10:40:37 -0500] "-" 400 0 "-" "-" "-" <user IP Address>- - [20/Mar/2014:10:40:37 -0500] "-" 400 0 "-" "-" "-" <user IP Address> - - [20/Mar/2014:10:40:37 -0500] "-" 400 0 "-" "-" "-" <user IP Address> - - [20/Mar/2014:10:40:39 -0500] "-" 400 0 "-" "-" "-" <user IP Address>- - [20/Mar/2014:10:40:39 -0500] "-" 400 0 "-" "-" "-"
There must be some kind of conflict between the ssl reirect function of your cms and the nginx rewrite rules that you use Or you enabled ssl redirect in ispconfig and in the cms, which will cause a cnflict (never ending loop) as well.
Thanks Till, I still have nothing - the novice strikes again...I will have to keep digging!! Thanks all for your help!
Well - I can get my server to use SSL all the time no problem and I have HTTPS access on the site I am working on - but I cannot get it to continue to use SSL!! I have tried the htaccess file and the redirection tab. I even used nginx ssl but it changed the path to my folders for my site!! Now I am at a loss again!! Is their a good way with ISPConfig3 to get your site to continue using SSL? Thanks Zippy
.htaccess is a function of the apache webserver, it does not exist in nginx. Thats not ispconfig specific. your current problem is a incompatibility of rewrite rules between your cms and nginx. you can try to add this rewrite rule in the custom nginx directives field of the website: Code: rewrite ^ https://$server_name$request_uri? permanent;
Thanks Till, I did a lot of research yesterday and learned htaccess is a function of apache Your recommendation works - here is what Firefox returns: Now, here is the interesting part - I have pasted the SSL into the SSL boxes in ISPConfig3 and saved the certificate and if I type the https address in it will use https - but I cannot get it to STAY https!! I appreciate the help!
Most likely your cms is redirecting back to http then. because there is no function in ispconfig that can do such a redirect.
You can test it, move your vms installation to a subfolder and then enter a simple "test.php" script in the web folder with this content: <?php echo "Hello Test"; ?> and see if it also redirects you back to http.
I have done the following: Added this example to my /etc/nginx/conf.d/default.conf file: Code: server { listen 80; listen [::]:80; listen 443 default ssl; server_name www.example.com; ssl_certificate /path/to/my/cert; ssl_certificate_key /path/to/my/key; if ($ssl_protocol = "") { rewrite ^ https://$server_name$request_uri? permanent; } } And it worked!! Until I tried to enter the site without https and it did not redirect to the https. As a result I got a 400 error (http sent to https port) I have tried everything...and I cannot get my site to STAY on https!! I am about to give up and migrate to GoDaddy unless you guys can point me to a for hire developer that can fix this for me!! What is odd is that it was working!! And it still will work with both http and https, but it will not stay https!! I read in the ISPConfig3 manual that you should not use a wildcard IP if you use SSL in the panel for a website, but if I change the IP it defaults me back to the nginx splash page!! Whew - my lack of linux background it hurting me now!! Thanks
Setting up the vhost manually will not help to solve the problem. Have you tried the test that i suggested and with which result? And one question, why did you choose nginx instead of apache? Most Cms systems are not compatible with nginx by default, you need good nginx knowledge to write your own rules ehile they eork on apache servers out of the box.
Thanks - I will try your recommendation. I used nginx because I did a great deal of research on which one performed better - nginx came out in front every time!! My site is running fine, and this issue just surfaced...I still feel that if I moved my server outside my LAN a lot of my issues would go away. For example - I do not know how to configure my DNS to run my own nameservers INSIDE our Local Area Network, but outside the LAN I am sure it would work!
Thats indeed true. But I guess the researches did not metion that you need good Linux administration knowledge to get it to work while apache works out of the box, as all cms systems come with ready made .htaccess files for apache. Nginx is like a formula1 car, it is fast, but you have to know how to drive it to not end up at the next tree. DNS is a different layer, it can not switch you from https to https and vice versa. If you like to test a website locallly, then add the ip address and domain name to the hosts file on your desktop.
Thanks for all your help Till, I did learn a great deal and the site does work well - and super fast, but I have migrated to GoDaddy just today because of the SSL issue. I transferred all the files and the database and the https pops up every time - no problem!! So it was not my cms - I have a config problem on my CentOS server. I know how to set up Joomla on NGINX and place my certs on the server. I think I could be successful running the site without ISPConfig3, but only because of what I have learned from ISPCongfig3. I did not plan on being an ISP so I used ISPConfig3 for structure and I think if I host my DNS elsewhere and learn a little more about user permissions and security on nginx I could pull of a rocket fast little site!! Which is really all I want to do!! Unfortunately my boss wants the site up and running so I am out of time!! Thanks again for all your help!!
