wearepixl
4 years ago
2070
5
Forge

Allow site to run on both HTTP and HTTPS

Posted 4 years ago by wearepixl

I'm trying to set up a clients old site on one of our forge boxes whilst we build a new one. The kicker is that only part of the site is set up to be on HTTPs and the rest is on HTTP.

How can I achieve this in Forge?

I thought I could just apply the SSL, then edit the NGINX config duplicating the 443 section and changing it to port 80 without the SSL chunks. However, that doesn't seem to work and is always trying to force it onto HTTPS which in turn is causing and redirect loop.

Here's the NGINX config.

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/testsite.co.uk/before/*;

server {
    listen 80;
    server_name testsite.co.uk;
    root /home/forge/testsite.co.uk/public;

    # FORGE SSL (DO NOT REMOVE!)
    #ssl_certificate /etc/nginx/ssl/testsite.co.uk/89631/server.crt;
    #ssl_certificate_key /etc/nginx/ssl/testsite.co.uk/89631/server.key;

    #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    #ssl_ciphers ... ;
    #ssl_prefer_server_ciphers on;
    #ssl_dhparam /etc/nginx/dhparams.pem;

    index index.html index.htm index.php;

    charset utf-8;

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/testsite.co.uk/server/*;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/testsite.co.uk-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    ssl_certificate_key /etc/nginx/ssl/testsite.co.uk/89631/server.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ... ;
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/nginx/dhparams.pem;

    index index.html index.htm index.php;

    charset utf-8;

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/testsite.co.uk/server/*;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/testsite.co.uk-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

server {
    listen 443 ssl http2;
    server_name testsite.co.uk;
    root /home/forge/testsite.co.uk/public;

    # FORGE SSL (DO NOT REMOVE!)
    ssl_certificate /etc/nginx/ssl/testsite.co.uk/89631/server.crt;
    ssl_certificate_key /etc/nginx/ssl/testsite.co.uk/89631/server.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ...;
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/nginx/dhparams.pem;

    index index.html index.htm index.php;

    charset utf-8;

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/testsite.co.uk/server/*;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/testsite.co.uk-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/testsite.co.uk/after/*;

If someone could help me out in how I can get Forge to serve both HTTP and HTTPS version of the website you will forever be a star in my eyes!

Thanks Matt

Please sign in or create an account to participate in this conversation.