Level 50
ping @fideloper. He's the man at this kinda stuff.
Apr 26, 2017
3
Level 1
Nginx, redirects, and SSL
I'm an admin, new to Laravel, and not deep in PHP generally.
Our devs built a site with Laravel and Forge on Ubuntu, hosted on nginx, and we're trying to deploy it. The new site replaces an old .NET site at the same URL. We've given the old site a new legacy name, and have to redirect a handful of specific URLs that implement SOAP APIs on the Laravel site to URLs on the old site.
So something like:
http://newsite.ourdomain.com/ws_Whatever.aspx?params should be mapped to: http://legacy.ourcomain.com/ws_Whatever.aspx?params
In addition, we want people who hit the non-SSL version of the Laravel site to be redirected to the SSL version.
I tested the single URL and SSL redirects on a dummy non-Laravel nginx site, and got it working. But on the Laravel site, I've found that my single URL redirects work but the SSL redirects don't. I think that the code in Laravel that handles routes is interacting with my nginx configs in ways that I don't understand.
Our devs set up the site to redirect to a different URL depending on the country you're in. So if you login to http://site.com, you might end up at http://site.com/us. I find that even though I have a general http --> https redirect in place, I still end up with http://site.com/us.
I'm sure there's a "Laravel way" to do these things that I don't know about, and I was hoping that someone could point me in the right direction.
server {
listen 80;
server_name site.domain.com;
location = /ws_EnsSSOFeeds.asmx {
rewrite /ws_EnsSSOFeeds.asmx http://legacy.site.com/ws_EnsSSOFeeds.asmx redirect;
}
return 301 https://server_name$request_uri;
}
server {
listen 443 ssl;
server_name site.domain.com;
root /home/forge/default/current/public;
ssl_certificate /path/to/crt/domain.crt;
ssl_certificate_key /path/to/key/domain.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers {long list removed};
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/default/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
Level 1
@jbloomstrom -- thanks, I will.
Level 11
Hi!
Do you know if it would be possible to see the redirect code used in PHP here as well? That could lead to a clue.
The Nginx config looks good.
In the meantime:
- Within the server, run
sudo service nginx configtestand/orsudo nginx -tto see if it complains about anything in the configuration - If the config checks out, manually reload nginx to make sure the new config is sucked in
sudo service nginx reload - Try removing the location rewrite in the block listening on port 80, reloading nginx, and seeing if it works then
- I'm assuming
return 301 https://server_name$request_uri;is actually using your domain in reality instead ofserver_namebeing what's actually in the file - is that correct?
Please or to participate in this conversation.