CF cert doesn't work with my NGINX

redsox · June 9, 2020, 8:09am

Hello guys. I tried almost everything but coudn’t start my forum with a CF cert. Everything’s done good on the server, except nginx file for my site. Could someone helpe me to edit it? I’m not good at nginx…
This is my file, I made a lot of edits but with no success, give you the original. Maybe people here can make a few edits. Thank you

server {

  listen 80;
  server_name mydomain.com www.mydomain.com;
  root /var/www/vanilla;
  index index.php;

  location ~* /\.git { deny all; return 403; }
  location /build/ { deny all; return 403; }
  location /cache/ { deny all; return 403; }
  location /cgi-bin/ { deny all; return 403; }
  location /uploads/import/ { deny all; return 403; }
  location /conf/ { deny all; return 403; }
  location /tests/ { deny all; return 403; }
  location /vendor/ { deny all; return 403; }

  location ~* ^/index\.php(/|$) {
    include snippets/fastcgi-php.conf;
    fastcgi_param SCRIPT_NAME /index.php;
    fastcgi_param SCRIPT_FILENAME $realpath_root/index.php;
    fastcgi_param X_REWRITE 1;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
  }

  location ~* \.php(/|$) {
    rewrite ^ /index.php$uri last;
  }

  location / {
    try_files $uri $uri/ @vanilla;
  }

  location @vanilla {
    rewrite ^ /index.php$uri last;
  }

}

redsox · June 9, 2020, 8:12am

I tried a lot of variation of this…but as I mentioned above - with no success

server {

  listen 80;
  listen [::]:80;
  server_name mydomain.com www.mydomain.com;

  return 302 https://$server_name$request_uri;

  location ~* /\.git { deny all; return 403; }
  location /build/ { deny all; return 403; }
  location /cache/ { deny all; return 403; }
  location /cgi-bin/ { deny all; return 403; }
  location /uploads/import/ { deny all; return 403; }
  location /conf/ { deny all; return 403; }
  location /tests/ { deny all; return 403; }
  location /vendor/ { deny all; return 403; }

  location ~* ^/index\.php(/|$) {
    include snippets/fastcgi-php.conf;
    fastcgi_param SCRIPT_NAME /index.php;
    fastcgi_param SCRIPT_FILENAME $realpath_root/index.php;
    fastcgi_param X_REWRITE 1;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
  }

  location ~* \.php(/|$) {
    rewrite ^ /index.php$uri last;
  }

  location / {
    try_files $uri $uri/ @vanilla;
  }

  location @vanilla {
    rewrite ^ /index.php$uri last;
  }

}

server {

# SSL configuration

listen 443 ssl http2;

listen [::]:443 ssl http2;

ssl        on;

ssl_certificate         /etc/ssl/certs/cert.pem;

ssl_certificate_key     /etc/ssl/private/key.pem;
server_name mydomain.com www.mydomain.com;
root /var/www/vanilla;
index index.php
}

This is my current nginx file

sandro · June 9, 2020, 8:14am

I am afraid that is a question better suited for StackExchange.

redsox · June 9, 2020, 8:29am

I did and it says me I’m not in the right place to ask

welcome to Meta! I’m not sure which search brought you here but the problem you describe will not be answered on this specific site.

sandro · June 9, 2020, 8:31am

“Meta” probably not, but one of their other categories.

sandro · June 9, 2020, 8:40am

One thing to keep in mind, you might need the Origin root certificate

redsox · June 9, 2020, 8:42am

It says it’s an option, not must have. But yeah I have installed it.

sandro · June 9, 2020, 8:43am

That is why “might”. In addition to StackExchange you might also try the Nginx forums.

sandro · June 9, 2020, 8:50am

This topic was automatically closed after 41 minutes. New replies are no longer allowed.