Redirected you too many times

I have 2 domains on 1 ip address
watchbox.ga
watchbox.ge
ip address: 46.101.166.170

when i’m opening watchbox.ga everything works perfect but when i’m trying to open watchbox.ge browsers alerts error “redirected you too many times.”

i have disabled https redirect on watchbox.ge and turned on automatic https rewrite but it doesn’t work.
error: “mixed content errors, the browser refuses to load the resources over an unsecure connection”

so how can i use watchbox.ge with https?
p.s watchbox.ge and watchbox.ga have same nginx configuration

Default server configuration

server {

listen 80;
listen [::]:80;
server_name 46.101.166.170;

# Redirect all traffic comming from your-server-ip to your domain
return 301 $scheme://watchbox.ge;

}

#WATCHBOX.GA

server {

listen 80;

server_name www.watchbox.ga watchbox.ga;
return 301 https://watchbox.ge$request_uri;#redirect to https

}

server {

add_header 'Access-Control-Allow-Origin' 'http://google.com';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET';

# SSL configuration
#
listen 443 ssl;

ssl_certificate /etc/nginx/ssl/watchbox.ga/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/watchbox.ga/private.key;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;

gzip on;
gzip_comp_level    5;
gzip_min_length    256;
gzip_proxied       any;
gzip_vary          on;

gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
# text/html is always compressed by gzip module

location ~*  \.(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
expires 7d;
}





#END IMPROVE PERFOMANCE OF PAGE WITH GZIP + CACHING


root /var/www/watchbox.ge/public_html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;

server_name www.watchbox.ga watchbox.ga;

location / {

add_header Access-Control-Allow-Origin "*";
try_files $uri $uri/ /index.php$is_args$args;
}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
#try_files $uri =404;
include snippets/fastcgi-php.conf;
#
#	# With php7.0-cgi alone:
#	fastcgi_pass 127.0.0.1:9000;
#	 With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
# TIMEOUT
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
#fastcgi_read_timeout 300;
}



# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
#	allow all;
#}

}

#WATCHBOX.GE

server {
listen 80;

server_name www.watchbox.ge watchbox.ge;
return 301 https://watchbox.ge$request_uri;#redirect to https

}
server {

add_header 'Access-Control-Allow-Origin' 'http://google.com';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET';

# SSL configuration
    #
    listen 443 ssl;

    ssl_certificate /etc/nginx/ssl/watchbox.ge/certificate.crt;
    ssl_certificate_key /etc/nginx/ssl/watchbox.ge/private.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;

#IMPROVE PERFOMANCE OF PAGE WITH GZIP + CACHING

gzip on;
gzip_comp_level    5;
gzip_min_length    256;
gzip_proxied       any;
gzip_vary          on;

gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
# text/html is always compressed by gzip module

location ~*  \.(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
    expires 7d;
}

#END IMPROVE PERFOMANCE OF PAGE WITH GZIP + CACHING

root /var/www/watchbox.ge/public_html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;

server_name www.watchbox.ge watchbox.ge;

location / {

    add_header Access-Control-Allow-Origin "*";
    try_files $uri $uri/ /index.php$is_args$args;
}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
	#try_files $uri =404;
	include snippets/fastcgi-php.conf;
#
#	# With php7.0-cgi alone:
#	fastcgi_pass 127.0.0.1:9000;
#	 With php7.0-fpm:
	fastcgi_pass unix:/run/php/php7.2-fpm.sock;
# TIMEOUT
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include fastcgi_params;
	#fastcgi_read_timeout 300;
}



# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
#	allow all;
#}

}

Hi, on your crypto tab can you enable automatic https rewrites on the site with mixed content? That won’t work if the issue is with css or javascript, but it will for simple http calls. Where is does not work, you’ll need to change manually.

Mixed content comes up a lot and if you search this site you will a #CommunityTip about it with details.

2 Likes

Hi, thanks for response, yes you are right, i found that SSL settings were flexible and switched it to “full” and it helped me, and also turned on Automatic HTTPS Rewrites.

Thanks for help ^~^

1 Like