I have a droplet on DigitalOcean, running Ubuntu 16.04, which I started sharing with a friend of mine. He already has a webpage running on the droplet with nginx and today I started setting my Wordpress site on it too.
I successfully got my site running with my own domain with a dummy info.php file on it to test if it works. I set up my site separately in /etc/nginx/sites-available/.
Now I want to set SSL encryption for my site using certbot. I installed certbot and the plugin for nginx successfully. The problem I'm facing now is that when I try to go to my site, https://example.com/info.php or http://example.com/info.php I get an ERR_TOO_MANY_REDIRECTS error. So I went to the config file for my site which looked like this:
server {
root /var/www/example.com/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
And commented the entire last server block. Now I don't get error but instead now when I go to https://example.com/info.php or http://example.com/info.php I get redirected to the HTTPS version of my friend site, say https://myfriendsite.com!
This is the config file of my friend site:
upstream mysite_development {
server unix:/webapps/Backend/mysite/run/gunicorn.sock
fail_timeout=0;
}
server {
listen 80;
server_name *.myfriendsite.com;
return 301 https://myfriendsite.com$request_uri;
# rewrite ^/(.*) https://myfriendsite.com/$1 permanent;
}
server {
listen 443 ssl;
server_name myfriendsite.com;
client_max_body_size 4G;
ssl on;
ssl_certificate /webapps/Backend/certificates/cert_chain.crt;
ssl_certificate_key /webapps/Backend/certificates/myfriendsite.com.key;
access_log /webapps/Backend/logs/nginx-access.log;
error_log /webapps/Backend/logs/nginx-error.log;
location /static/ {
alias /webapps/Backend/mysite/static/;
}
location /media/price_list/ {
internal;
alias /webapps/Backend/mysite/media/price_list/;
}
location /media/electronic_bill/ {
internal;
types { application/octet-stream .pdf; }
default_type application/octet-stream;
alias /webapps/Backend/mysite/media/electronic_bill/;
}
location /media/ {
alias /webapps/Backend/mysite/media/;
}
location /assets/ {
alias /webapps/Backend/mysite/static/assets/;
}
location / {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri @proxy_to_app;
}
location @proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_redirect off;
proxy_pass http://mysite_development;
}
}
server {
listen 443 ssl;
server_name *.myfriendsite.com;
return 301 https://myfriendsite.com$request_uri;
}
If I remove SSL from my site it starts working as intended but as soon as I enable SSL for my site it gets redirected to my friend site! I can't really find what's causing the redirect.
Edit: if it is important, I'm using Cloudflare as my DNS server. My friend is using the DNS server provided by DigitalOcean.
