Jump to the post that solved this thread.
Solved: 7 Years, 8 Months ago [How To?] SSL on MyBB
#11
Solved: 7 Years, 8 Months ago
(2014-12-05, 01:58 AM)Destroy666 Wrote: Remove

listen [::]:80;
or change it to

listen [::]:80 ipv6only=on;

restart nginx and... look Smile

http://omland.pl/

log is clear

good riddle

@edit

no have more idea... hmmm :/
Reply
#12
Solved: 7 Years, 8 Months ago
Maybe try this:
server {
   listen 80;

   server_name omland.pl www.omland.pl;

   return 301 https://omland.pl$request_uri;
}

server {
   listen 443 default_server ssl;

   server_name omland.pl www.omland.pl;

   access_log /home/omland/log/access.log;  
   error_log /home/omland/log/error.log;
   root /home/omland/www;
 
   index index.php index.html index.htm;

   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RS​A+RC4:!MD5;
   ssl_prefer_server_ciphers on;  
 
   # deny access to apache .htaccess files
   location ~ /\.ht
   {
       deny all;
   }

   # use fastcgi for all php files
   location ~ \.php$
   {
       fastcgi_pass 127.0.0.1:9000;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include fastcgi_params;
   }
}

If still nothing, provide your nginx version.
Reply
#13
Solved: 7 Years, 8 Months ago
(2014-12-05, 03:37 AM)Destroy666 Wrote: Maybe try this:


server {
   listen 80;

   server_name omland.pl www.omland.pl;

   return 301 https://omland.pl$request_uri;
}

server {
   listen 443 default_server ssl;

   server_name omland.pl www.omland.pl;

   access_log /home/omland/log/access.log;  
   error_log /home/omland/log/error.log;
   root /home/omland/www;
 
   index index.php index.html index.htm;

   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RSA+RC4:!MD5;
   ssl_prefer_server_ciphers on;  
 
   # deny access to apache .htaccess files
   location ~ /\.ht
   {
       deny all;
   }

   # use fastcgi for all php files
   location ~ \.php$
   {
       fastcgi_pass 127.0.0.1:9000;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include fastcgi_params;
   }
}

If still nothing, provide your nginx version.

again

[email protected]:~# service nginx restart
Restarting nginx: nginx.
[email protected]:~#

@edit

nginx/1.2.1



@edit 2

ssl redirect is okey config:

look www.omland.pl

server {
  listen 80;

  server_name omland.pl www.omland.pl;

}

server {
  listen 443 default_server ssl;
  access_log /home/omland/log/access.log;  
  error_log /home/omland/log/error.log;
  root /home/omland/www;
  server_name omland.pl www.omland.pl;



  index index.php index.html index.htm;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RS​A+RC4:!MD5;
  ssl_prefer_server_ciphers on;  

  # deny access to apache .htaccess files
  location ~ /\.ht
  {
      deny all;
  }

  # use fastcgi for all php files
  location ~ \.php$
  {
      fastcgi_pass 127.0.0.1:9000;
      fastcgi_index index.php;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      include fastcgi_params;
  }
}


why dont read my root catalog? log save on /var/log/nginx (wtf)

Log:
Quote:2014/12/04 19:49:20 [emerg] 11476#0: bind() to [::]:80 failed (98: Address already in use)
Reply
#14
Solved: 7 Years, 8 Months ago
I don't know, looks like you have other server rules somewhere else, that would explain the endless redirects too. You can send me FTP account in PM so I can check (ja też Polak przy okazji).
Reply
#15
Solved: 7 Years, 8 Months ago
(2014-12-04, 11:44 PM)Destroy666 Wrote: It's because you're using http:// instead of https:// in your Board URL setting ( ACP -> Configuration -> Site Details). Change it.

And to force https, just add a rule in .htaccess:
http://stackoverflow.com/a/4399158

Why do you we have to set url there?

Im leaving it blank and my site works both ssl and non-ssl
Heart MYBB  Heart
Reply
#16
Solved: 7 Years, 8 Months ago
This user has been denied support. This user has been denied support.
(2014-12-05, 09:54 AM)Beautiful Wrote:
(2014-12-04, 11:44 PM)Destroy666 Wrote: It's because you're using http:// instead of https:// in your Board URL setting ( ACP -> Configuration -> Site Details). Change it.

And to force https, just add a rule in .htaccess:
http://stackoverflow.com/a/4399158

Why do you we have to set url there?

Im leaving it blank and my site works both ssl and non-ssl

Because MyBB sets every resource as the absolute url, who knows why.

Also OP is behind CloudFlare so I don't see why he doesn't use page rules to forward the http to https and sets the SSL to flexible that is now free thus letting cloudflare deal with the https for him.
Beep Boop          
                                          ~ RIP Server 2014-2014
Reply
#17
Solved: 7 Years, 8 Months ago
YEAH! Fu**! Big Grin ALL WORK!

OK to the point... how to solve this problem? My theory.

SSL is cloudflare, but it does not have the server (cert ssl)

example:
server {
  listen 80;

  server_name omland.pl www.omland.pl;

  return 301 https://omland.pl$request_uri;
}

server {
  listen 443 default_server ssl;

  server_name omland.pl www.omland.pl;

  access_log /home/omland/log/access.log;  
  error_log /home/omland/log/error.log;
  root /home/omland/www;

  index index.php index.html index.htm;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RS​A+RC4:!MD5;
  ssl_prefer_server_ciphers on;  

  # deny access to apache .htaccess files
  location ~ /\.ht
  {
      deny all;
  }

  # use fastcgi for all php files
  location ~ \.php$
  {
      fastcgi_pass 127.0.0.1:9000;
      fastcgi_index index.php;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      include fastcgi_params;
  }
}

nginx no have path to cert ssl and read only 80 port, ssl forced cloudflare and serwer nginx is looped

thinking nginx:
first: hey first open normal website
second: hmm my admin redirect tells all on ssl! oh no!
third: ok i redirect to SSL 443 but no have ssl wtf? service must me online and fast redirect to 80 (http)
four: oh no go ssl, go ssl! (" return 301 https://omland.pl$request_uri;")
and loop

I have solution! (The darkest place is under the candlestick...)

Link: https://www.youtube.com/watch?v=2fF-myZz...e=youtu.be

Good luck and BIG thank you!
Reply
Jump to the post that solved this thread.


Forum Jump:


Users browsing this thread: 1 Guest(s)