Created
April 16, 2016 03:06
-
-
Save gdamdam/a4da3035469d4d40618710c6ad75d0ad to your computer and use it in GitHub Desktop.
NGINX: Reverse Proxy SSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## redirect http to https | |
server { | |
listen 0.0.0.0:80; | |
server_name YOUR_DOMAIN; | |
rewrite ^ https://$http_host$request_uri? permanent; # force redirect http to https | |
} | |
## https | |
server { | |
listen 443; | |
root /var/www/demo; | |
index index.html index.htm; | |
server_name YOUR_DOMAIN; | |
ssl on; | |
ssl_certificate /opt/keys/STRING.combined.crt; | |
ssl_certificate_key /opt/keys/STRING.nopassword.key; | |
location / { | |
# First attempt to serve request as file, then | |
# as directory, then fall back to displaying a 404. | |
try_files $uri $uri/ =404; | |
# Uncomment to enable naxsi on this location | |
# include /etc/nginx/naxsi.rules | |
} | |
location /btserver { | |
# rewrite ^/STRING_URL/(.*) /$1 break; # rewrite the url if necessary | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
# Fix the “It appears that your reverse proxy set up is broken" error. | |
proxy_pass http://localhost:PORT; # proxy target | |
proxy_read_timeout 90; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment