SSL Certificates
-
Hi Pete,
Funny you should ask for that .. was doing something similar for a client and it was just as easy to tut up the process:-
SSL 4 Nginx: eCommerce & Web App Protection
Have fun!
Posted 1 year ago # -
Pete
MemberAll or nothing!
So far I can setup an entire domain to use SSL or not.
What I am trying to do is setup only the admin and login portions for SSL.
I changed the /home/public_html/<domainname>/public/wp-config.php to force logins as SSL by adding:
define('FORCE_SSL_ADMIN', true);
But i cannot seem to properly configure http for normal traffic and https for logins/admin traffic
Lots of weird things happening such as one domain redirecting to another :)
Posted 1 year ago # -
Pete
MemberHave it working - with the following config.
server {
listen 80;
server_name <domainname>;
rewrite ^/(.*) http://<domainname>/ permanent;
}
server {
listen 80;
listen 443;
server_name <domainname>;
ssl on;
ssl_certificate /usr/local/nginx/conf/server.crt;
ssl_certificate_key /usr/local/nginx/conf/server.key;
access_log /home/public_html/<domainname>/log/access.log;
error_log /home/public_html/<domainname>/log/error.log;Posted 1 year ago # -
top-notch Pete .. good to hear
Posted 1 year ago # -
derek
MemberHi Guv;
I'm actually trying to do the same thing and ended up with an identical config file to Pete above. But the problem is that this also serves the entire domain as either http or https. Meaning that while this lets me go to http://mydomain.com and https://mydomain.com/wp-admin, I can also go to https://mydomain.com.I don't really care except for a) https breaks my cdn so on that version none of the graphics/css load, and b) I don't want to be penalized in Google for duplicate content. I set this up last night and overnight google had found the https version of the sitemap and started indexing it :-0.
I hashed out SSL in the config file this morning to prevent it from impacting my search results as I've heard that google will tend to prefer the https version of a page over the http version.
Is there a way to write the redirect so that only mydomain.com/wp-admin is served via ssl? Or maybe it's not anything to worry about and Google is now smart enough to figure this all out?
Thanks.
Posted 1 year ago # -
hi Derek, just make the path in your SSL virtual host file, as detailed in the tutorial, to point to the folder you want secured. it'll secure recursively, so through the specified folder tree.
as for Google .. to be honest I've no idea but it's probably best to play safe and eliminate duplicate content. (you can do this, AFAIK, at Google webmaster tools ass well.)
Posted 1 year ago # -
Derek .. let's go back a step .. what do you want to httpS and why?
I'm guessing you only want to secure the admin pages, no? (If so, damn good idea.) If so, you'll need a new server block (for 443) as shown in ..
http://vpsbible.com/security/ssl-nginx/
.. with the wp-admin location block within.
(that tutorial needs an off-shoot guide for this .. note to self!)
Posted 1 year ago # -
derek
MemberBingo. I'm looking to secure the admin pages and nothing else.
I've added the server block and have gotten that to function. But the problem is that it serves the entire website via either http or https. I only want the admin pages to be able to be served via https and the rest of the site to be served via http.
What I think I need to do is to enable the ssl server block and then enable a url rewrite from https to http for everything except for https://mydomain.com/wp-admin/*. I have no idea how to do this via nginx though.
Posted 1 year ago # -
i've not tried but daresay it would .. maybe you'd need to play with some wp-config SSL directives.
then again, wouldn't it be easier just to add a rewrite to point non-admin SSL to HTTP? I'd play with that first.
Derek, to save on possible downtime you may do well to toy with this on a virtual server at home, using say Virtualbox, using a LEMP config reflecting that of your VPS.
(.. another tutorial! but not so hard to set up .. great for testing site/svr upgrades.)
Posted 1 year ago # -
makke
MemberAll,
The SSL tutorial specifies how to set up SSL by generating the certificate on the sever. Can someone please post instructions for how to set up a purchased certificate from an outside source (GoDaddy in my case)? The certificate is composed of two parts: domain.com.crt and gd_bundle.crt. GoDaddy says that both must be used.
Thank you,
Michael
Posted 8 months ago # -
mcsmythe
MemberThis is why you and the smart folks of this community rock Guv!! I was researching how to install magento on Nginx LEMP stack. I also wanted to learn about setting up ssl certificates as well. If anyone is interested here is a decent tut (change path names accordingly) on trying to install Magento on Nginx LEMP for Debian stack on howtoforge
http://www.howtoforge.com/running-magento-1.6.0.0-on-nginx-lemp-on-debian-squeeze-ubuntu-11.04
Posted 1 month ago #
Reply
You must log in to post.
Want HTML?
a blockquote code em strong ul ol liPlace code between backticks `codeHere`
You've got it.