Enable SSL for a specific directory?

TECK nginx-forum at nginx.us
Sat Nov 19 18:46:54 UTC 2011


Hi,

I'm trying to enable SSL for a specific directory only. In other words,
the / directory is not encrypted, while the /protected is.

server {
	listen				192.168.1.2:80 default_server;
	server_name			www.domain.com;
	root				/var/www/html;

	location / {
		try_files		$uri $uri/ index.php?q=$uri&$args;
	}

	location /protected/ {
		rewrite ^		https://www.domain.com$request_uri? permanent;
	}

	...
}

server {
	listen				192.168.1.2:443 ssl;
	server_name			www.domain.com;
	root				/var/www/html;

	location / {
		rewrite ^		http://www.domain.com$request_uri? permanent;
	}

	location /protected/ {
		try_files		$uri $uri/ /index.php?q=$uri&$args;
	}

	...
}

Right now, I get a slashed https into browser, with the message:
Your connection to www.domain.com is encrypted with 256-bit encryption.
However, this page includes other resources which are not secure. These
resources can be viewed by others while in transit and can be modified
by an attacker to change the behavior of the page.

The /protected directory is a "virtual" one that does not exist in
reality. It is created by /index.php with some SEO technique.
In real life, the URL format is: index.php?protected

Thanks for your help.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,218610,218610#msg-218610



More information about the nginx mailing list