Enable SSL for a specific directory?
TECK
nginx-forum at nginx.us
Sat Nov 19 18:46:54 UTC 2011
Hi,
I'm trying to enable SSL for a specific directory only. In other words,
the / directory is not encrypted, while the /protected is.
server {
listen 192.168.1.2:80 default_server;
server_name www.domain.com;
root /var/www/html;
location / {
try_files $uri $uri/ index.php?q=$uri&$args;
}
location /protected/ {
rewrite ^ https://www.domain.com$request_uri? permanent;
}
...
}
server {
listen 192.168.1.2:443 ssl;
server_name www.domain.com;
root /var/www/html;
location / {
rewrite ^ http://www.domain.com$request_uri? permanent;
}
location /protected/ {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
...
}
Right now, I get a slashed https into browser, with the message:
Your connection to www.domain.com is encrypted with 256-bit encryption.
However, this page includes other resources which are not secure. These
resources can be viewed by others while in transit and can be modified
by an attacker to change the behavior of the page.
The /protected directory is a "virtual" one that does not exist in
reality. It is created by /index.php with some SEO technique.
In real life, the URL format is: index.php?protected
Thanks for your help.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,218610,218610#msg-218610
More information about the nginx
mailing list