Enable SSL for a specific directory?

António P. P. Almeida appa at perusio.net
Sat Nov 19 22:34:02 UTC 2011


On 19 Nov 2011 18h46 WET, nginx-forum at nginx.us wrote:

> Hi,
>
> I'm trying to enable SSL for a specific directory only. In other
> words, the / directory is not encrypted, while the /protected is.
>
> server {
> 	listen				192.168.1.2:80 default_server;
> 	server_name			www.domain.com;
> 	root				/var/www/html;
>
> 	location / {
> 		try_files $uri $uri/ index.php?q=$uri&$args;
> 	}
>
> 	location /protected/ {
> 		rewrite ^ https://www.domain.com$request_uri?
> 		permanent;
> 	}
>
> 	...
> }
>
> server {
> 	listen				192.168.1.2:443 ssl;
> 	server_name			www.domain.com;
> 	root				/var/www/html;
>
> 	location / {
> 		rewrite ^ http://www.domain.com$request_uri?
> 		permanent;
> 	}
>
> 	location /protected/ {
> 		try_files $uri $uri/ /index.php?q=$uri&$args;
> 	}
>
> 	...
> }

Define a vhost for SSL that has all the same locations, meaning static
resources and such. Then do on the HTTP host.

location ^~ /protected {
   return 301 http://www.domain.com$request_uri;
}

On the SSL host:

location / {
   return 301 http://www.domain.com$request_uri;
}

location ^~ /protected {
   try_files $uri $uri/ /index.php?q=$uri&$args;
}

--- appa



More information about the nginx mailing list