Rewrite non-ssl to ssl except for given location

Adnan RIHAN adnan at rihan.fr
Sun Apr 15 16:16:19 UTC 2012 

@Jonathan: okok

Here is the known but can't be touched vhost file:
> #################################################################
> ########### Vhost configuration of  example.com
> #################################################################
> server {
> access_log off;
> error_log  logs/vhost-error_log warn;
> listen    80;
> server_name  example.com www.example.com;
> location ~* ^.+.(jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|iso|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|mp3|ogv|ogg|flv|swf|mpeg|mpg|mpeg4|mp4|avi|wmv|js|css)$ {
> expires 24h;
> root /home/example/public_html;
> error_page  404 = @apache;
> access_log /usr/local/apache/domlogs/example.com;
> log_not_found  off;  
> }  
> location ~ /\.ht {
>           deny all;
> }
>  
> location / {
> log_not_found  off;
>  
>   client_max_body_size    2000m;
>   client_body_buffer_size 512k;
>   proxy_send_timeout   90;
>   proxy_read_timeout   90;
>   proxy_buffer_size    32k;
>   proxy_buffers     16 32k;
>   proxy_busy_buffers_size 64k;
>   proxy_temp_file_write_size 64k;
>   proxy_connect_timeout 30s;
>  
>         proxy_redirect  http://www.example.com:8888   http://www.example.com;
>         proxy_redirect  http://example.com:8888   http://example.com;
>         proxy_pass   http://87.98.132.48:8888/;
>         proxy_set_header   Host   $host;
>         proxy_set_header   X-Real-IP  $remote_addr;
>         proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
>         }
> location @apache {
> internal;
>  
>   client_max_body_size    2000m;
>   client_body_buffer_size 512k;
>   proxy_send_timeout   90;
>   proxy_read_timeout   90;
>   proxy_buffer_size    32k;
>   proxy_buffers     16 32k;
>   proxy_busy_buffers_size 64k;
>   proxy_temp_file_write_size 64k;
>   proxy_connect_timeout 30s;
>  
>         proxy_redirect  http://example.com:8888   http://example.com;
>         proxy_pass   http://87.98.132.48:8888;
>         proxy_set_header   Host   $host;
>         proxy_set_header   X-Real-IP  $remote_addr;
>         proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
>         }
> include "/etc/cpnginx/custom/example.com";
> }


The only file I can modify is this one: /etc/cpnginx/custom/example.com

For forcing SSL, here is what I wrote in the custom file:

> root at shadow [/etc/cpnginx/custom]# cat example.com  
> rewrite ^/(.*) https://$host/$1 permanent;

I've also changed my signature ;)
--  
Cordialement, Adnan RIHAN.
Président-Fondateur de l'association (de loi 1901) Virtual-Info (http://www.virtual-info.info/), hébergeur Web et Serveurs de Jeux.
Consultant (http://rihan.fr/)-Technicien Supérieur en Informatique de Gestion.
Ambassadeur Qt (http://lyt.me/7E) (Projet Tag-PG (http://rihan.fr/fr/projets/tagpg)).


Le dimanche 15 avril 2012 à 17:42, Jonathan Matthews a écrit :

> On 15 April 2012 16:32, Adnan RIHAN <adnan at rihan.fr (mailto:adnan at rihan.fr)> wrote:
> > location / {
> > return 301 https://$host$request_uri;
> > }
> > location = /includes/api.php {
> > ...
> > }
> >  
> > The problem is that I'm on a web hosting service which allow s customers to
> > edit an included config file.
> >  So, "location /" is a duplicate :/
> >  
> > Isn't there a way to write "location [not matching] /includes/api.php {}" ?
>  
> The method mentioned above *is* the canonical way to do that. It's in
> the docs somewhere.
>  
> Anything else will be a hack of some kind, strongly influenced by your
> specific nginx setup. You'll need to give more complete information
> about the nuances of the shared hosting setup in order for someone to
> work out if there's a way to achieve what you want to.
>  
> > ---
> > Cordialement, Adnan RIHAN.
> > Président-Fondateur de l'association (de loi 1901) Virtual-Info, hébergeur
> >  
>  
>  
> You have the wrong signature separator here. It's not "---"
> (dash-dash-dash), it's "-- " (dash-dash-space).
>  
> Jonathan
> --  
> Jonathan Matthews
> Oxford, London, UK
> http://www.jpluscplusm.com/contact.html
>  
> _______________________________________________
> nginx mailing list
> nginx at nginx.org (mailto:nginx at nginx.org)
> http://mailman.nginx.org/mailman/listinfo/nginx
>  
>  


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120415/20705939/attachment-0001.html>

More information about the nginx mailing list