Rewrite non-ssl to ssl except for given location
Adnan RIHAN
adnan at rihan.fr
Sun Apr 15 17:16:04 UTC 2012
By the way,
rewrite ^/(?!includes/api\.php) https://$http_host$uri?$args;
Is working weeeell, thank you :)
--
Cordialement, Adnan RIHAN.
Président-Fondateur de l'association (de loi 1901) Virtual-Info (http://www.virtual-info.info/), hébergeur Web et Serveurs de Jeux.
Consultant (http://rihan.fr/)-Technicien Supérieur en Informatique de Gestion.
Ambassadeur Qt (http://lyt.me/7E) (Projet Tag-PG (http://rihan.fr/fr/projets/tagpg)).
Le dimanche 15 avril 2012 à 18:50, Jonathan Matthews a écrit :
> On 15 April 2012 17:16, Adnan RIHAN <adnan at rihan.fr (mailto:adnan at rihan.fr)> wrote:
> > @Jonathan: okok
> >
> > Here is the known but can't be touched vhost file:
> >
> > #################################################################
> > ########### Vhost configuration of example.com (http://example.com)
> > #################################################################
> > server {
> > access_log off;
> > error_log logs/vhost-error_log warn;
> > listen 80;
> > server_name example.com www.example.com (http://www.example.com);
> > location ~*
> > ^.+.(jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|iso|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|mp3|ogv|ogg|flv|swf|mpeg|mpg|mpeg4|mp4|avi|wmv|js|css)$
> > {
> > expires 24h;
> > root /home/example/public_html;
> > error_page 404 = @apache;
> > access_log /usr/local/apache/domlogs/example.com (http://example.com);
> > log_not_found off;
> > }
> > location ~ /\.ht {
> > deny all;
> > }
> >
> > location / {
> > log_not_found off;
> >
> > client_max_body_size 2000m;
> > client_body_buffer_size 512k;
> > proxy_send_timeout 90;
> > proxy_read_timeout 90;
> > proxy_buffer_size 32k;
> > proxy_buffers 16 32k;
> > proxy_busy_buffers_size 64k;
> > proxy_temp_file_write_size 64k;
> > proxy_connect_timeout 30s;
> >
> > proxy_redirect http://www.example.com:8888
> > http://www.example.com;
> > proxy_redirect http://example.com:8888 http://example.com;
> > proxy_pass http://87.98.132.48:8888/;
> > proxy_set_header Host $host;
> > proxy_set_header X-Real-IP $remote_addr;
> > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> > }
> > location @apache {
> > internal;
> >
> > client_max_body_size 2000m;
> > client_body_buffer_size 512k;
> > proxy_send_timeout 90;
> > proxy_read_timeout 90;
> > proxy_buffer_size 32k;
> > proxy_buffers 16 32k;
> > proxy_busy_buffers_size 64k;
> > proxy_temp_file_write_size 64k;
> > proxy_connect_timeout 30s;
> >
> > proxy_redirect http://example.com:8888 http://example.com;
> > proxy_pass http://87.98.132.48:8888;
> > proxy_set_header Host $host;
> > proxy_set_header X-Real-IP $remote_addr;
> > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> > }
> > include "/etc/cpnginx/custom/example.com (http://example.com)";
> > }
> >
> > The only file I can modify is this one: /etc/cpnginx/custom/example.com (http://example.com)
>
> I don't understand how this could ever work. The only entry point
> you've shown to the @apache location is if the URI's path ends in
> ".(jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|iso|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|mp3|ogv|ogg|flv|swf|mpeg|mpg|mpeg4|mp4|avi|wmv|js|css)"
>
> That doesn't include ".php", so I don't see how control of
> "/includes/api.php" ever hits the file you can amend.
>
> Assuming there's something I'm missing here and .php does in fact
> reach that file, here's how you might achieve what you want. It uses
> PCRE negative lookaheads, which I don't know definitely work inside
> nginx.
>
> rewrite ^/(?!includes/api\.php) https://$http_host$uri?$args;
>
> For what it's worth, I personally wouldn't use a host that enforced
> these restrictions on my configuration, like OVH appear to be doing
> here. It's *extremely* unpleasant.
>
> HTH,
> Jonathan
> --
> Jonathan Matthews
> Oxford, London, UK
> http://www.jpluscplusm.com/contact.html
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org (mailto:nginx at nginx.org)
> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120415/6c7d09e3/attachment-0001.html>
More information about the nginx
mailing list