I'm new in the web servers world, i wan't my site to serve https only (for both IPV4 & IPV6) so i implemented the following steps,
sudo certbot --nginx certonly -d maarath.com -d www.maarath.com
4.manually configure my site configuration file in the etc/nginx/site-available/main like below ,
server {
listen 80 ;
listen [::]:80 ;
root /var/www/main/;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name maarath.com www.maarath.com;
location / {
try_files $uri $uri/ =404;
}
# HTTPS
listen 443 ssl;
server_name maarath.com www.maarath.com;
ssl_certificate /etc/letsencrypt/live/maarath.com/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/maarath.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
#deny access to .htaccess files, if Apache's document root
#concurs with nginx's one
location ~ /\.ht {
}
}
The issue is my site still not secure after all the above steps, did i miss something or did it wrong ? any help would be much appreciated .
Fist off, I believe your config is missing the second server { right under # HTTPS
Just to get that right, your website https://maarath.com throws an SSL Error? Because from my perspective it works just fine. Or do you mean that http is not redirected to https?
If that's the case add
return 301 https://maarath.com$request_uri;
To your first server block. Right above
server_name ...
This should automatically redirect all requests from http to https.