I'm new in the web servers world, i wan't my site to serve https only (for both IPV4 & IPV6) so i implemented the following steps,
sudo certbot --nginx certonly -d maarath.com -d www.maarath.com
4.manually configure my site configuration file in the etc/nginx/site-available/main like below ,
server {
listen 80 ;
listen [::]:80 ;
root /var/www/main/;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name maarath.com www.maarath.com;
location / {
try_files $uri $uri/ =404;
}
# HTTPS
listen 443 ssl;
server_name maarath.com www.maarath.com;
ssl_certificate /etc/letsencrypt/live/maarath.com/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/maarath.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
#deny access to .htaccess files, if Apache's document root
#concurs with nginx's one
location ~ /\.ht {
}
}
The issue is my site still not secure after all the above steps, did i miss something or did it wrong ? any help would be much appreciated .
Fist off, I believe your config is missing the second server {
right under # HTTPS
Just to get that right, your website https://maarath.com
throws an SSL Error? Because from my perspective it works just fine. Or do you mean that http
is not redirected to https
?
If that's the case add
return 301 https://maarath.com$request_uri;
To your first server block. Right above
server_name ...
This should automatically redirect all requests from http
to https
.