A
A
Alexey Petukhov2016-08-06 00:25:04
Nginx
Alexey Petukhov, 2016-08-06 00:25:04

Https + nginx after editing the config under https, the site breaks down (some content is not loaded), what should I do?

I'm new to this area and have very little experience.
The window does not load after switching to https
ET6xwo.png
in the admin panel, the content (templates and css) is not loaded
2uqyha.pngStandard config, without https support (all windows are loaded):

server {
    listen 62.210.58.250:80;
    server_name wvportal.net www.wvportal.net;
    root /home/admin/web/wvportal.net/public_html;
    index index.php index.html index.htm;
    access_log /var/log/nginx/domains/wvportal.net.log combined;
    access_log /var/log/nginx/domains/wvportal.net.bytes bytes;
    error_log /var/log/nginx/domains/wvportal.net.error.log error;
    location / { try_files $uri $uri/ /index.php;
        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires max;
        }
        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return 404;
            }
            fastcgi_pass 127.0.0.1:9002;
            fastcgi_index index.php;
            include /etc/nginx/fastcgi_params;
        }
    }
    error_page 403 /error/404.html;
    error_page 404 /error/404.html;
    error_page 500 502 503 504 /error/50x.html;
    location /error/ {
        alias /home/admin/web/wvportal.net/document_errors/;
    }
    location ~* "/\.(htaccess|htpasswd)$" {
        deny all;
        return 404;
    }
 }

Config after connecting https (did according to the instructions: habr.ru/p/306128/):
server {
        listen 80;
        server_name wvportal.net  www.wvportal.net;
        return 301 https://wvportal.net$request_uri;


   

    }



server {
        listen 443 ssl http2;
        server_name wvportal.net  www.wvportal.net;
        ssl on;
         ssl_certificate /etc/letsencrypt/live/wvportal.net/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/wvportal.net/privkey.pem;


        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
        ssl_prefer_server_ciphers On;
        ssl_protocols TLSv1.1 TLSv1.2;

ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';


 add_header Strict-Transport-Security max-age=15768000;

ssl_stapling on;
ssl_session_timeout 1d;

 ssl_stapling_verify on;



root        /home/admin/web/wvportal.net/public_html;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/wvportal.net.log combined;
    access_log  /var/log/nginx/domains/wvportal.net.bytes bytes;
    error_log   /var/log/nginx/domains/wvportal.net.error.log error;


 location / {

try_files $uri $uri/ /index.php;

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass    127.0.0.1:9002;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
        }
    }


    error_page  403 /error/404.html;
    error_page  404 /error/404.html;
    error_page  500 502 503 504 /error/50x.html;

    location /error/ {
        alias   /home/admin/web/wvportal.net/document_errors/;
    }

    location ~* "/\.(htaccess|htpasswd)$" {
        deny    all;
        return  404;
     }

    include     /etc/nginx/conf.d/phpmyadmin.inc*;
    include     /etc/nginx/conf.d/phppgadmin.inc*;
    include     /etc/nginx/conf.d/webmail.inc*;

    include     /home/admin/conf/web/nginx.wvportal.net.conf*;
}

Answer the question

In order to leave comments, you need to log in

5 answer(s)
N
Nazar Mokrinsky, 2016-08-06
@nazarpc

The first thought that should come to your mind is F12, not Toaster

A
Andrey Shatokhin, 2016-08-06
@Sovigod

Open the console in a browser and look at the errors. Most likely you have links to js files via http. And the browser allows you to download from https only.

#
#algooptimize #bottize, 2016-08-06
@user004

Well, gain experience, and then freelance.

L
Lindon_cano, 2016-08-06
@Lindon_cano

Some of the content is hardcoded that it needs to be taken via http, look in the browser console which resources are loaded in this way and edit the site (CMS settings or code).

Z
zooks, 2016-08-06
@zooks

Fight mixed content:
https://developer.mozilla.org/en/docs/Security/Mix...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question