P
P
Pista2021-10-31 20:05:11
Nginx
Pista, 2021-10-31 20:05:11

Why does Cloudflare get error 520 when accessing via http, although according to Nginx rules, redirect to https is configured?

Please tell me, if the Automatic HTTPS Rewrites setting is OFF, then the domain gives a 520 error when accessing the domain via http, the redirect to https using NGINX does not work, although I wrote the rule in the config.

The domain runs behind CloudFlare, the server has a self-signed certificate.

Domain config:

server {
    listen 80;
    return 301 https://$host$request_uri;
}
server
{ 
  listen 443 ssl http2;
   
  server_name domen.ru;
    ssl_certificate /var/www/ssl/cert.pem; 
    ssl_certificate_key /var/www/ssl/privkey.pem; 
    ssl_dhparam /var/www/ssl/dhparam.pem;    

# intermediate configuration
     ssl_session_timeout 1d;
    ssl_session_cache   shared:SSL:10m;
    
  # intermediate configuration
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers off;
  # HSTS (ngx_http_headers_module is required) (63072000 seconds)
    add_header Strict-Transport-Security "max-age=63072000" always;
  
           




  root /var/www/html/domen.ru;
access_log  /dev/null;
error_log /dev/null;
    error_page 404 = /;
include /root/nginx_user_locations.conf;

  location /backup/
  {
    access_log off;
    log_not_found off;
    return 404;
  }

  location /wp-content/plugins/d
  {
    access_log off;
    log_not_found off;
    return 404;
  }

  location /wp-content/plugins/d/d.php
  {
    access_log off;
    log_not_found off;
    return 404;
  }


  location ~ /\.
  {
    access_log off;
    log_not_found off;
    deny all;
  }

  location = /favicon.ico
  {
    root /var/www/html/domen.ru;
    expires max;
    access_log off;
    log_not_found off;
  }

  location = /robots.txt
  {
    try_files $uri $uri/ /index.php?$args;
    access_log off;
    log_not_found off;
  }

  location ~* \.(js|css|png|jpg|jpeg|gif|ico)$
  {
    expires max;
    fastcgi_hide_header "Set-Cookie";
    log_not_found off;
  }

  location ^~ /wp-includes/
  {
    root /var/www/wp;
    location ~ \.php$
    {
      fastcgi_pass php;
      include fastcgi.conf;
      include fastcgi_params;
    }
  }

  location = /wp-admin { rewrite ^(.+)$ /wp-admin/ permanent; }
  location ^~ /wp-admin/
  {
    root /var/www/wp;
    location ~ \.php$
    {
      fastcgi_pass php;
      include fastcgi.conf;
      include fastcgi_params;
      fastcgi_param DOCUMENT_ROOT /var/www/html/domen.ru;
    }
  }

  location = /
  {
    root /var/www/wp;
    fastcgi_pass php;
    include fastcgi.conf;
    include fastcgi_params;
    fastcgi_param DOCUMENT_ROOT /var/www/html/domen.ru;
  }

  location /
  {
    try_files $uri $uri/ /index.php?$args;
  }

  location ~ \.php$
  {
    try_files $uri $uri/ @php_wp;

    root /var/www/html/domen.ru;
    fastcgi_pass php;
    include fastcgi.conf;
    include fastcgi_params;
    fastcgi_param DOCUMENT_ROOT /var/www/html/domen.ru;
  }

  location @php_wp
  {
    try_files $uri = 404;

    root /var/www/wp;
    fastcgi_pass php;
    include fastcgi.conf;
    include fastcgi_params;
    fastcgi_param DOCUMENT_ROOT /var/www/html/domen.ru;
  }
error_page 500 501 502 503 504 505 =200 /50x.html;
location = /50x.html {
   root /etc/nginx;
}
}

msedge_vaaMAxD1TS.png

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
AUser0, 2021-10-31
@Pista

You only have a permanent redirect of all HTTP requests to the HTTPS address of the site. The 520th error indicates an incomprehensible response from your server to Cloudflare's server, perhaps just because of a self-signed (unauthenticated) certificate. Set up Nginx logs and study what it says there... You can get a certificate from Let's Encrypt for free.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question