Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vasily2016-10-21 02:10:45
linux
Vasily, 2016-10-21 02:10:45

Why does php-fpm stop working after installing ssl certificates and configuring https?

The problem is the following. I migrated the site to vps kvm, debian 8 x64, nginx 1.62. Before installing ssl and configuring https, everything worked almost like on a local server, but it was worth setting https, and that's it ....
The vasyldemianiuk.com page, I used the gettext library to translate the page, so all the text is in __( ) .
And, in order not to create a new topic: the question is, for some reason some fonts are not loading for me, both locally and online, what could be the reason for this?
And one more thing: even before installing ssl, the ERR_TOO_MANY_REDIRECTS error appeared, I had to comment out all sorts of error pages there and it worked, but this is a hack, not a solution, there must also be some kind of problem with the configs.
Page code https://github.com/WELES777/PORTFOLIO.git. According to server configuration:
Host configuration file /etc/nginx/sites-enabled/:

server {
           listen   80;
           server_name vasyldemianiuk.com www.vasyldemianiuk.com;
            rewrite        ^ https://$server_name$request_uri? permanent;
           root /usr/share/nginx/www/vasyldemianiuk.com;
           index index.php;

          access_log  /usr/share/nginx/log/access.log combined;
          error_log   /usr/share/nginx/log/error.log;
          gzip on;
           gzip_disable "msie6";
          gzip_comp_level 6;
          gzip_min_length  1100;
          gzip_buffers 16 8k;
          gzip_proxied any;
          gzip_types text/plain application/xml
          application/javascript
          text/css

          text/xml
          application/x-javascript
          text/javascript
          application/json
          application/xml+rss;


#         location / {
#              return 301 $scheme://vasyldemianiuk.com$request_uri;
#                 try_files $uri $uri/ /index.php;
#          }

          error_page 404 /404.php;

#          error_page 500 502 503 504 /50x.php;
#         location = /50x.php {
#                root /usr/share/nginx/www/vasyldemianiuk.com;
#          }

          # pass the PHP scripts to FastCGI server listening on /var/run/php5-fpm.sock
          location ~ \.php$ {
                 try_files $uri =404;
#                 fastcgi_pass 127.0.0.1:9000;
                  fastcgi_pass unix:/var/run/php5-fpm.sock;
                  fastcgi_index index.php;
                  fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                  include fastcgi_params;

          }


  }
  server {
      listen  80;


      server_name pma.vasyldemianiuk.com www.pma.vasyldemianiuk.com;

      charset utf-8;


      access_log  /usr/share/nginx/log/pma.vasyldemianiuk.com_access.log combined;
      error_log   /usr/share/nginx/log/pma.vasyldemianiuk.com_error.log;


      root /usr/share/phpmyadmin;
      index index.php index.html index.htm;

      location / {
          try_files $uri $uri/ =404;
      }

      location ~ \.php$ {
          root /usr/share/phpmyadmin;
          proxy_read_timeout 61;
          fastcgi_read_timeout 61;
          try_files $uri $uri/ =404;
          fastcgi_pass unix:/var/run/php5-fpm.sock;
          fastcgi_index index.php;
          fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
          include fastcgi_params;
      }
  }

nginx configuration file /etc/nginx/nginx.conf: 
user www-data;
worker_processes 1;
pid /run/nginx.pid;

events {
  worker_connections 768;
  # multi_accept on;
}

http {

  ##
  # Basic Settings
  ##

  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout 65;
  types_hash_max_size 2048;
# Don't show server version on 404 error
  server_tokens off;

  # server_names_hash_bucket_size 64;
  # server_name_in_redirect off;

  include /etc/nginx/mime.types;
  #default_type application/octet-stream;
  default_type text/html;
  ##
  # SSL Settings
  ##

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
  ssl_prefer_server_ciphers on;

  ##
  # Logging Settings
  ##

  access_log /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;

  ##
  # Gzip Settings
  ##

  gzip on;
  gzip_disable "msie6";

  # gzip_vary on;
  # gzip_proxied any;
  # gzip_comp_level 6;
  # gzip_buffers 16 8k;
  # gzip_http_version 1.1;
  # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

  ##
  # Virtual Host Configs
  ##

  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-enabled/*;

}


#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
#   listen     localhost:110;
#   protocol   pop3;
#   proxy      on;
# }
#
# server {
#   listen     localhost:143;
#   protocol   imap;
#   proxy      on;
# }
#}
~

ssl configuration file 
#server
#
server {
#   Can't use http2, need nginx < 1.9.5
    listen       443 ssl;

    ssl_stapling on;
    ssl_stapling_verify on;
    add_header X-Content-Type-Options nosniff;
    server_name  vasyldemianiuk.com;

ssl_trusted_certificate /etc/ssl/nginx/ca.pem;
    ssl_certificate      /etc/ssl/nginx/nginx.crt;
    ssl_certificate_key  /etc/ssl/nginx/server.key;

    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout  5m;

    ssl_ciphers  "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH !RC4";
    ssl_prefer_server_ciphers   on;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    location / {
        root   /usr/share/nginx/www/vasyldemianiuk.com;
        index  index.php;
    }
}

Running processes:
e33eb478acad449e8c5f71eb9c2da390.png
Apache removed, php-fpn running. There were no problems installing ssl. I'm installing nginx for the first time, so if you have any advice about the configuration, even not related to the question, I will be very grateful.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
V
Vladimir, 2016-10-21
Demyanuk @WELES333

You have lost the location ~ \.php$ { block somewhere in the nginx ssl config
virtualhost description using ssl adds new directives and changes the port (compared to a virtualhost without ssl)

Report
A
Alexander Chernykh, 2016-10-21
@sashkets

some mess with configs. take a look at nginx config example
Switching to https in nginx

Similar questions
V
Vyacheslav Slinko2011-12-28 18:56:06
Avahi and OpenVZ 1Reply
V
violettaz02020-05-07 05:12:17
Setting up the package manager. Long loading. Why? 1Reply
D
DVoropaev2018-03-14 11:59:34
What can linux write to a flash drive? 1Reply
W
Wadik_Wadkovich2018-03-14 16:30:13
What are the options for deploying AD on Centos 6.6 using linux and windows machines? 1Reply
V
Vladimir2012-01-12 22:28:38
Unpacking a tar archive on the fly 5Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question