Easy SSL redirection for select folders in nginx
Tags:I have many various web applications installed on my server; some of them need to be wrapped in a secure connection, while it is less important (or meaningless) for others. For those applications whose security I am concerned about, I've developed an easy way to force nginx to serve the application over an SSL connection. The method involves creating empty foldername.ssl
files in a specific location, and then comparing the base folder name of an HTTP request against these file names. If there is a match, the connection is redirected to an https://
URL.
The following nginx location
configuration directive will provide this behavior:
location / {
# force ssl
location \~ ^/([^/]+)(/.*)? {
if (-f /var/www/$1.ssl) {
rewrite ^(.*)$ https://myserver.com$1 permanent;
break;
}
}
}
```
Consider this scenario: You have *phpMyAdmin* installed under
`/var/www/phpmyadmin`, and you keep your `*.ssl` files in `/var/www`
(though you could just as easily place them elsewhere, perhaps outside
of the document root). You would just create the `phpmyadmin.ssl` file:
```shell
touch /var/www/phpmyadmin.ssl
nginx's location
directive listed above will match /phpmyadmin
from the URL to /var/www/phpmyadmin.ssl
. Since that file does exist, nginx will redirect the request to an HTTPS version.
This may seem like a fairly benign feature to add–and for the most part, it is–but if you've got a ton of web applications running under one domain name (i.e., in order to save money on SSL certificates), it can be a godsend.
Posted: