Rather by accident I discovered this was not working on the site. I know it used to work, but when the old certificate expired last year I was on holiday in The States, and had a panic trying to disable https, (to keep the site up until I got back and bought a new cert). So I’m guessing its been broken since then.
Solution
I spent about two days looking at forums about how to do this, and every time I edited the NGINX default file, the site stopped working. In the end I found one post in the middle of a discussion about this and that was the ONLY solution that worked for me.
Paste the following WITHIN your server block.
[box]
# Force HTTP to HTTPS Redirection (Entire Site)
if ($scheme != "https") {
rewrite ^ https://$host$uri permanent;
}
[/box]
Related Articles, References, Credits, or External Links
The certificate here at PNL expired over the weekend, I got a new one and installed it. All appeared to be fine until I did an online check to make sure it was OK.
The server’s certificate chain is incomplete
Solution
I had this problem once before, back then I was using Apache and CentOS7, and things were a little different, (now I’m using NGINX and Ubuntu 18.04). Essentially you see this error because you have bought a ‘cheap‘ SSL certificate. There’s nothing wrong with that per se, but they tend to be issued from an ‘Intermediate CA‘. Again there’s nothing wrong with that either, but to improve your score you need to ‘Embed‘ the intermediate certificate, into your SSL certificate, (or all the intermediates back to a Root CA Server, if you have multiple intermediate certificates!)
Here I have ONE intermediate, (which is pretty normal.)
There a no special tools you require to be able to do this, other than a simple text editor, you open your SSL certificate and ‘Paste” the intermediate certificate on the bottom. (DO NOT ADD ANY EXTRA SPACES). Like so;
Note: As you can see, you DON’T put the Root CA certificate at the bottom, (clients should already have them!) I made this mistake then got the following error;
[box]
Jun 23 14:12:29 localhost nginx[1197]: nginx: [emerg] PEM_read_bio_X509("/etc/nginx/ssl/www_petenetlive_com.crt") failed (SSL: error:0906D066:PEM routines:PEM_read_bio:bad end line)
Jun 23 14:12:29 localhost nginx[1197]: nginx: configuration file /etc/nginx/nginx.conf test failed
[/box]
Retry your test.
Related Articles, References, Credits, or External Links
A few weeks ago I did a series on setting up a new WordPress site, shortly after I had some problems uploading my caching plugin (wp-rocket). This was the error I got;
413 Request Entity Too Large
nginx/1.10.3 (Ubuntu)
Anyway, I fixed the error, and a few days later I got an email from someone with the same problem, so I thought this time I would document the fix.
Solution
Note: I’m going to raise the limits to 100Mb this might be far to large for you, 20 or 50Mb might be more sensible for most sites.
Firstly you need to make an entry in the nginx.conf file
[box]sudo nano /etc/nginx/nginx.conf[/box]
If you’re unused to working in these config files, you are looking for the http section, just before this sections ends (i.e. before the end curly bracket ‘}’), insert the following text.
[box]client_max_body_size 100M;[/box]
Exit and Save the file (ctrl+x, then ‘y’ {Enter}.
Restart nginx.
[box]sudo service nginx restart[/box]
You will also need to enter the new values in the php.ini file.
[box]sudo nano /etc/php/7.0/fpm/php.ini[/box]
Change the following values, like so;
upload_max_filesize = 100M
post_max_size = 100M
Exit and save the file, then restart PHP.
[box]sudo service php7.0-fpm restart[/box]
Related Articles, References, Credits, or External Links
Now the test if the web server is up and running, get the IP address (ifconfig), and browse to the IP address and you should see the nginx welcome page.
Note: If you get a 403 error, issue a ‘cp index.nginx-debian.html index.html‘ command and try again.
sudo systemctl start php7.0-fpm
systemctl status php7.0-fpm
[/box]
Now to enable nginx to pass information to the FastCGI server (allows php scripts to be executed outside the web server). Your nginx install should be taking its settings from a configuration file ‘/etc/nginx/sites-enabled/default’. To make sure execute an ‘nginx -t’ command. We need to edit that file.
Note: Below you will want to change the values in red to match your server, and the values in blue are optional. You can remove all the contents of the existing file and paste in the following.
# Default server configuration
server {
listen 80 default_server;
listen [::]:80 default_server;
# Set The Root Directory for the Entire Website
root /var/www/html/;
# Adding index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
# Add The Server IP Address or FQDN
server_name 123.123.123.12;
# Auto Remove and re-write .htm from requests (to maintain old back-links)
rewrite ^(/.*)\.htm(\?.*)?$ $1$2 permanent;
# The following does the WordPress Rewrites for the permalinks
location / {
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
}
# Allow the user to Cache Static files for 1 year
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
}
}
[/box]
Now save and exit the file, make sure its ok by running;
[box]nginx -t[/box]
Providing it says ‘successful’ restart nginx.
[box]sudo systemctl reload nginx[/box]
Testing PHP7 Works
Make sure we are up and running on version 7.
[box]php –version[/box]
Now just to be sure we are going to create a test page, put in some PHP and make sure it works.
Create a file;
[box]sudo nano /var/www/html/test.php[/box]
Pete in the following;
[box]<?php phpinfo(); ?>[/box]
Save and exit the file, then browse to http://{ip-address}/test.php it should look something like the image below.
It’s considered bad practice to have that file on the server, so lets delete it with the following command;
[box]sudo rm /var/www/html/test.php[/box]
That’s us with a fully functioning nginx web server thats processing PHP, in part three we will install WordPress, connect it to the database we made easier, and then you will be ready to start posting.
Related Articles, References, Credits, or External Links