11 June 2012

phpMyAdmin and nginx - The plain HTTP request was sent to HTTPS port

I've been trying for some hours now to force the phpMyAdmin location (in nginx) to https only. I managed to do it, but I need a reminder for the future so here it is.

1. Internal phpMyAdmin redirect
After you login, phpMyAdmin will redirect you to

$detected_scheme://$detected_url:$detected_port_if_it's_not_80/full_path/index.php

$detected_scheme - by default is http. It can be set to https (what i want) with the following 2 lines:
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;

$detected_url - www.your-domain.com or IP address
$detected_port_if_it's_not_80 - over https that's 443, but if $detected_scheme is not set, it will try to add port 443 at the end of $detected_url, which will generate the error "The plain HTTP request was sent to HTTPS port".

2. nginx redirect from http to https
A simple redirect will do it, i used this one:
location ^~ /wwpma/ {
rewrite ^ https://my_website/wwpma/ last;
}
The thing is, if you have set as a location for *.PHP scripts something like: "location ~\.php$" then this will catch the above as well, so the rewrite rule should be added here too. Simple example:
rewrite ^/wwpma/(.*)$ https://www.west-wing.ch/wwpma/$1 last;
As mentioned on the nginx wiki, the "location" directive supports couple of features:

location = / {
# matches the query / only.
}
location / {
# matches any query, since all queries begin with /, but regular
# expressions and any longer conventional blocks will be
# matched first.
}
location ^~ /images/ {
# matches any query beginning with /images/ and halts searching,
# so regular expressions will not be checked.
}
location ~* \.(gif|jpg|jpeg)$ {
# matches any request ending in gif, jpg, or jpeg. However, all
# requests to the /images/ directory will be handled by
# Configuration C.
}

1 comment: