Results 1 to 3 of 3

Thread: nginx + varnish + apache + SSL ( working fine )

  1. #1
    Join Date
    Oct 2016
    Posts
    2

    Cool nginx + varnish + apache + SSL ( working fine )

    how use varnish with SSL (HTTPS) in directadmin :

    1. Install NGINX+Apache+php-fpm

    2. Install Varnish 6

    download :
    http://varnish-cache.org/
    https://packagecloud.io/varnishcache

    Code:
    yum install epel-release
    yum install varnish
    3. change ram usage :

    in file : /etc/varnish/varnish.params
    default is 256m

    4. Copy files :

    /usr/local/directadmin/data/templates/nginx_server.conf
    /usr/local/directadmin/data/templates/nginx_server_sub.conf
    /usr/local/directadmin/data/templates/nginx_server_secure.conf
    /usr/local/directadmin/data/templates/nginx_server_secure_sub.conf

    to folder :

    /usr/local/directadmin/data/templates/custom/

    Modify the files in folder :

    /usr/local/directadmin/data/templates/custom/

    in files : nginx_server.conf & nginx_server_sub.conf changes is :

    Code:
    proxy_pass http://|IP|:|PORT_8080|;
    to

    Code:
    proxy_pass http://|IP|:6081;
    and in files : nginx_server_secure.conf & nginx_server_secure_sub.conf changes is :

    Code:
    proxy_pass http://|IP|:|PORT_8081|;
    proxy_set_header X-Client-IP      $remote_addr;
    proxy_set_header X-Accel-Internal /nginx_static_files;
    proxy_set_header Host             $host;
    proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_hide_header Upgrade;
    to

    Code:
    proxy_pass http://|IP|:6081;
    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port 443;
    proxy_set_header Host $host;
    6. Rewrite nginx virtual hosts: (ssh code)

    Code:
    echo "action=rewrite&value=nginx" >> /usr/local/directadmin/data/task.queue
    /usr/local/directadmin/dataskq
    7. restart PHP & APACHE & NGINX & VARNISH and enable chkconfig varnish

    in centos 6 : (for example php 7.2 = php-fpm72 )

    Code:
    service php-fpm72 restart
    service httpd restart
    service nginx restart
    service varnish restart
    chkconfig --add varnish
    chkconfig varnish on


    in centos 7 : (for example php 7.2 = php-fpm72 )


    Code:
    systemctl restart php-fpm72
    systemctl restart httpd
    systemctl restart nginx
    systemctl restart varnish
    systemctl enable varnish

    8. for loop errors in some cms :

    in wordpress : (for use https)

    insert this code in file wp-config.php : (above of "/* That's all, stop editing! Happy blogging. */ " )

    Code:
    if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
     $_SERVER['HTTPS']='on';
    in magento : (for use https)

    Add this to your the Magento .htaccess file located in your docroot

    Code:
    SetEnvIf X-Forwarded-Proto https HTTPS=on
    9. test working :

    Code:
    curl -I https://yoursite.com
    you should see: "via: 1.1 varnish (Varnish/6.0)"


    enjoy speed


    if you want to remove varnish :

    remove this files :

    /usr/local/directadmin/data/templates/custom/nginx_server.conf
    /usr/local/directadmin/data/templates/custom/nginx_server_sub.conf
    /usr/local/directadmin/data/templates/custom/nginx_server_secure.conf
    /usr/local/directadmin/data/templates/custom/nginx_server_secure_sub.conf


    and rewrite virtual hosts:

    Code:
    echo "action=rewrite&value=nginx" >> /usr/local/directadmin/data/task.queue
    /usr/local/directadmin/dataskq
    in centos 6 :

    Code:
    service php-fpm72 restart
    service httpd restart
    service nginx restart


    in centos 7 :

    Code:
    systemctl restart php-fpm72
    systemctl restart httpd
    systemctl restart nginx
    Code:
    yum remove varnish

  2. #2
    Join Date
    Jun 2016
    Posts
    3
    Thanks for this helpful tutorial,
    but I have a problem , after applying this changes I faced with infinite loop
    any advice ?

  3. #3
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,939
    An infinite loop (besides already mentioned by the TS) might occur if you detect HTTP in .htaccess and redirects to HTTPS using mod_rewrite.

    You should check and update mod_rewrite rules in .htaccess to rely on X-Forwarded-Proto:

    Code:
    RewriteEngine On
    RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    You might try and add:

    Code:
    <IfModule setenvif_module>
        SetEnvIf X-Forwarded-Proto "^https$" HTTPS=on
        SetEnvIf X-Forwarded-Proto "^https$" X_SERVER_PORT=443
        SetEnvIf X-Forwarded-Proto "^https$" X_REQUEST_SCHEME=https
    </IfModule>
    into /etc/httpd/conf/extra/httpd-includes.conf and restart Apache.
    Regards, Alex G.

    - You can hire me on www.poralix.com to work on your server
    - Follow and like @Poralix on Facebook

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •